Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e39312e342e302f32342d3234203d3e20313938323530.roa
File: 34352e39312e342e302f32342d3234203d3e20313938323530.roa (raw, json)
Hash identifier: 3+s9wslgTCAFVU8/zKepeeKoobXClKePMBPJdahJzjY=
Subject key identifier: 5A:6D:A7:F8:E4:22:23:6A:B2:7F:E0:74:16:7A:8D:8D:62:13:63:C0
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 247CD23AB0FD2F395C8A5862D54B835F980DD558
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e39312e342e302f32342d3234203d3e20313938323530.roa
Signing time: Fri 10 Apr 2026 12:19:24 +0000
ROA not before: Fri 10 Apr 2026 12:14:24 +0000
ROA not after: Fri 09 Apr 2027 12:19:24 +0000
asID: 198250
IP address blocks: 45.91.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 16:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:7c:d2:3a:b0:fd:2f:39:5c:8a:58:62:d5:4b:83:5f:98:0d:d5:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Apr 10 12:14:24 2026 GMT
Not After : Apr 9 12:19:24 2027 GMT
Subject: CN=5A6DA7F8E422236AB27FE074167A8D8D621363C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f8:94:c9:c7:af:3a:cc:1c:a3:d5:ec:ac:85:
f0:19:1e:ef:35:64:4e:7b:51:f4:bb:c5:cc:16:1d:
c4:73:27:e2:7a:0f:51:08:d6:b8:17:04:c5:55:6b:
11:2c:f7:e0:af:09:54:91:ef:e1:cb:f5:27:02:d4:
fc:a2:df:e8:d0:9e:39:b0:41:00:21:4f:b0:33:2d:
dc:fd:29:51:d2:bd:79:f6:53:e7:90:20:13:9f:20:
39:42:cd:0c:73:11:fb:fd:3e:f5:6b:cf:08:97:5d:
4c:50:86:f5:33:e9:57:6a:38:39:e5:49:d7:ec:41:
05:ae:b9:8c:2c:6a:a9:0a:68:f7:cf:a4:e7:8f:e9:
09:20:a3:fa:d3:05:dd:ad:ea:41:f0:47:dc:6d:95:
35:54:07:71:c0:03:a9:7a:2c:05:9b:bb:0a:4b:2b:
36:56:02:27:cc:8c:41:b4:ff:d7:04:28:cf:36:4c:
9b:c7:fd:b8:74:26:9e:b1:8a:e0:36:a6:1a:28:45:
43:08:60:46:40:31:4f:1c:b7:b8:39:3d:a1:54:e2:
c1:9c:33:15:ee:ff:09:ff:94:e6:f3:27:d9:fa:59:
0c:2d:bf:1c:78:9d:30:53:2a:dd:d9:57:fd:64:1b:
ba:48:3e:9c:39:dc:98:d9:ab:84:23:89:8b:c0:e8:
da:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6D:A7:F8:E4:22:23:6A:B2:7F:E0:74:16:7A:8D:8D:62:13:63:C0
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e39312e342e302f32342d3234203d3e20313938323530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.4.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:17:73:21:20:19:24:ba:9a:13:fe:4b:3f:43:e2:3f:3a:1f:
21:01:72:66:58:52:6e:ed:e9:9e:c4:bb:5a:c5:de:ed:63:c0:
4d:d0:ad:c5:5e:31:77:84:0f:25:ff:03:a8:21:b1:53:16:ed:
b9:42:bd:53:04:fe:04:5f:1b:72:2c:e2:a1:d0:09:a4:ad:5b:
e0:cf:63:68:92:e9:11:a7:d8:0f:7c:80:c9:45:de:1f:3c:ea:
0c:09:ed:13:92:12:8f:b0:ce:ff:d2:85:93:15:5c:1e:4f:11:
ff:8b:5a:41:2f:eb:9d:99:33:70:98:c9:2a:af:1c:6b:a8:a7:
f1:11:32:97:84:2d:0b:6e:28:70:42:bc:2f:49:c4:4e:a6:7e:
76:ef:43:6b:44:b7:23:a0:dc:d5:f7:29:45:f0:69:fb:19:b0:
93:dd:af:56:55:ac:fd:98:4e:f1:c6:d9:20:80:7b:8e:a7:f1:
8e:b7:0e:ef:d7:ce:69:63:34:cf:d7:01:87:90:68:93:29:99:
30:d7:3b:dc:17:3a:ee:e8:ba:dd:9c:74:2d:3b:c6:2a:ce:01:
5d:f6:c3:a5:34:29:64:f3:9a:12:0e:e3:03:e0:a2:58:21:8b:
f4:e7:f8:c2:14:24:03:46:e9:76:e0:27:d9:1d:32:e1:4c:31:
ae:45:f5:35
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUJHzSOrD9Lzlcilhi1UuDX5gN1VgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA0MTAxMjE0MjRaFw0yNzA0MDkxMjE5MjRaMDMxMTAvBgNV
BAMTKDVBNkRBN0Y4RTQyMjIzNkFCMjdGRTA3NDE2N0E4RDhENjIxMzYzQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk+JTJx686zByj1eyshfAZHu81
ZE57UfS7xcwWHcRzJ+J6D1EI1rgXBMVVaxEs9+CvCVSR7+HL9ScC1Pyi3+jQnjmw
QQAhT7AzLdz9KVHSvXn2U+eQIBOfIDlCzQxzEfv9PvVrzwiXXUxQhvUz6VdqODnl
SdfsQQWuuYwsaqkKaPfPpOeP6Qkgo/rTBd2t6kHwR9xtlTVUB3HAA6l6LAWbuwpL
KzZWAifMjEG0/9cEKM82TJvH/bh0Jp6xiuA2phooRUMIYEZAMU8ct7g5PaFU4sGc
MxXu/wn/lObzJ9n6WQwtvxx4nTBTKt3ZV/1kG7pIPpw53JjZq4QjiYvA6NqzAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUWm2n+OQiI2qyf+B0FnqNjWITY8AwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzQzNTJlMzkzMTJlMzQyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMjM1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtWwQw
DQYJKoZIhvcNAQELBQADggEBAKAXcyEgGSS6mhP+Sz9D4j86HyEBcmZYUm7t6Z7E
u1rF3u1jwE3QrcVeMXeEDyX/A6ghsVMW7blCvVME/gRfG3Is4qHQCaStW+DPY2iS
6RGn2A98gMlF3h886gwJ7ROSEo+wzv/ShZMVXB5PEf+LWkEv652ZM3CYySqvHGuo
p/ERMpeELQtuKHBCvC9JxE6mfnbvQ2tEtyOg3NX3KUXwafsZsJPdr1ZVrP2YTvHG
2SCAe46n8Y63Du/XzmljNM/XAYeQaJMpmTDXO9wXOu7out2cdC07xirOAV32w6U0
KWTzmhIO4wPgolghi/Tn+MIUJANG6XbgJ9kdMuFMMa5F9TU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:12:52 2026 by rpki-client