Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/13daa142-a245-47aa-a5dd-21202f6595a8/0/34352e3134302e3234362e302f32342d3234203d3e20313337353137.roa
File: 34352e3134302e3234362e302f32342d3234203d3e20313337353137.roa (raw, json)
Hash identifier: w+9JhKTm42+qCh267CfnZBy1lWmblpCEcvu07OVFVoE=
Subject key identifier: 7B:5F:22:11:FD:11:BB:68:D5:9F:EA:EE:63:62:EB:22:11:02:52:5D
Certificate issuer: /CN=b7c75b0ee5281d7520b6724e8cc3ccf0a871ce8f
Certificate serial: 6AC643D03A0ED984EFA50650B88E7E5E0238E36C
Authority key identifier: B7:C7:5B:0E:E5:28:1D:75:20:B6:72:4E:8C:C3:CC:F0:A8:71:CE:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t8dbDuUoHXUgtnJOjMPM8Khxzo8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/13daa142-a245-47aa-a5dd-21202f6595a8/0/34352e3134302e3234362e302f32342d3234203d3e20313337353137.roa
Signing time: Tue 27 Jan 2026 09:53:43 +0000
ROA not before: Tue 27 Jan 2026 09:48:43 +0000
ROA not after: Tue 26 Jan 2027 09:53:43 +0000
asID: 137517
IP address blocks: 45.140.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/13daa142-a245-47aa-a5dd-21202f6595a8/0/B7C75B0EE5281D7520B6724E8CC3CCF0A871CE8F.crl
rsync://rsync.paas.rpki.ripe.net/repository/13daa142-a245-47aa-a5dd-21202f6595a8/0/B7C75B0EE5281D7520B6724E8CC3CCF0A871CE8F.mft
rsync://rpki.ripe.net/repository/DEFAULT/t8dbDuUoHXUgtnJOjMPM8Khxzo8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:58:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:c6:43:d0:3a:0e:d9:84:ef:a5:06:50:b8:8e:7e:5e:02:38:e3:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7c75b0ee5281d7520b6724e8cc3ccf0a871ce8f
Validity
Not Before: Jan 27 09:48:43 2026 GMT
Not After : Jan 26 09:53:43 2027 GMT
Subject: CN=7B5F2211FD11BB68D59FEAEE6362EB221102525D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:47:34:46:16:59:7e:8a:26:dc:1a:a0:e6:6e:
cb:f0:32:ec:90:0a:f2:84:17:b9:84:5d:20:7a:d0:
c5:a8:02:1a:7d:57:35:d5:ca:63:36:e9:c2:39:a0:
7d:52:15:e5:21:53:b6:ae:42:14:24:2b:db:27:25:
13:05:ab:b7:9d:2b:7b:80:43:53:1f:de:93:31:32:
d7:dc:f3:bb:b9:aa:84:27:a3:58:ec:41:06:01:f2:
65:d6:70:26:8e:41:97:6a:b0:ac:30:e3:8f:4c:45:
cc:24:2c:ee:1d:41:da:96:20:50:ca:c3:c4:22:52:
99:c6:ca:78:3d:2a:0b:8e:8f:e0:c7:64:cf:28:8c:
1e:6b:3a:30:48:c3:13:10:f8:43:8f:a6:03:52:8f:
c1:27:bb:ec:13:7c:a3:5e:89:c6:55:d6:49:18:5f:
dd:60:11:b6:61:e0:f4:b3:a1:94:87:2e:91:0a:b7:
4e:7c:0a:cc:a8:43:21:7e:d6:db:cb:79:24:31:b8:
1c:5b:5c:ac:eb:12:14:b1:78:81:d8:2f:7a:73:65:
8a:d3:13:9d:67:da:50:3e:0f:00:8b:9f:81:fb:e7:
82:58:6f:ec:87:98:dc:25:44:6a:68:70:9d:5c:f2:
38:13:4a:2d:5b:10:04:9d:1e:1a:23:71:3a:d0:f2:
fc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:5F:22:11:FD:11:BB:68:D5:9F:EA:EE:63:62:EB:22:11:02:52:5D
X509v3 Authority Key Identifier:
