Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32392e302f32342d3234203d3e2039333034.roa
File: 34362e3138332e32392e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: 4l3m4JRRITIOBfhSXA3v4T1Tc1t3gHbU2TsBgQabcVg=
Subject key identifier: 5A:C6:F4:97:F5:C4:69:DA:2A:6A:94:7C:02:7C:01:94:7C:FF:58:02
Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Certificate serial: 5FBDA560A4128C433FEB2DA1946AC392E5C141D9
Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32392e302f32342d3234203d3e2039333034.roa
Signing time: Mon 27 Oct 2025 04:55:51 +0000
ROA not before: Mon 27 Oct 2025 04:50:51 +0000
ROA not after: Mon 26 Oct 2026 04:55:51 +0000
asID: 9304
IP address blocks: 46.183.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:bd:a5:60:a4:12:8c:43:3f:eb:2d:a1:94:6a:c3:92:e5:c1:41:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Validity
Not Before: Oct 27 04:50:51 2025 GMT
Not After : Oct 26 04:55:51 2026 GMT
Subject: CN=5AC6F497F5C469DA2A6A947C027C01947CFF5802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:7a:8b:c8:ec:0c:16:85:d7:4f:6a:93:18:
fe:eb:a8:ea:d5:c4:67:3a:67:19:a0:ed:42:2b:85:
7c:36:05:73:d2:a5:35:69:89:31:87:d2:07:95:c9:
4e:d1:97:08:94:25:6d:e7:ad:12:07:5e:a7:78:5d:
33:a3:85:97:7d:3d:7a:ba:e1:06:20:fa:09:6d:75:
e8:7a:b7:55:f4:8c:39:a5:22:c9:72:0e:8e:27:67:
2d:cd:13:e4:46:42:e4:56:82:2a:87:fa:ca:68:18:
3a:35:e0:d3:50:6e:1b:9b:67:e4:23:e9:b8:aa:ab:
14:08:cf:3d:1d:9e:4d:25:78:27:a9:27:a2:21:34:
7e:c7:e5:fe:07:a1:a1:dd:4e:cf:ed:c6:51:0a:12:
bf:a3:c5:af:b1:7a:a6:ce:8f:0d:f7:75:4b:c0:1e:
44:e6:6a:83:22:10:cd:d0:0a:2c:46:56:29:a8:65:
e2:2a:46:11:29:f7:e3:a6:82:ea:94:86:df:9e:30:
bb:a1:05:6e:35:aa:0f:df:b6:44:1c:e7:14:44:4b:
83:b9:93:a7:b3:31:5d:f1:a8:92:67:e9:b6:8e:39:
e7:6b:64:d0:da:30:eb:69:d7:5e:0c:62:3b:24:2d:
62:18:94:33:76:73:d5:b0:e5:72:fa:91:04:01:93:
22:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C6:F4:97:F5:C4:69:DA:2A:6A:94:7C:02:7C:01:94:7C:FF:58:02
X509v3 Authority Key Identifier:
keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32392e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.29.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:7e:3c:3c:ca:b2:55:d8:69:5b:be:b8:cb:72:c8:71:5d:78:
72:d3:ae:64:5a:2c:22:ce:cb:84:6c:fb:98:1e:52:ed:f6:8b:
13:28:cc:db:51:c4:e0:71:40:7c:dc:3b:cf:ef:47:6a:da:a2:
40:0e:17:fe:ab:1f:11:74:b1:75:8a:43:47:f2:cb:ee:fc:f6:
7d:c2:c3:23:21:20:3c:43:3b:31:9f:3f:72:e2:a6:af:74:4d:
19:43:b2:ca:d0:c5:c2:69:57:bd:ba:4a:c4:cb:9d:9b:97:e3:
3e:17:ec:0b:41:91:c0:5d:2a:c7:92:7e:1f:ed:db:58:d7:b0:
eb:3a:01:a5:8f:a7:d4:4b:77:5c:ca:99:86:19:a9:b1:9b:e8:
36:1c:7e:2b:30:ba:6b:ae:4c:21:b8:cf:82:89:41:ba:30:62:
f1:80:31:9c:0f:e8:42:02:45:44:81:e4:aa:e6:0e:05:dc:ca:
f4:e3:cc:3b:61:20:a0:9b:d8:ce:97:46:8d:70:61:e3:b5:36:
07:39:d4:95:9e:31:db:0a:cc:02:f4:92:59:17:45:64:f2:ea:
ca:89:8e:68:dc:74:cb:3e:9d:b8:57:5f:be:b4:23:f2:14:ed:
61:f6:7f:7d:0b:78:76:90:15:8d:7d:ad:27:50:29:a3:2b:78:
6d:67:c9:0e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUX72lYKQSjEM/6y2hlGrDkuXBQdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj
YzY3N2IwMDAeFw0yNTEwMjcwNDUwNTFaFw0yNjEwMjYwNDU1NTFaMDMxMTAvBgNV
BAMTKDVBQzZGNDk3RjVDNDY5REEyQTZBOTQ3QzAyN0MwMTk0N0NGRjU4MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGGHqLyOwMFoXXT2qTGP7rqOrV
xGc6Zxmg7UIrhXw2BXPSpTVpiTGH0geVyU7RlwiUJW3nrRIHXqd4XTOjhZd9PXq6
4QYg+gltdeh6t1X0jDmlIslyDo4nZy3NE+RGQuRWgiqH+spoGDo14NNQbhubZ+Qj
6biqqxQIzz0dnk0leCepJ6IhNH7H5f4HoaHdTs/txlEKEr+jxa+xeqbOjw33dUvA
HkTmaoMiEM3QCixGVimoZeIqRhEp9+OmguqUht+eMLuhBW41qg/ftkQc5xRES4O5
k6ezMV3xqJJn6baOOedrZNDaMOtp114MYjskLWIYlDN2c9Ww5XL6kQQBkyJzAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUWsb0l/XEadoqapR8AnwBlHz/WAIwHwYDVR0j
BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0
Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4
bmV3QS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAt
NmQxZS00YWU0LTkxNzctZDkzOGU5ODA0Mzk1LzAvMzQzNjJlMzEzODMzMmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzkzMzMwMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAutx0w
DQYJKoZIhvcNAQELBQADggEBAH1+PDzKslXYaVu+uMtyyHFdeHLTrmRaLCLOy4Rs
+5geUu32ixMozNtRxOBxQHzcO8/vR2raokAOF/6rHxF0sXWKQ0fyy+789n3CwyMh
IDxDOzGfP3Lipq90TRlDssrQxcJpV726SsTLnZuX4z4X7AtBkcBdKseSfh/t21jX
sOs6AaWPp9RLd1zKmYYZqbGb6DYcfiswumuuTCG4z4KJQbowYvGAMZwP6EICRUSB
5KrmDgXcyvTjzDthIKCb2M6XRo1wYeO1Ngc51JWeMdsKzAL0klkXRWTy6sqJjmjc
dMs+nbhXX760I/IU7WH2f30LeHaQFY19rSdQKaMreG1nyQ4=
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:01:09 2025 by rpki-client