Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31342e302f32332d3234203d3e20313437303033.roa
File: 34352e3132382e31342e302f32332d3234203d3e20313437303033.roa (raw, json)
Hash identifier: /eT04HyflwcC0pHAY5SGjJT8c4JaXavMPdfaeYoaE24=
Subject key identifier: 60:0A:1C:DE:CC:4D:C5:A7:54:4E:EB:00:16:D2:6D:14:FC:E9:FD:AF
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 1C7AE34431DA719B65677CAA54ABAD14086783B6
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31342e302f32332d3234203d3e20313437303033.roa
Signing time: Tue 07 Apr 2026 13:42:57 +0000
ROA not before: Tue 07 Apr 2026 13:37:57 +0000
ROA not after: Tue 06 Apr 2027 13:42:57 +0000
asID: 147003
IP address blocks: 45.128.14.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:28:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:7a:e3:44:31:da:71:9b:65:67:7c:aa:54:ab:ad:14:08:67:83:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Apr 7 13:37:57 2026 GMT
Not After : Apr 6 13:42:57 2027 GMT
Subject: CN=600A1CDECC4DC5A7544EEB0016D26D14FCE9FDAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:08:0f:c3:e9:1c:31:2a:3e:be:39:78:77:3c:
94:27:a4:ef:78:14:f1:2c:b1:c7:af:74:87:17:8f:
58:48:6c:42:05:bb:2c:ef:2d:81:26:75:13:e7:51:
a8:a9:63:14:e1:a6:a6:8a:21:49:0f:b4:41:6c:50:
a4:18:cf:3a:fe:ef:6f:ab:7a:90:90:0c:68:89:38:
6c:1b:45:df:a0:94:43:40:9d:e8:36:e1:c4:e8:73:
62:8f:9c:03:e9:04:8f:ae:17:22:0f:63:5f:a4:ae:
ef:f5:f2:10:fb:91:3f:e4:20:93:45:ab:6f:66:91:
67:10:bd:c8:28:cc:a5:73:2d:16:47:a4:64:4d:3e:
75:b1:f2:d4:ab:29:19:ed:bc:f9:48:23:bc:bf:d8:
97:37:4c:8d:66:fa:1a:4a:e1:1d:c0:7e:95:8a:43:
cc:c8:76:c0:57:a1:7f:03:d6:66:dd:7f:0e:81:0e:
84:46:d9:a1:08:ca:d6:bc:72:8b:4d:e5:44:54:43:
4f:bf:d8:2c:3b:a3:b8:51:40:0a:fa:b2:4a:aa:4b:
d4:41:75:c5:99:7c:1d:24:ed:c2:d5:eb:73:21:35:
f6:70:9c:e6:89:11:5e:17:fe:6f:7c:b4:91:3a:48:
aa:4b:3f:73:90:70:89:de:7a:cc:5a:bf:b3:3c:8e:
4a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0A:1C:DE:CC:4D:C5:A7:54:4E:EB:00:16:D2:6D:14:FC:E9:FD:AF
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31342e302f32332d3234203d3e20313437303033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.14.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:51:b8:48:16:e7:45:46:6f:11:6a:c4:46:34:07:e8:e3:f4:
7f:4a:33:71:10:1b:de:e9:0e:b9:31:d4:ed:99:52:5c:e0:ac:
02:c6:69:9b:c2:f7:52:32:43:7c:b7:11:ac:e7:8f:14:81:bf:
92:b6:a9:a4:62:a0:9a:8f:f6:7f:8d:64:60:b6:e9:c4:f8:56:
dd:c3:2d:7b:e6:f7:45:87:93:b7:f4:42:69:2f:c5:45:a2:28:
8b:02:e0:7b:8b:3e:e7:56:68:12:c2:1c:58:02:b5:7a:5e:90:
f9:9c:a5:51:20:54:ea:57:83:ff:f3:7b:4d:3e:a8:8a:3b:03:
64:be:ea:86:1b:6c:12:26:26:61:c4:57:0c:bb:90:93:c6:12:
8b:9e:04:17:2d:49:c8:73:d7:0e:92:0f:bc:8b:b0:07:59:6d:
c2:fa:de:75:57:81:9f:db:bc:2c:b6:57:b1:a2:cb:2c:93:cd:
02:7b:19:92:60:ce:45:50:3f:34:51:f4:35:f2:23:b6:ee:ac:
e5:29:b0:1a:bf:9e:3c:99:1b:ac:d0:02:d2:07:d6:d9:f3:e3:
13:16:d3:ef:f3:6f:84:02:4e:6a:58:c5:d3:54:8e:c5:e2:9b:
a7:1d:43:b8:42:00:df:bf:5f:28:7b:c0:9a:52:10:de:b9:96:
5c:2f:6a:b8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHHrjRDHacZtlZ3yqVKutFAhng7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNjA0MDcxMzM3NTdaFw0yNzA0MDYxMzQyNTdaMDMxMTAvBgNV
BAMTKDYwMEExQ0RFQ0M0REM1QTc1NDRFRUIwMDE2RDI2RDE0RkNFOUZEQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClCA/D6RwxKj6+OXh3PJQnpO94
FPEsscevdIcXj1hIbEIFuyzvLYEmdRPnUaipYxThpqaKIUkPtEFsUKQYzzr+72+r
epCQDGiJOGwbRd+glENAneg24cToc2KPnAPpBI+uFyIPY1+kru/18hD7kT/kIJNF
q29mkWcQvcgozKVzLRZHpGRNPnWx8tSrKRntvPlII7y/2Jc3TI1m+hpK4R3AfpWK
Q8zIdsBXoX8D1mbdfw6BDoRG2aEIyta8cotN5URUQ0+/2Cw7o7hRQAr6skqqS9RB
dcWZfB0k7cLV63MhNfZwnOaJEV4X/m98tJE6SKpLP3OQcIneesxav7M8jkpLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUYAoc3sxNxadUTusAFtJtFPzp/a8wHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzMjM4MmUzMTM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzNDM3MzAzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LYAOMA0GCSqGSIb3DQEBCwUAA4IBAQBLUbhIFudFRm8RasRGNAfo4/R/SjNxEBve
6Q65MdTtmVJc4KwCxmmbwvdSMkN8txGs548Ugb+StqmkYqCaj/Z/jWRgtunE+Fbd
wy175vdFh5O39EJpL8VFoiiLAuB7iz7nVmgSwhxYArV6XpD5nKVRIFTqV4P/83tN
PqiKOwNkvuqGG2wSJiZhxFcMu5CTxhKLngQXLUnIc9cOkg+8i7AHWW3C+t51V4Gf
27wstlexosssk80CexmSYM5FUD80UfQ18iO27qzlKbAav548mRus0ALSB9bZ8+MT
FtPv82+EAk5qWMXTVI7F4punHUO4QgDfv18oe8CaUhDeuZZcL2q4
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:27:34 2026 by rpki-client