Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/34362e31382e39302e302f32342d3234203d3e20323037313538.roa
File: 34362e31382e39302e302f32342d3234203d3e20323037313538.roa (raw, json)
Hash identifier: c3XGP2QOaAegFM0BJ/uAWNxnHJgzHzZj7rsmxO7Bggk=
Subject key identifier: 11:F2:00:4C:E0:BD:F6:15:BB:EF:AB:D6:B5:41:EA:1E:AF:1D:90:FE
Certificate issuer: /CN=d455dec4f1ebc2a64f5ccc2ee9292731eb82113d
Certificate serial: 5863DE1884B2BB372E1D698D8AADE1DDDA0DA14C
Authority key identifier: D4:55:DE:C4:F1:EB:C2:A6:4F:5C:CC:2E:E9:29:27:31:EB:82:11:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FXexPHrwqZPXMwu6SknMeuCET0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/34362e31382e39302e302f32342d3234203d3e20323037313538.roa
Signing time: Fri 17 Apr 2026 09:48:54 +0000
ROA not before: Fri 17 Apr 2026 09:43:54 +0000
ROA not after: Fri 16 Apr 2027 09:48:54 +0000
asID: 207158
IP address blocks: 46.18.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/D455DEC4F1EBC2A64F5CCC2EE9292731EB82113D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/D455DEC4F1EBC2A64F5CCC2EE9292731EB82113D.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FXexPHrwqZPXMwu6SknMeuCET0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:29:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:63:de:18:84:b2:bb:37:2e:1d:69:8d:8a:ad:e1:dd:da:0d:a1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d455dec4f1ebc2a64f5ccc2ee9292731eb82113d
Validity
Not Before: Apr 17 09:43:54 2026 GMT
Not After : Apr 16 09:48:54 2027 GMT
Subject: CN=11F2004CE0BDF615BBEFABD6B541EA1EAF1D90FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ae:cd:66:76:33:77:09:51:aa:79:e1:27:f4:
90:06:9a:0c:5c:1e:22:d7:d4:7f:90:80:87:05:e1:
2f:35:ad:b1:39:fe:0d:23:f6:82:d3:6c:f2:a9:8d:
0c:3a:83:19:2a:e0:fe:68:21:99:44:aa:26:f1:0c:
bd:bf:05:bc:a8:f9:9e:a2:13:6a:7c:2b:e3:14:09:
0f:8a:7d:be:0c:0b:a8:a4:ab:29:63:46:ee:66:6d:
3f:d7:af:7a:8d:db:9e:2d:fd:90:95:53:98:6a:07:
d5:9c:29:52:18:8c:ee:2a:6e:09:56:04:2c:6d:cd:
0e:63:41:7f:0f:40:57:40:8f:36:6c:ae:3a:f8:49:
6f:33:06:59:48:79:22:bf:89:4d:dc:cc:ce:7e:47:
cb:59:0d:05:86:03:8b:72:02:90:36:e2:77:64:6f:
13:6b:d3:e8:b9:58:2a:83:d4:4a:01:1c:00:f4:c4:
d5:07:38:e6:05:f8:aa:bf:bd:06:43:2a:fe:a8:a4:
e0:8b:1b:62:5e:e1:b6:da:18:e5:16:5f:bd:d6:94:
1d:15:59:54:36:b4:4f:4c:98:c9:f8:2d:cf:e4:91:
03:f4:d1:94:27:7b:7d:14:d8:bf:1d:a3:4d:31:90:
27:d8:c1:cc:64:60:be:d2:e0:4e:0c:f0:6d:52:f9:
33:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F2:00:4C:E0:BD:F6:15:BB:EF:AB:D6:B5:41:EA:1E:AF:1D:90:FE
X509v3 Authority Key Identifier:
keyid:D4:55:DE:C4:F1:EB:C2:A6:4F:5C:CC:2E:E9:29:27:31:EB:82:11:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/D455DEC4F1EBC2A64F5CCC2EE9292731EB82113D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FXexPHrwqZPXMwu6SknMeuCET0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/34362e31382e39302e302f32342d3234203d3e20323037313538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.90.0/24
