Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323034313334.roa
File: 352e3138312e3137362e302f32342d3234203d3e20323034313334.roa (raw, json)
Hash identifier: GZWF23emtLLWhRMFLrIz0U/JkVUZ2+Qs+Ixrc7cmugY=
Subject key identifier: 4D:85:31:84:85:AC:9E:D4:71:09:C5:81:1E:4A:91:85:D4:56:64:FA
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5A84A17D7FBFF8EB2C3D971B1039CD8D371741D6
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323034313334.roa
Signing time: Sat 28 Mar 2026 20:45:01 +0000
ROA not before: Sat 28 Mar 2026 20:40:01 +0000
ROA not after: Sat 27 Mar 2027 20:45:01 +0000
asID: 204134
IP address blocks: 5.181.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:84:a1:7d:7f:bf:f8:eb:2c:3d:97:1b:10:39:cd:8d:37:17:41:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 28 20:40:01 2026 GMT
Not After : Mar 27 20:45:01 2027 GMT
Subject: CN=4D85318485AC9ED47109C5811E4A9185D45664FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e2:4b:0b:f2:32:01:4b:e5:26:2f:04:6a:ae:
81:7c:18:e6:7c:d8:b3:73:42:e7:ef:ff:22:52:9c:
45:d8:b5:b0:40:e3:f9:33:ad:fd:4c:5f:ed:34:fe:
2c:26:a5:7b:44:9c:2a:5e:8b:db:0b:c6:f4:71:46:
e0:de:fb:c5:1a:6a:a6:84:b8:7e:ed:05:36:9e:f8:
88:41:e6:e0:ae:d1:7c:0a:34:a7:fa:2e:95:72:b8:
c4:76:4f:1a:f9:4b:6d:a4:0e:a9:87:16:ea:b6:fc:
35:db:7a:6c:fc:00:ee:8f:ec:56:50:78:09:ee:e7:
33:cd:7f:62:a5:75:87:00:e6:f4:70:e4:b8:0d:b3:
1f:38:23:93:21:f7:cf:03:9f:b3:a1:11:93:24:46:
11:bc:cd:5e:27:73:ca:12:00:a6:9b:11:c3:f2:66:
6e:46:42:15:f6:50:44:a1:6a:7e:75:14:8a:ed:dd:
7a:25:b5:e6:ec:65:ea:71:9c:99:2f:63:1a:d1:44:
34:12:24:e7:6b:9e:86:4a:f0:4f:22:ee:a9:0a:7a:
cc:13:8b:76:c8:44:00:c6:b5:77:ba:46:4e:68:0b:
7c:bf:32:20:ed:dd:6e:bd:d2:71:e6:65:68:c3:6c:
c2:62:91:ac:21:32:bd:91:48:e9:1f:11:44:c5:60:
3c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:85:31:84:85:AC:9E:D4:71:09:C5:81:1E:4A:91:85:D4:56:64:FA
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323034313334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.176.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:73:71:71:d1:67:a2:b4:6c:58:7e:a6:c3:4f:06:44:af:54:
99:9a:f3:01:18:74:7c:72:df:4a:24:2e:4b:5b:83:cf:77:b8:
af:35:48:73:5f:a1:d6:f2:fd:ef:ab:09:9b:4d:d4:99:6f:c8:
69:05:ae:70:c6:df:37:ba:1d:de:6f:17:89:dd:91:e6:f8:6f:
46:20:b7:74:8f:46:02:f9:7c:2d:f6:4d:ac:40:81:4b:43:78:
03:b2:d0:06:09:0e:d9:37:12:09:3d:f5:cf:91:27:dd:cd:06:
69:c9:0a:d6:f6:f6:71:ca:ae:81:a6:84:aa:62:54:3a:da:42:
39:4a:0c:1e:a7:76:45:96:15:5e:75:d7:d1:80:ea:0d:5b:d5:
06:24:af:8f:6f:1b:2f:8c:3e:32:80:de:25:7b:75:5d:6a:8a:
f6:fd:de:38:76:7f:c2:c7:8b:9d:0d:ef:99:8a:f3:a2:83:f0:
d0:1a:15:16:38:86:c7:76:09:52:69:57:be:ac:36:c6:db:1c:
d7:47:96:b3:ad:08:f9:9a:c6:98:e3:f6:8e:fa:37:09:2e:57:
41:a0:6a:7d:1a:2f:d7:40:51:1a:12:fb:3a:e9:4e:74:9a:ff:
fa:7b:b0:20:24:88:37:51:6c:e2:01:ca:f0:ab:c5:13:12:10:
13:d1:11:1e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWoShfX+/+OssPZcbEDnNjTcXQdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjAzMjgyMDQwMDFaFw0yNzAzMjcyMDQ1MDFaMDMxMTAvBgNV
BAMTKDREODUzMTg0ODVBQzlFRDQ3MTA5QzU4MTFFNEE5MTg1RDQ1NjY0RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr4ksL8jIBS+UmLwRqroF8GOZ8
2LNzQufv/yJSnEXYtbBA4/kzrf1MX+00/iwmpXtEnCpei9sLxvRxRuDe+8UaaqaE
uH7tBTae+IhB5uCu0XwKNKf6LpVyuMR2Txr5S22kDqmHFuq2/DXbemz8AO6P7FZQ
eAnu5zPNf2KldYcA5vRw5LgNsx84I5Mh988Dn7OhEZMkRhG8zV4nc8oSAKabEcPy
Zm5GQhX2UEShan51FIrt3XoltebsZepxnJkvYxrRRDQSJOdrnoZK8E8i7qkKeswT
i3bIRADGtXe6Rk5oC3y/MiDt3W690nHmZWjDbMJikawhMr2RSOkfEUTFYDwpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTYUxhIWsntRxCcWBHkqRhdRWZPowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzMzM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWwMA0GCSqGSIb3DQEBCwUAA4IBAQCac3Fx0WeitGxYfqbDTwZEr1SZmvMBGHR8
ct9KJC5LW4PPd7ivNUhzX6HW8v3vqwmbTdSZb8hpBa5wxt83uh3ebxeJ3ZHm+G9G
ILd0j0YC+Xwt9k2sQIFLQ3gDstAGCQ7ZNxIJPfXPkSfdzQZpyQrW9vZxyq6BpoSq
YlQ62kI5Sgwep3ZFlhVeddfRgOoNW9UGJK+PbxsvjD4ygN4le3Vdaor2/d44dn/C
x4udDe+ZivOig/DQGhUWOIbHdglSaVe+rDbG2xzXR5azrQj5msaY4/aO+jcJLldB
oGp9Gi/XQFEaEvs66U50mv/6e7AgJIg3UWziAcrwq8UTEhAT0REe
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:40:00 2026 by rpki-client