Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38342e302f32342d3234203d3e20323134303235.roa
File: 34332e3233302e38342e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: nt04/wEfv1QT+Dsh1YUBXhoD3Q2lFYZqzOpcVbW7ex0=
Subject key identifier: 7B:6B:64:A7:1F:6D:21:E2:DC:24:C8:0B:2C:DA:B9:62:97:3C:FE:BA
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 555CB7C859FE87BEE2839D030D43D6D87CC03907
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38342e302f32342d3234203d3e20323134303235.roa
Signing time: Thu 02 Apr 2026 04:03:58 +0000
ROA not before: Thu 02 Apr 2026 03:58:58 +0000
ROA not after: Thu 01 Apr 2027 04:03:58 +0000
asID: 214025
IP address blocks: 43.230.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:5c:b7:c8:59:fe:87:be:e2:83:9d:03:0d:43:d6:d8:7c:c0:39:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Apr 2 03:58:58 2026 GMT
Not After : Apr 1 04:03:58 2027 GMT
Subject: CN=7B6B64A71F6D21E2DC24C80B2CDAB962973CFEBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:10:e7:8a:70:ac:51:cb:d6:d1:ea:98:8a:08:
a0:f2:07:a4:91:7c:5b:d7:af:47:5d:21:44:10:a5:
16:bc:09:6f:6a:5e:c3:b9:11:3d:f2:23:09:11:1f:
1a:93:5d:4f:bd:cc:05:86:e7:82:44:dc:6c:91:18:
4a:24:99:10:a2:b3:ad:7f:0f:5e:62:09:fa:72:20:
f6:b8:e3:5d:94:eb:4d:12:95:62:16:ce:f7:e9:8a:
71:5d:fa:60:a8:72:74:14:b0:6f:d1:b8:f7:dd:e8:
a7:67:c9:13:2a:5e:55:c9:24:fe:1c:28:42:9c:1b:
5f:e6:8a:fe:cc:fe:ae:f0:4a:96:b3:76:9c:b2:c1:
c1:77:ed:41:4a:2b:cb:ca:3e:d5:e6:6a:c2:a6:15:
a8:17:b3:59:24:7a:f8:12:c7:38:2b:73:81:e8:93:
bd:e6:09:06:0a:e6:39:e1:d4:e8:b9:31:75:cc:05:
05:d6:de:05:94:f6:0e:7b:b0:52:81:7e:84:58:7b:
2e:e2:11:f7:55:a8:12:85:62:87:e0:cc:27:ab:f5:
94:42:2c:4d:30:93:a6:d3:0b:fd:d9:54:91:49:7f:
c8:ea:7a:09:2d:5d:69:e0:97:93:a1:81:f5:a9:36:
72:b8:70:51:52:b1:5e:8d:80:47:b3:dc:57:b5:03:
f8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:6B:64:A7:1F:6D:21:E2:DC:24:C8:0B:2C:DA:B9:62:97:3C:FE:BA
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38342e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.84.0/24
Signature Algorithm: sha256WithRSAEncryption
03:0f:80:ad:a9:d6:4e:92:cc:91:b0:4e:3d:8c:7e:1a:f0:94:
e8:99:af:9e:d0:2f:14:9f:50:fa:9b:98:1b:80:db:f5:1a:26:
21:d7:eb:7a:f3:99:5d:c8:35:7a:ed:f8:a3:96:64:f4:a0:f6:
98:a9:03:97:8f:ce:9b:ed:e0:f8:8b:6e:3e:45:c7:a7:c3:c5:
8d:ab:bd:44:b0:cd:6b:ce:5b:1e:fd:95:29:46:b4:4d:31:77:
43:9a:23:cd:c3:8b:f7:e9:4b:28:d0:f9:f5:ff:88:7c:bd:79:
e4:4b:f6:4a:d4:e2:a4:51:64:70:ab:1e:d2:5a:13:e1:50:c8:
92:a5:88:ac:1b:45:49:eb:e9:bc:e9:22:07:54:02:16:ee:8a:
06:d9:bc:55:d5:80:59:a4:66:61:a7:ea:77:ad:f9:86:90:b1:
e0:f2:de:97:ce:e5:73:19:f9:b7:8b:1f:0f:c8:8a:77:0c:00:
97:69:1c:f5:fa:26:7c:2a:94:2a:76:db:3c:72:10:ae:88:81:
11:44:17:3a:5b:ed:c3:9a:57:37:33:f0:70:f6:e3:8b:6f:59:
19:67:b2:06:c6:a5:fa:4e:31:c2:63:0b:c5:e9:24:21:2b:52:
f1:48:c0:f4:54:bb:94:80:95:20:c4:a7:57:2d:b7:a7:3f:7d:
91:c7:19:da
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVVy3yFn+h77ig50DDUPW2HzAOQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNjA0MDIwMzU4NThaFw0yNzA0MDEwNDAzNThaMDMxMTAvBgNV
BAMTKDdCNkI2NEE3MUY2RDIxRTJEQzI0QzgwQjJDREFCOTYyOTczQ0ZFQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdEOeKcKxRy9bR6piKCKDyB6SR
fFvXr0ddIUQQpRa8CW9qXsO5ET3yIwkRHxqTXU+9zAWG54JE3GyRGEokmRCis61/
D15iCfpyIPa4412U600SlWIWzvfpinFd+mCocnQUsG/RuPfd6KdnyRMqXlXJJP4c
KEKcG1/miv7M/q7wSpazdpyywcF37UFKK8vKPtXmasKmFagXs1kkevgSxzgrc4Ho
k73mCQYK5jnh1Oi5MXXMBQXW3gWU9g57sFKBfoRYey7iEfdVqBKFYofgzCer9ZRC
LE0wk6bTC/3ZVJFJf8jqegktXWngl5OhgfWpNnK4cFFSsV6NgEez3Fe1A/gHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUe2tkpx9tIeLcJMgLLNq5Ypc8/rowHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzQzMzJlMzIzMzMwMmUzODM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzAzMjM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
K+ZUMA0GCSqGSIb3DQEBCwUAA4IBAQADD4CtqdZOksyRsE49jH4a8JToma+e0C8U
n1D6m5gbgNv1GiYh1+t685ldyDV67fijlmT0oPaYqQOXj86b7eD4i24+Rcenw8WN
q71EsM1rzlse/ZUpRrRNMXdDmiPNw4v36Uso0Pn1/4h8vXnkS/ZK1OKkUWRwqx7S
WhPhUMiSpYisG0VJ6+m86SIHVAIW7ooG2bxV1YBZpGZhp+p3rfmGkLHg8t6XzuVz
Gfm3ix8PyIp3DACXaRz1+iZ8KpQqdts8chCuiIERRBc6W+3Dmlc3M/Bw9uOLb1kZ
Z7IGxqX6TjHCYwvF6SQhK1LxSMD0VLuUgJUgxKdXLbenP32Rxxna
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:14:41 2026 by rpki-client