Signature Algorithm: sha256WithRSAEncryption
64:4b:cf:cf:d5:a7:91:65:d1:20:c7:94:25:15:2d:7d:52:7c:
f3:e2:d5:47:53:80:cd:f0:10:2c:fb:13:36:3f:53:54:bd:8d:
bc:a3:f8:0c:25:ec:97:02:6f:e9:f4:ab:73:30:db:83:17:cc:
aa:c6:5f:68:40:a3:31:fc:95:49:a1:d6:cd:b3:76:2e:2c:5b:
4a:80:44:21:f8:d8:6e:1a:3a:3d:b0:ed:73:02:51:ed:a5:52:
39:93:6e:40:ee:ec:2b:82:3b:15:f6:8d:20:03:ec:1b:5b:90:
07:57:27:29:86:9f:de:9b:da:ae:4a:4e:45:8f:bd:2a:df:ae:
d0:5a:fd:d5:06:43:69:d1:37:e8:27:67:d2:04:48:00:cb:b4:
2b:99:8f:36:81:a5:97:29:30:cd:ac:77:66:98:61:dc:9d:3d:
c6:8a:58:7b:07:6a:71:1a:5c:a0:73:ce:f6:83:dc:60:ff:d9:
57:32:48:fa:9b:6f:61:1a:4f:44:43:f6:5e:c1:53:3a:4a:ee:
e9:08:44:db:0d:72:bf:bc:a8:b9:5e:0b:a8:f8:75:00:09:27:
7f:a0:6f:3f:46:8d:27:89:0c:93:9f:c2:b8:3b:81:33:a1:b8:
52:81:a5:0c:12:44:0d:24:6c:07:a7:79:b3:6b:2e:95:e6:fd:
50:25:b5:78
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWGPeGISyuzcuHWmNiq3h3doNoUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDQ1NWRlYzRmMWViYzJhNjRmNWNjYzJlZTkyOTI3MzFl
YjgyMTEzZDAeFw0yNjA0MTcwOTQzNTRaFw0yNzA0MTYwOTQ4NTRaMDMxMTAvBgNV
BAMTKDExRjIwMDRDRTBCREY2MTVCQkVGQUJENkI1NDFFQTFFQUYxRDkwRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwrs1mdjN3CVGqeeEn9JAGmgxc
HiLX1H+QgIcF4S81rbE5/g0j9oLTbPKpjQw6gxkq4P5oIZlEqibxDL2/Bbyo+Z6i
E2p8K+MUCQ+Kfb4MC6ikqyljRu5mbT/Xr3qN254t/ZCVU5hqB9WcKVIYjO4qbglW
BCxtzQ5jQX8PQFdAjzZsrjr4SW8zBllIeSK/iU3czM5+R8tZDQWGA4tyApA24ndk
bxNr0+i5WCqD1EoBHAD0xNUHOOYF+Kq/vQZDKv6opOCLG2Je4bbaGOUWX73WlB0V
WVQ2tE9MmMn4Lc/kkQP00ZQne30U2L8do00xkCfYwcxkYL7S4E4M8G1S+TORAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUEfIATOC99hW776vWtUHqHq8dkP4wHwYDVR0j
BBgwFoAU1FXexPHrwqZPXMwu6SknMeuCET0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzhkMDhiMzAtNjRjNy00MDRiLTk4NzMtMmUwNGJkNzRj
MTQwLzAvRDQ1NURFQzRGMUVCQzJBNjRGNUNDQzJFRTkyOTI3MzFFQjgyMTEzRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFGWGV4UEhyd3FaUFhNd3U2U2tuTWV1
Q0VUMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzhkMDhiMzAt
NjRjNy00MDRiLTk4NzMtMmUwNGJkNzRjMTQwLzAvMzQzNjJlMzEzODJlMzkzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzUzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4S
WjANBgkqhkiG9w0BAQsFAAOCAQEAZEvPz9WnkWXRIMeUJRUtfVJ88+LVR1OAzfAQ
LPsTNj9TVL2NvKP4DCXslwJv6fSrczDbgxfMqsZfaECjMfyVSaHWzbN2LixbSoBE
IfjYbho6PbDtcwJR7aVSOZNuQO7sK4I7FfaNIAPsG1uQB1cnKYaf3pvarkpORY+9
Kt+u0Fr91QZDadE36Cdn0gRIAMu0K5mPNoGllykwzax3Zphh3J09xopYewdqcRpc
oHPO9oPcYP/ZVzJI+ptvYRpPREP2XsFTOkru6QhE2w1yv7youV4LqPh1AAknf6Bv
P0aNJ4kMk5/CuDuBM6G4UoGlDBJEDSRsB6d5s2suleb9UCW1eA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:23:49 2026 by rpki-client