Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35362e302f32342d3234203d3e203634323637.roa
File: 34352e38312e35362e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: qsXeuHbADvuh5upr+8Iu3ECZr4FlfF2jhb73a28zYXw=
Subject key identifier: B2:56:8A:A7:6A:FC:5C:21:AD:D6:AB:56:2D:47:48:C6:B5:AA:84:F2
Certificate issuer: /CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Certificate serial: 79983E29915BD35DADA5C8549E0297F2EC445976
Authority key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35362e302f32342d3234203d3e203634323637.roa
Signing time: Wed 29 Oct 2025 13:55:10 +0000
ROA not before: Wed 29 Oct 2025 13:50:10 +0000
ROA not after: Wed 28 Oct 2026 13:55:10 +0000
asID: 64267
IP address blocks: 45.81.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:98:3e:29:91:5b:d3:5d:ad:a5:c8:54:9e:02:97:f2:ec:44:59:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Validity
Not Before: Oct 29 13:50:10 2025 GMT
Not After : Oct 28 13:55:10 2026 GMT
Subject: CN=B2568AA76AFC5C21ADD6AB562D4748C6B5AA84F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ea:72:d0:a2:22:ea:28:f8:c3:35:b0:16:df:
fe:0e:ea:12:6b:a4:a9:ef:1d:53:2c:c4:99:94:5d:
e5:06:6e:8c:22:17:de:9e:14:8f:4d:d0:69:9c:dc:
09:04:b1:70:c5:a5:e1:50:56:c8:c9:f5:34:bd:88:
18:e4:6b:5a:eb:3a:0e:26:bd:4a:0d:4b:fb:9b:7b:
c8:5b:75:6d:99:eb:a2:fa:5c:dc:34:68:b2:88:10:
26:c2:08:3d:1b:43:f8:f5:8a:af:a0:32:96:fd:9c:
2c:07:c8:07:d4:98:c3:0b:d8:d5:45:05:27:eb:82:
b9:e9:64:9d:d6:fa:1f:d7:b8:00:d6:bc:4c:f0:b8:
5d:1b:dc:be:3b:88:d1:e2:a5:c5:cc:8f:3d:75:6d:
a1:ca:bf:9e:18:9b:9a:1d:49:4f:5f:47:e0:40:7b:
b3:3a:80:c3:88:77:65:a4:93:c4:89:08:5e:8b:45:
1e:0e:74:41:c9:12:50:6c:03:61:76:5f:61:59:fe:
30:d0:9f:3e:28:34:81:76:ed:86:c9:eb:66:24:29:
86:5e:f2:d1:d8:89:d9:5f:9d:09:07:1a:23:63:f9:
fc:f9:e9:a7:c6:72:11:77:d0:47:42:8a:c7:2c:70:
75:72:c2:fe:c2:91:63:92:51:5b:d9:8f:44:d7:48:
3a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:56:8A:A7:6A:FC:5C:21:AD:D6:AB:56:2D:47:48:C6:B5:AA:84:F2
X509v3 Authority Key Identifier:
keyid:5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35362e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.56.0/24
Signature Algorithm: sha256WithRSAEncryption
92:57:4f:39:72:a0:59:4f:0d:f4:4b:69:08:08:3b:aa:b3:f6:
88:71:c5:eb:62:eb:a7:58:7c:4c:f5:7f:37:c8:19:3e:40:b9:
01:15:64:53:d5:e4:f1:5d:b5:da:26:91:28:16:3d:0b:af:fe:
0c:b3:01:f8:43:8e:12:92:5e:da:b3:aa:ba:60:ab:0e:a5:65:
3e:c3:0d:66:a0:05:32:0c:70:28:f2:10:40:ae:b5:13:48:8a:
6d:40:e9:51:e4:7c:cc:d5:6b:da:de:53:3a:ca:c9:c0:d5:77:
46:f0:cd:e6:d7:07:2a:1c:15:13:e5:b8:4d:e4:a5:e3:96:a2:
82:2e:92:cb:33:9c:bb:97:10:0e:81:31:c5:6d:b3:d8:52:2b:
95:c8:02:7d:c0:be:be:7e:b7:dc:04:28:b6:0d:11:7b:dc:d8:
b6:3a:95:8c:8b:85:89:d4:da:df:2b:72:40:68:7a:d2:a8:13:
84:54:96:9e:29:e5:0b:ea:29:9b:6d:7b:d3:c9:7f:03:a8:dd:
bb:61:a6:8b:5d:94:6e:16:6a:30:15:90:23:6a:2a:26:04:cc:
33:56:31:b1:c1:56:7a:1f:65:2b:9f:67:d8:c7:78:0f:f4:05:
6c:c6:57:ab:78:2c:35:d9:34:58:25:dd:87:0d:d3:94:de:47:
05:f7:65:ce
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUeZg+KZFb012tpchUngKX8uxEWXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRhMzIxNWFiZmE0NjIxZDU3NzA5ZjgzOGE5MjgwMWYy
ZTkwZGRmZTAeFw0yNTEwMjkxMzUwMTBaFw0yNjEwMjgxMzU1MTBaMDMxMTAvBgNV
BAMTKEIyNTY4QUE3NkFGQzVDMjFBREQ2QUI1NjJENDc0OEM2QjVBQTg0RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN6nLQoiLqKPjDNbAW3/4O6hJr
pKnvHVMsxJmUXeUGbowiF96eFI9N0Gmc3AkEsXDFpeFQVsjJ9TS9iBjka1rrOg4m
vUoNS/ube8hbdW2Z66L6XNw0aLKIECbCCD0bQ/j1iq+gMpb9nCwHyAfUmMML2NVF
BSfrgrnpZJ3W+h/XuADWvEzwuF0b3L47iNHipcXMjz11baHKv54Ym5odSU9fR+BA
e7M6gMOId2Wkk8SJCF6LRR4OdEHJElBsA2F2X2FZ/jDQnz4oNIF27YbJ62YkKYZe
8tHYidlfnQkHGiNj+fz56afGchF30EdCiscscHVywv7CkWOSUVvZj0TXSDpJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUslaKp2r8XCGt1qtWLUdIxrWqhPIwHwYDVR0j
BBgwFoAUXaMhWr+kYh1XcJ+DipKAHy6Q3f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYyNDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNj
Y2JiLzAvNURBMzIxNUFCRkE0NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hhTWhXci1rWWgxWGNKLURpcEtBSHk2
UTNmNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYyNDU2N2It
N2E3NC00YzFmLWFhODUtZGQyNGFmNzNjY2JiLzAvMzQzNTJlMzgzMTJlMzUzNjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzQzMjM2Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtUTgw
DQYJKoZIhvcNAQELBQADggEBAJJXTzlyoFlPDfRLaQgIO6qz9ohxxeti66dYfEz1
fzfIGT5AuQEVZFPV5PFdtdomkSgWPQuv/gyzAfhDjhKSXtqzqrpgqw6lZT7DDWag
BTIMcCjyEECutRNIim1A6VHkfMzVa9reUzrKycDVd0bwzebXByocFRPluE3kpeOW
ooIukssznLuXEA6BMcVts9hSK5XIAn3Avr5+t9wEKLYNEXvc2LY6lYyLhYnU2t8r
ckBoetKoE4RUlp4p5QvqKZtte9PJfwOo3bthpotdlG4WajAVkCNqKiYEzDNWMbHB
VnofZSufZ9jHeA/0BWzGV6t4LDXZNFgl3YcN05TeRwX3Zc4=
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:54:12 2025 by rpki-client