Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
File: AS43350.roa (raw, json)
Hash identifier: fY2kKPgm3l2mdtSxYikV1qjwzv7UoMO9F5kCxeF0UfQ=
Subject key identifier: 6D:8B:71:AA:2D:DA:13:D9:FD:A5:D5:6B:C9:14:58:34:6E:1D:96:B8
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 78982A9C780B82AF5E1B90EC942511E9568D8A97
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
Signing time: Wed 15 Apr 2026 00:04:05 +0000
ROA not before: Tue 14 Apr 2026 23:59:05 +0000
ROA not after: Wed 14 Apr 2027 00:04:05 +0000
asID: 43350
IP address blocks: 141.11.1.0/24 maxlen: 24
141.11.21.0/24 maxlen: 24
141.11.45.0/24 maxlen: 24
141.11.107.0/24 maxlen: 24
141.11.187.0/24 maxlen: 24
141.11.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:98:2a:9c:78:0b:82:af:5e:1b:90:ec:94:25:11:e9:56:8d:8a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Apr 14 23:59:05 2026 GMT
Not After : Apr 14 00:04:05 2027 GMT
Subject: CN=6D8B71AA2DDA13D9FDA5D56BC91458346E1D96B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4a:1e:ed:17:4b:70:fa:75:ec:a6:39:d4:1d:
e6:ec:a2:0c:b6:06:f8:4a:71:4e:73:1a:b1:5a:b2:
6c:82:e2:80:da:b0:04:f4:c3:5e:8b:bc:0b:9a:a4:
9c:82:db:d2:48:31:9e:6e:1a:8e:81:3b:9d:dd:4e:
c8:56:a5:bd:29:79:d2:4b:ad:83:45:cd:62:62:d7:
d6:64:26:72:88:fa:55:a9:eb:5b:04:e4:a8:74:8c:
5b:4a:8d:30:b3:c6:1d:c1:a5:2f:0d:6d:6a:78:67:
43:79:9c:52:23:24:66:24:1a:b4:97:05:be:d0:61:
1a:07:37:a6:3c:43:0e:ae:47:b7:b8:fb:4a:b1:e7:
e3:16:f2:e2:cf:e7:fd:df:b7:31:02:a0:51:2d:f1:
23:0c:f9:ea:d3:e2:aa:b2:7b:38:11:19:e1:76:e9:
5c:41:3b:25:24:f1:08:a3:d3:ba:c3:ba:31:83:a8:
d1:62:1a:2e:1b:53:b6:d6:77:e1:e7:33:e8:c4:d4:
96:c2:55:eb:9d:e2:59:d3:9a:82:26:fd:2b:50:6f:
56:c3:a8:21:dd:cc:2e:00:04:d1:7b:3e:7c:b0:1c:
9e:6b:61:fb:8e:75:e8:21:c5:90:f7:66:0a:19:c0:
7e:3e:ab:a0:14:32:59:61:ff:fe:83:ea:56:60:ee:
4e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8B:71:AA:2D:DA:13:D9:FD:A5:D5:6B:C9:14:58:34:6E:1D:96:B8
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS43350.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.1.0/24
141.11.21.0/24
141.11.45.0/24
141.11.107.0/24
141.11.187.0/24
141.11.250.0/24
Signature Algorithm: sha256WithRSAEncryption
56:e9:3b:15:81:d2:8e:ef:57:ea:43:cc:2f:11:a7:53:51:f4:
e8:3a:cc:a6:61:8f:09:1f:70:f1:34:27:3b:96:d0:86:c5:30:
ba:e9:94:22:dd:45:d2:13:db:b6:1f:3a:82:cf:ab:67:7a:9d:
96:11:d4:45:68:4b:f6:b2:97:6d:be:ec:c3:9f:66:c2:11:4e:
aa:cc:cf:11:74:3c:09:1e:c0:aa:6e:51:d6:91:74:26:71:75:
44:ba:4a:f3:ed:62:57:52:45:d1:fa:e8:f4:03:5f:d2:69:5b:
af:0a:b7:99:f9:23:e7:ef:9a:4e:c0:db:23:50:64:da:57:3e:
bf:36:3d:71:3e:0a:09:41:92:9e:31:62:f4:a8:6f:3c:34:73:
cb:ef:34:f6:be:0d:9e:d4:c2:04:07:1b:19:4c:e5:e5:1d:7a:
64:b3:90:d2:1f:4f:d0:fa:a5:bf:4a:39:d5:5f:a0:cc:d2:81:
55:d1:55:71:32:58:99:76:72:9a:6d:7c:c3:93:d5:0f:34:d7:
15:37:4a:67:72:9e:a7:01:c7:b2:f7:48:78:94:d0:e5:26:4c:
e7:d9:9e:6e:e4:73:90:63:55:d7:19:fa:ca:f5:66:de:74:45:
6f:a7:af:c1:be:a9:09:89:55:cd:f8:51:5d:51:00:1b:88:46:
30:8d:6c:e1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUeJgqnHgLgq9eG5DslCUR6VaNipcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjA0MTQyMzU5MDVaFw0yNzA0MTQwMDA0MDVaMDMxMTAvBgNV
BAMTKDZEOEI3MUFBMkREQTEzRDlGREE1RDU2QkM5MTQ1ODM0NkUxRDk2QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Sh7tF0tw+nXspjnUHebsogy2
BvhKcU5zGrFasmyC4oDasAT0w16LvAuapJyC29JIMZ5uGo6BO53dTshWpb0pedJL
rYNFzWJi19ZkJnKI+lWp61sE5Kh0jFtKjTCzxh3BpS8NbWp4Z0N5nFIjJGYkGrSX
Bb7QYRoHN6Y8Qw6uR7e4+0qx5+MW8uLP5/3ftzECoFEt8SMM+erT4qqyezgRGeF2
6VxBOyUk8Qij07rDujGDqNFiGi4bU7bWd+HnM+jE1JbCVeud4lnTmoIm/StQb1bD
qCHdzC4ABNF7PnywHJ5rYfuOdeghxZD3ZgoZwH4+q6AUMllh//6D6lZg7k5bAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUbYtxqi3aE9n9pdVryRRYNG4dlrgwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDMzNTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACNCwED
BACNCxUDBACNCy0DBACNC2sDBACNC7sDBACNC/owDQYJKoZIhvcNAQELBQADggEB
AFbpOxWB0o7vV+pDzC8Rp1NR9Og6zKZhjwkfcPE0JzuW0IbFMLrplCLdRdIT27Yf
OoLPq2d6nZYR1EVoS/ayl22+7MOfZsIRTqrMzxF0PAkewKpuUdaRdCZxdUS6SvPt
YldSRdH66PQDX9JpW68Kt5n5I+fvmk7A2yNQZNpXPr82PXE+CglBkp4xYvSobzw0
c8vvNPa+DZ7UwgQHGxlM5eUdemSzkNIfT9D6pb9KOdVfoMzSgVXRVXEyWJl2cppt
fMOT1Q801xU3SmdynqcBx7L3SHiU0OUmTOfZnm7kc5BjVdcZ+sr1Zt50RW+nr8G+
qQmJVc34UV1RABuIRjCNbOE=
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:51:31 2026 by rpki-client