Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38302e302f32342d3234203d3e20323036373636.roa
File: 34352e31322e38302e302f32342d3234203d3e20323036373636.roa (raw, json)
Hash identifier: KQIeIzYqB4AdS5u+C8McYg66k21scObYMvVGfy4Yr3o=
Subject key identifier: E6:2A:4F:C4:F9:13:9B:7E:3A:2A:A2:00:2D:6B:C2:C5:F2:72:0A:6A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5891A4664FCFE1579E180EECEAD54CF528F7BF86
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38302e302f32342d3234203d3e20323036373636.roa
Signing time: Wed 18 Feb 2026 10:46:46 +0000
ROA not before: Wed 18 Feb 2026 10:41:46 +0000
ROA not after: Wed 17 Feb 2027 10:46:46 +0000
asID: 206766
IP address blocks: 45.12.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:91:a4:66:4f:cf:e1:57:9e:18:0e:ec:ea:d5:4c:f5:28:f7:bf:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 18 10:41:46 2026 GMT
Not After : Feb 17 10:46:46 2027 GMT
Subject: CN=E62A4FC4F9139B7E3A2AA2002D6BC2C5F2720A6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:95:58:d0:b8:9f:22:7a:ab:24:b2:9f:30:15:
75:b5:3f:f3:ef:68:95:b2:81:0f:7e:37:bb:37:33:
12:1f:d0:27:0e:eb:3e:c9:16:a9:a2:52:d3:e3:5c:
81:a0:82:16:c2:41:8b:a0:47:b1:92:73:5f:fc:07:
91:3e:36:83:48:9e:7d:9f:c5:97:6a:f7:22:74:43:
e1:88:f5:f5:ba:6c:14:07:80:7b:4a:56:e7:18:15:
ce:35:6e:fd:96:f1:68:31:c0:ef:05:29:bf:20:fb:
f0:6b:fc:87:d0:74:a0:d4:9a:8c:cd:e3:67:e2:1f:
b0:40:aa:f1:c4:6d:7f:78:75:0f:9a:bf:d9:50:aa:
df:d3:ca:4c:39:96:42:4c:01:55:ea:98:48:91:9e:
66:35:1b:8d:49:ae:f4:0b:01:05:59:58:7e:14:cb:
eb:55:15:01:56:0b:67:21:dc:e4:b6:0d:6e:44:98:
87:c9:43:de:8b:d0:93:e4:2a:22:cf:c8:b5:15:a6:
22:45:87:ce:e9:0c:8d:f9:35:a4:6d:0c:58:f4:4f:
5e:79:1b:2d:16:8e:a4:cd:64:5e:b9:2e:4a:85:91:
be:a7:eb:2d:46:b7:0b:99:fa:96:98:17:26:e4:84:
6f:a0:c3:47:04:a1:ea:e3:83:fe:94:fc:9b:39:7e:
b5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2A:4F:C4:F9:13:9B:7E:3A:2A:A2:00:2D:6B:C2:C5:F2:72:0A:6A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38302e302f32342d3234203d3e20323036373636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.80.0/24
Signature Algorithm: sha256WithRSAEncryption
66:e6:14:2a:d3:ca:12:56:72:62:23:4a:02:d5:d7:e8:24:0e:
b6:57:dd:8b:e7:c0:ab:eb:f7:cd:98:77:fb:20:12:74:50:c9:
71:a9:0f:81:e2:0e:d2:ed:47:09:81:28:7f:1f:88:54:d3:a1:
ef:4e:f7:d6:bb:5e:6e:af:02:53:ce:fd:9f:64:d8:24:38:4e:
1a:0f:3a:05:ef:87:6b:41:af:3c:17:71:12:4a:24:ae:31:bf:
ed:5f:39:1c:04:c2:3d:f8:07:ee:e1:e4:4c:dc:3d:c1:20:17:
69:1a:5e:2a:21:1c:12:e4:c6:9b:0d:a1:d2:f6:3b:0e:36:08:
b7:d3:54:b4:69:6b:cb:23:1f:f9:39:a8:4a:f6:03:1e:f9:9e:
50:65:74:94:78:73:d0:c9:a4:be:03:d4:74:5d:93:f4:69:40:
4f:6d:a7:06:8d:3e:7c:f3:8a:12:0e:fb:ee:aa:dd:82:e2:d3:
9f:3e:41:d0:d4:4a:d7:c8:2d:77:6f:3b:2d:9d:07:eb:3b:61:
85:9e:7b:58:60:be:ac:07:b0:99:13:fd:ee:26:4e:87:22:e5:
6f:44:f0:27:a2:fb:8d:ba:8b:c6:9d:85:13:57:f5:91:d1:77:
22:8d:d2:c9:ac:8a:9f:40:d3:c6:69:b1:94:7e:09:9c:bf:d5:
4c:3c:3e:57
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWJGkZk/P4VeeGA7s6tVM9Sj3v4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjAyMTgxMDQxNDZaFw0yNzAyMTcxMDQ2NDZaMDMxMTAvBgNV
BAMTKEU2MkE0RkM0RjkxMzlCN0UzQTJBQTIwMDJENkJDMkM1RjI3MjBBNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLlVjQuJ8ieqsksp8wFXW1P/Pv
aJWygQ9+N7s3MxIf0CcO6z7JFqmiUtPjXIGgghbCQYugR7GSc1/8B5E+NoNInn2f
xZdq9yJ0Q+GI9fW6bBQHgHtKVucYFc41bv2W8WgxwO8FKb8g+/Br/IfQdKDUmozN
42fiH7BAqvHEbX94dQ+av9lQqt/Tykw5lkJMAVXqmEiRnmY1G41JrvQLAQVZWH4U
y+tVFQFWC2ch3OS2DW5EmIfJQ96L0JPkKiLPyLUVpiJFh87pDI35NaRtDFj0T155
Gy0WjqTNZF65LkqFkb6n6y1GtwuZ+paYFybkhG+gw0cEoerjg/6U/Js5frW3AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU5ipPxPkTm346KqIALWvCxfJyCmowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNjM3MzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0M
UDANBgkqhkiG9w0BAQsFAAOCAQEAZuYUKtPKElZyYiNKAtXX6CQOtlfdi+fAq+v3
zZh3+yASdFDJcakPgeIO0u1HCYEofx+IVNOh70731rtebq8CU879n2TYJDhOGg86
Be+Ha0GvPBdxEkokrjG/7V85HATCPfgH7uHkTNw9wSAXaRpeKiEcEuTGmw2h0vY7
DjYIt9NUtGlryyMf+TmoSvYDHvmeUGV0lHhz0MmkvgPUdF2T9GlAT22nBo0+fPOK
Eg777qrdguLTnz5B0NRK18gtd287LZ0H6zthhZ57WGC+rAewmRP97iZOhyLlb0Tw
J6L7jbqLxp2FE1f1kdF3Io3SyayKn0DTxmmxlH4JnL/VTDw+Vw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:32:25 2026 by rpki-client