Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135302e302f32342d3234203d3e20333937333733.roa
File: 34352e36362e3135302e302f32342d3234203d3e20333937333733.roa (raw, json)
Hash identifier: pqQl3e2pCUusFmVQbZmEOu3yKXeyiAgp/5DUklbgvdM=
Subject key identifier: C3:E8:84:4C:B5:34:1F:B2:97:72:2B:78:A3:45:BF:3C:C3:2F:26:8B
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 5BA616F8E367CE4EADC662F76B68B4B0932AE90F
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135302e302f32342d3234203d3e20333937333733.roa
Signing time: Thu 09 Apr 2026 17:47:04 +0000
ROA not before: Thu 09 Apr 2026 17:42:04 +0000
ROA not after: Thu 08 Apr 2027 17:47:04 +0000
asID: 397373
IP address blocks: 45.66.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:a6:16:f8:e3:67:ce:4e:ad:c6:62:f7:6b:68:b4:b0:93:2a:e9:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Apr 9 17:42:04 2026 GMT
Not After : Apr 8 17:47:04 2027 GMT
Subject: CN=C3E8844CB5341FB297722B78A345BF3CC32F268B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:47:5d:fa:8c:4a:ce:ed:6c:84:c2:ab:00:43:
6c:22:f6:dd:99:f5:5f:8e:7f:4e:75:09:33:31:2b:
39:77:5c:5b:cc:37:9d:4d:54:91:29:2a:10:05:1c:
79:22:e2:02:b0:73:2b:9c:b2:84:4c:73:46:5a:5b:
1c:d9:4b:8b:78:97:a9:6a:b8:90:e1:e2:a0:48:e8:
1f:61:59:56:ff:ff:92:80:98:61:d0:b8:74:89:5f:
d7:a4:42:3d:80:9e:38:72:f1:34:dc:9f:0d:c0:5a:
b8:83:29:7e:28:46:9a:e0:ae:44:b6:66:3f:fa:69:
31:11:e4:cb:a1:e6:0f:d9:45:53:e6:2d:62:aa:4c:
c0:57:6d:57:b3:c8:51:58:22:08:66:06:0f:17:48:
ef:27:0d:f8:a4:ce:11:b2:35:6e:fb:79:b7:59:41:
2f:76:23:4d:a9:99:04:13:dc:6d:12:ce:b9:e9:68:
4b:51:1c:bc:4e:ad:38:69:05:28:bc:9f:8d:64:da:
22:08:99:79:b3:85:24:90:30:07:33:a7:fd:45:f9:
a9:9a:ac:97:14:db:2f:5e:8e:42:e2:22:ba:f6:f2:
65:b4:fd:40:73:ef:c0:37:a4:c2:eb:36:be:9e:26:
02:b6:c3:81:4a:01:ec:81:21:d5:9e:7c:22:ef:1e:
70:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:E8:84:4C:B5:34:1F:B2:97:72:2B:78:A3:45:BF:3C:C3:2F:26:8B
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135302e302f32342d3234203d3e20333937333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.150.0/24
Signature Algorithm: sha256WithRSAEncryption
07:fc:7f:61:a6:cb:08:eb:ff:85:19:6d:d6:33:45:da:0b:3a:
d9:0a:44:50:5b:16:ce:51:51:41:d7:78:8c:6d:93:05:c1:7f:
79:14:b8:a8:a0:87:b5:b2:81:b6:98:e5:00:42:2c:0c:7d:fd:
de:65:4c:b9:72:9a:fa:82:e0:c5:e7:14:03:57:2c:94:00:91:
dd:8a:05:ed:12:df:7f:84:39:f2:df:dc:6a:6d:d0:b9:d0:51:
bf:f7:0c:7c:f8:4f:b1:31:9b:f8:23:86:ab:fc:11:f7:fd:98:
69:40:90:06:b4:08:2a:1a:25:40:3e:d6:52:f6:3c:be:bf:05:
0a:12:2f:ed:17:bc:64:d9:4a:05:e7:3d:df:af:64:e0:99:85:
ab:e3:ab:48:0d:d1:28:77:44:16:a6:6a:bb:c8:de:ce:c8:a5:
8b:20:d7:d0:99:e5:71:f9:fe:42:d6:f8:e7:3f:45:59:73:58:
d7:9f:d2:3c:fc:ad:09:be:2f:8d:60:7b:28:40:a7:68:43:a2:
dd:d3:6b:14:78:0e:93:31:64:4f:aa:4b:f5:28:ed:00:65:8e:
d2:36:57:10:44:06:59:87:04:e6:1a:91:19:33:0c:36:bd:17:
97:67:fd:b5:21:0c:aa:5b:4a:96:73:5e:33:91:38:46:21:fb:
cb:03:35:c8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUW6YW+ONnzk6txmL3a2i0sJMq6Q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNjA0MDkxNzQyMDRaFw0yNzA0MDgxNzQ3MDRaMDMxMTAvBgNV
BAMTKEMzRTg4NDRDQjUzNDFGQjI5NzcyMkI3OEEzNDVCRjNDQzMyRjI2OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvR136jErO7WyEwqsAQ2wi9t2Z
9V+Of051CTMxKzl3XFvMN51NVJEpKhAFHHki4gKwcyucsoRMc0ZaWxzZS4t4l6lq
uJDh4qBI6B9hWVb//5KAmGHQuHSJX9ekQj2Anjhy8TTcnw3AWriDKX4oRprgrkS2
Zj/6aTER5Muh5g/ZRVPmLWKqTMBXbVezyFFYIghmBg8XSO8nDfikzhGyNW77ebdZ
QS92I02pmQQT3G0SzrnpaEtRHLxOrThpBSi8n41k2iIImXmzhSSQMAczp/1F+ama
rJcU2y9ejkLiIrr28mW0/UBz78A3pMLrNr6eJgK2w4FKAeyBIdWefCLvHnAZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUw+iETLU0H7KXcit4o0W/PMMvJoswHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzYzNjJlMzEzNTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM3MzMzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUKWMA0GCSqGSIb3DQEBCwUAA4IBAQAH/H9hpssI6/+FGW3WM0XaCzrZCkRQWxbO
UVFB13iMbZMFwX95FLiooIe1soG2mOUAQiwMff3eZUy5cpr6guDF5xQDVyyUAJHd
igXtEt9/hDny39xqbdC50FG/9wx8+E+xMZv4I4ar/BH3/ZhpQJAGtAgqGiVAPtZS
9jy+vwUKEi/tF7xk2UoF5z3fr2TgmYWr46tIDdEod0QWpmq7yN7OyKWLINfQmeVx
+f5C1vjnP0VZc1jXn9I8/K0Jvi+NYHsoQKdoQ6Ld02sUeA6TMWRPqkv1KO0AZY7S
NlcQRAZZhwTmGpEZMww2vReXZ/21IQyqW0qWc14zkThGIfvLAzXI
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:33:02 2026 by rpki-client