Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203633313939.roa
File: 34352e39312e3133392e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: OWcBx2dXNBEfkwZrm0BSZcC4P1JyzIjc7OFAuFXlctM=
Subject key identifier: 28:BD:4B:80:69:5A:F6:93:A9:D2:5C:6C:9A:16:BD:B2:82:9D:AC:BB
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1F83A77EC2E0675F0F1B0B34D1CA75D4450A675A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203633313939.roa
Signing time: Mon 09 Feb 2026 03:50:42 +0000
ROA not before: Mon 09 Feb 2026 03:45:42 +0000
ROA not after: Mon 08 Feb 2027 03:50:42 +0000
asID: 63199
IP address blocks: 45.91.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:83:a7:7e:c2:e0:67:5f:0f:1b:0b:34:d1:ca:75:d4:45:0a:67:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 9 03:45:42 2026 GMT
Not After : Feb 8 03:50:42 2027 GMT
Subject: CN=28BD4B80695AF693A9D25C6C9A16BDB2829DACBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:54:b0:3d:72:ee:37:52:ed:1e:f8:2d:1a:44:
e9:28:d7:c2:00:84:2d:c4:43:c4:f0:db:10:55:96:
a9:f5:ca:12:17:44:64:bd:ac:f4:d5:2b:78:e6:ea:
0e:ee:0c:70:79:ea:d5:9f:43:96:09:79:69:b2:db:
9e:ab:d4:0e:5b:06:e4:52:81:18:dc:62:31:27:15:
21:71:f9:9f:c5:49:11:dd:6f:c3:60:fb:4f:6a:82:
80:e3:7e:04:65:1f:27:e4:33:d4:a0:07:f9:8d:47:
05:a4:5b:91:86:b7:be:82:8e:b5:16:18:2d:8c:04:
ad:7b:d2:9a:13:b1:22:d0:cc:25:7b:04:b2:94:75:
7c:3f:98:35:77:87:2f:2b:ca:01:89:a3:e6:e9:91:
48:1c:f0:df:95:d4:a9:d2:4c:79:82:0f:6d:5f:9a:
87:5f:28:39:30:c7:6f:f6:ca:3a:1c:e5:cb:be:07:
80:86:e8:28:97:8e:b0:ae:30:58:a0:ca:19:4c:8b:
5c:8f:d6:c6:81:12:8e:77:e0:a0:ca:a2:ec:38:c0:
9f:60:b4:40:b5:14:84:44:20:98:2b:5b:24:5e:c7:
cf:b6:c1:fb:f3:d3:6c:93:07:43:32:17:c3:99:d9:
53:1a:ed:62:17:3f:2f:72:58:87:79:92:b5:5d:19:
22:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BD:4B:80:69:5A:F6:93:A9:D2:5C:6C:9A:16:BD:B2:82:9D:AC:BB
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.139.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ed:99:54:e0:5f:af:f7:90:2a:87:81:99:a5:a5:da:dd:c1:
31:49:cd:5d:e7:02:a9:eb:de:1a:38:ba:7d:62:12:4b:cc:70:
a7:34:b9:5b:fc:24:cc:07:2f:e5:7f:ae:ec:b8:70:5d:9e:e9:
b6:11:61:97:c6:54:04:d1:5c:90:eb:09:09:f4:88:44:b9:f8:
f4:b9:fb:59:3b:bc:f9:83:0e:d1:d8:ee:98:30:52:00:43:45:
33:cc:f3:20:5f:13:d2:e7:22:74:98:bd:c9:4d:07:dc:a8:fc:
f7:56:63:ec:b8:8a:57:ea:a0:b7:fa:69:14:51:a9:e4:4d:b1:
b0:27:7f:d5:f3:f5:ec:a3:f3:03:d2:b6:e5:d6:15:f3:bb:e0:
d9:f4:16:d3:cb:e7:2d:8e:1a:37:8a:48:44:05:c3:1e:75:5f:
c2:44:a0:29:7f:ec:b6:f1:a1:37:a9:de:f5:6d:2a:f7:bd:c3:
8c:88:0b:2d:d7:cf:c8:ee:f3:69:d8:d8:fc:fe:8a:cf:fd:ae:
c4:18:fd:28:57:0c:e8:3b:74:e4:bf:93:fb:bd:18:19:ba:42:
72:17:6e:83:79:4a:55:4b:d4:72:7c:a3:9b:47:c4:21:7e:b3:
40:46:ee:74:6a:07:28:92:25:f7:f8:a7:2c:be:dc:a4:9a:a4:
74:2b:2a:45
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUH4OnfsLgZ18PGws00cp11EUKZ1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjAyMDkwMzQ1NDJaFw0yNzAyMDgwMzUwNDJaMDMxMTAvBgNV
BAMTKDI4QkQ0QjgwNjk1QUY2OTNBOUQyNUM2QzlBMTZCREIyODI5REFDQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8VLA9cu43Uu0e+C0aROko18IA
hC3EQ8Tw2xBVlqn1yhIXRGS9rPTVK3jm6g7uDHB56tWfQ5YJeWmy256r1A5bBuRS
gRjcYjEnFSFx+Z/FSRHdb8Ng+09qgoDjfgRlHyfkM9SgB/mNRwWkW5GGt76CjrUW
GC2MBK170poTsSLQzCV7BLKUdXw/mDV3hy8rygGJo+bpkUgc8N+V1KnSTHmCD21f
modfKDkwx2/2yjoc5cu+B4CG6CiXjrCuMFigyhlMi1yP1saBEo534KDKouw4wJ9g
tEC1FIREIJgrWyRex8+2wfvz02yTB0MyF8OZ2VMa7WIXPy9yWId5krVdGSJ9AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUKL1LgGla9pOp0lxsmha9soKdrLswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMzMxMzkzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1b
izANBgkqhkiG9w0BAQsFAAOCAQEAKu2ZVOBfr/eQKoeBmaWl2t3BMUnNXecCqeve
Gji6fWISS8xwpzS5W/wkzAcv5X+u7LhwXZ7pthFhl8ZUBNFckOsJCfSIRLn49Ln7
WTu8+YMO0djumDBSAENFM8zzIF8T0ucidJi9yU0H3Kj891Zj7LiKV+qgt/ppFFGp
5E2xsCd/1fP17KPzA9K25dYV87vg2fQW08vnLY4aN4pIRAXDHnVfwkSgKX/stvGh
N6ne9W0q973DjIgLLdfPyO7zadjY/P6Kz/2uxBj9KFcM6Dt05L+T+70YGbpCchdu
g3lKVUvUcnyjm0fEIX6zQEbudGoHKJIl9/inLL7cpJqkdCsqRQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:32:04 2026 by rpki-client