keyid:B7:C7:5B:0E:E5:28:1D:75:20:B6:72:4E:8C:C3:CC:F0:A8:71:CE:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/13daa142-a245-47aa-a5dd-21202f6595a8/0/B7C75B0EE5281D7520B6724E8CC3CCF0A871CE8F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t8dbDuUoHXUgtnJOjMPM8Khxzo8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/13daa142-a245-47aa-a5dd-21202f6595a8/0/34352e3134302e3234362e302f32342d3234203d3e20313337353137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.246.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:1c:e0:ff:da:32:ef:84:34:37:ff:8c:e3:1e:f9:6e:e9:c1:
ed:64:2b:f4:ae:13:e5:b7:e3:96:d2:af:bf:6c:39:b1:e9:aa:
cb:6e:25:95:e1:1e:2e:dc:be:5d:36:8f:f3:1b:ff:cd:5f:dc:
51:e4:bb:b9:da:53:60:aa:59:0c:af:74:76:5d:55:cb:07:54:
74:23:05:3c:36:a3:c6:a0:64:5e:71:8d:c4:f0:a9:61:46:5a:
33:ed:ed:07:ca:88:d2:2b:be:03:84:49:86:e5:0d:e6:b7:b3:
38:2c:d4:56:12:02:49:0a:b5:a0:56:f1:96:4a:31:45:26:05:
3a:a8:58:89:36:e2:dc:be:c1:1a:57:da:9f:1e:31:a7:0c:9b:
46:81:5b:e9:a8:a4:a8:c2:4f:e3:14:c5:d4:06:e8:fe:5e:7f:
4b:87:2d:ba:15:0c:e4:ec:42:63:ea:54:1e:a4:af:fb:2b:57:
ae:75:48:2c:62:7e:73:a9:0a:87:eb:ba:a4:9c:3a:35:43:f5:
1c:30:a6:40:fb:8e:a9:c8:d6:df:d7:45:76:c7:70:3b:ec:36:
a8:c7:67:41:5c:8e:7a:69:aa:a7:1f:b1:b8:55:62:f0:51:a7:
5f:82:11:0f:4b:7d:47:37:62:07:d9:8e:2f:b4:7e:a8:ea:63:
0f:6b:d6:e8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUasZD0DoO2YTvpQZQuI5+XgI442wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjdjNzViMGVlNTI4MWQ3NTIwYjY3MjRlOGNjM2NjZjBh
ODcxY2U4ZjAeFw0yNjAxMjcwOTQ4NDNaFw0yNzAxMjYwOTUzNDNaMDMxMTAvBgNV
BAMTKDdCNUYyMjExRkQxMUJCNjhENTlGRUFFRTYzNjJFQjIyMTEwMjUyNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzRzRGFll+iibcGqDmbsvwMuyQ
CvKEF7mEXSB60MWoAhp9VzXVymM26cI5oH1SFeUhU7auQhQkK9snJRMFq7edK3uA
Q1Mf3pMxMtfc87u5qoQno1jsQQYB8mXWcCaOQZdqsKww449MRcwkLO4dQdqWIFDK
w8QiUpnGyng9KguOj+DHZM8ojB5rOjBIwxMQ+EOPpgNSj8Enu+wTfKNeicZV1kkY
X91gEbZh4PSzoZSHLpEKt058CsyoQyF+1tvLeSQxuBxbXKzrEhSxeIHYL3pzZYrT
E51n2lA+DwCLn4H754JYb+yHmNwlRGpocJ1c8jgTSi1bEASdHhojcTrQ8vwVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUe18iEf0Ru2jVn+ruY2LrIhECUl0wHwYDVR0j
BBgwFoAUt8dbDuUoHXUgtnJOjMPM8Khxzo8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTNkYWExNDItYTI0NS00N2FhLWE1ZGQtMjEyMDJmNjU5
NWE4LzAvQjdDNzVCMEVFNTI4MUQ3NTIwQjY3MjRFOENDM0NDRjBBODcxQ0U4Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3Q4ZGJEdVVvSFhVZ3RuSk9qTVBNOEto
eHpvOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTNkYWExNDIt
YTI0NS00N2FhLWE1ZGQtMjEyMDJmNjU5NWE4LzAvMzQzNTJlMzEzNDMwMmUzMjM0
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczNTMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtjPYwDQYJKoZIhvcNAQELBQADggEBAI4c4P/aMu+ENDf/jOMe+W7pwe1kK/Su
E+W345bSr79sObHpqstuJZXhHi7cvl02j/Mb/81f3FHku7naU2CqWQyvdHZdVcsH
VHQjBTw2o8agZF5xjcTwqWFGWjPt7QfKiNIrvgOESYblDea3szgs1FYSAkkKtaBW
8ZZKMUUmBTqoWIk24ty+wRpX2p8eMacMm0aBW+mopKjCT+MUxdQG6P5ef0uHLboV
DOTsQmPqVB6kr/srV651SCxifnOpCofruqScOjVD9RwwpkD7jqnI1t/XRXbHcDvs
NqjHZ0FcjnppqqcfsbhVYvBRp1+CEQ9LfUc3YgfZji+0fqjqYw9r1ug=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:33:49 2026 by rpki-client