Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e20323133383430.roa
File: 34352e39312e3133392e302f32342d3234203d3e20323133383430.roa (raw, json)
Hash identifier: Mc+tTYqNxMpCa6SV8+Xa67r0OvduIq/mlIUgQ/RB2ZE=
Subject key identifier: 95:D2:52:CF:41:F1:5B:62:BB:78:28:BD:E5:17:D4:59:32:1D:12:3C
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 719503A6262C011C153EE544A80D1702E90E3AB7
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e20323133383430.roa
Signing time: Tue 09 Jun 2026 08:49:21 +0000
ROA not before: Tue 09 Jun 2026 08:44:21 +0000
ROA not after: Tue 08 Jun 2027 08:49:21 +0000
asID: 213840
IP address blocks: 45.91.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:95:03:a6:26:2c:01:1c:15:3e:e5:44:a8:0d:17:02:e9:0e:3a:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 9 08:44:21 2026 GMT
Not After : Jun 8 08:49:21 2027 GMT
Subject: CN=95D252CF41F15B62BB7828BDE517D459321D123C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:72:3f:3b:1b:64:04:3f:1b:a3:92:01:bb:31:
b2:cd:ba:57:eb:6b:a4:59:ff:a5:ba:5a:b3:73:2b:
40:93:ed:79:69:80:1f:7c:34:0a:e1:60:b1:17:0f:
80:51:66:d8:c4:fa:d9:70:32:21:65:3d:47:e8:44:
b2:92:c1:29:be:47:74:d9:06:cc:0e:d2:00:91:da:
e4:9c:b2:d1:13:be:48:3a:3e:4f:d5:2a:0e:1f:88:
d3:11:9e:60:26:ac:cb:2f:ed:ba:f2:a6:c1:e1:99:
a9:ac:97:b6:9a:f3:77:02:9b:99:9d:d1:47:df:72:
d6:f3:ec:ee:a7:62:90:64:eb:58:e9:49:90:08:c1:
32:55:cf:5f:c3:be:73:eb:5b:6d:74:6d:f0:7d:44:
6e:76:8c:51:f9:b5:23:f3:12:bf:14:24:e4:56:d3:
6e:05:bf:57:ce:81:b7:28:06:0b:5e:df:a0:39:10:
5c:f2:c0:43:95:a4:8c:66:8a:b0:14:7b:86:7d:ff:
da:a6:2b:63:8a:a2:72:48:85:74:55:03:cd:ae:99:
fc:9b:fb:35:46:b6:e5:6a:ef:30:e6:5f:a2:b4:05:
07:4d:72:62:9d:8c:55:a5:ff:71:b2:30:bf:46:60:
c6:12:ed:c1:2d:c3:2f:11:75:43:dd:88:e6:f7:54:
67:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D2:52:CF:41:F1:5B:62:BB:78:28:BD:E5:17:D4:59:32:1D:12:3C
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e20323133383430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.139.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:ef:d2:d5:16:4e:9e:d8:21:03:b4:e3:d1:61:59:fd:10:0d:
11:d5:10:08:ef:05:57:ee:3d:34:2a:25:ff:5f:8f:56:13:f0:
bf:7b:84:da:e9:ec:5f:62:cb:4a:83:11:b7:29:1d:5b:14:fe:
c9:ce:3c:3f:80:1b:32:bd:15:02:82:01:f8:85:fe:49:7e:44:
d5:21:ba:d1:db:d4:38:fc:da:3a:1d:5d:67:59:75:34:3e:9b:
2a:d7:cc:50:46:de:20:03:eb:9a:73:b0:33:a1:61:be:ff:0e:
d3:62:3b:6c:09:9b:b4:ab:f9:57:1e:b9:33:82:e9:e5:b5:68:
8d:d5:01:39:82:b3:eb:c2:97:24:e2:44:32:8a:70:e2:9f:40:
0d:01:13:ee:ad:17:af:58:4d:1e:b1:52:40:ca:e7:2b:31:d7:
e3:4b:25:04:45:ab:65:7e:14:46:2f:26:b8:d3:7d:9d:74:8d:
53:3e:17:bb:c3:73:51:06:46:7f:93:0f:39:0a:62:ed:d3:6d:
96:1e:23:22:09:f3:c0:e0:8b:94:6b:f6:61:6d:ff:d6:a1:1b:
2e:82:c9:06:0d:a4:19:8d:bb:c1:7b:48:9a:81:e9:38:86:8d:
8f:23:75:2b:ee:b0:27:42:e7:67:f0:00:50:7e:a9:88:f3:da:
d6:56:fe:99
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcZUDpiYsARwVPuVEqA0XAukOOrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA2MDkwODQ0MjFaFw0yNzA2MDgwODQ5MjFaMDMxMTAvBgNV
BAMTKDk1RDI1MkNGNDFGMTVCNjJCQjc4MjhCREU1MTdENDU5MzIxRDEyM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBcj87G2QEPxujkgG7MbLNulfr
a6RZ/6W6WrNzK0CT7XlpgB98NArhYLEXD4BRZtjE+tlwMiFlPUfoRLKSwSm+R3TZ
BswO0gCR2uScstETvkg6Pk/VKg4fiNMRnmAmrMsv7brypsHhmamsl7aa83cCm5md
0Uffctbz7O6nYpBk61jpSZAIwTJVz1/DvnPrW210bfB9RG52jFH5tSPzEr8UJORW
024Fv1fOgbcoBgte36A5EFzywEOVpIxmirAUe4Z9/9qmK2OKonJIhXRVA82umfyb
+zVGtuVq7zDmX6K0BQdNcmKdjFWl/3GyML9GYMYS7cEtwy8RdUPdiOb3VGd/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUldJSz0HxW2K7eCi95RfUWTIdEjwwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMzMzgzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVuLMA0GCSqGSIb3DQEBCwUAA4IBAQDL79LVFk6e2CEDtOPRYVn9EA0R1RAI7wVX
7j00KiX/X49WE/C/e4Ta6exfYstKgxG3KR1bFP7Jzjw/gBsyvRUCggH4hf5JfkTV
IbrR29Q4/No6HV1nWXU0Ppsq18xQRt4gA+uac7AzoWG+/w7TYjtsCZu0q/lXHrkz
gunltWiN1QE5grPrwpck4kQyinDin0ANARPurRevWE0esVJAyucrMdfjSyUERatl
fhRGLya4032ddI1TPhe7w3NRBkZ/kw85CmLt022WHiMiCfPA4IuUa/Zhbf/WoRsu
gskGDaQZjbvBe0iagek4ho2PI3Ur7rAnQudn8ABQfqmI89rWVv6Z
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:09:29 2026 by rpki-client