Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa
File: 34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: V9x7UhaM0q29T8H8XPtdaeU7ryeW8HoO7AB5EWt3qxM=
Subject key identifier: 74:7D:AB:14:6B:08:82:48:A8:87:CD:82:E6:CC:48:9B:45:85:C5:4F
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 2B7673CF3C721AA05F9452FE631CBF83DF46CC54
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 05 Feb 2026 11:55:37 +0000
ROA not before: Thu 05 Feb 2026 11:50:37 +0000
ROA not after: Thu 04 Feb 2027 11:55:37 +0000
asID: 212238
IP address blocks: 45.146.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:76:73:cf:3c:72:1a:a0:5f:94:52:fe:63:1c:bf:83:df:46:cc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 5 11:50:37 2026 GMT
Not After : Feb 4 11:55:37 2027 GMT
Subject: CN=747DAB146B088248A887CD82E6CC489B4585C54F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b5:7e:36:7f:6c:3b:69:c5:40:25:ce:8a:60:
6e:ba:c0:02:5b:ae:d2:c0:99:ea:df:b7:9f:15:84:
4c:b3:e5:2d:6a:c7:1b:a1:c5:0c:c4:39:b2:1f:af:
35:02:a3:db:b8:01:bb:90:4a:b0:23:af:ed:b6:0c:
cb:88:f1:5e:11:22:0d:b6:d8:2f:2b:c2:bd:1d:85:
52:4a:c3:e3:5d:31:33:72:1a:26:2b:1f:04:19:4b:
6e:59:58:23:29:d2:5c:4e:af:0d:29:10:58:76:10:
ad:08:cb:ce:91:55:54:7f:f6:0d:18:83:a5:59:b0:
5e:1d:ca:1d:d3:07:91:ce:ea:38:4a:46:e0:1a:73:
f7:bc:f9:76:e0:40:78:5b:7b:24:fd:68:82:23:8b:
ec:59:00:d0:a7:3d:3e:19:79:bb:e3:e8:40:b8:fe:
c3:a9:fe:fb:d5:2e:13:d3:03:7b:87:90:70:e4:ef:
d7:6c:43:76:5b:38:f4:91:2d:af:22:c9:5b:13:70:
5c:33:db:2e:42:3c:78:d4:f0:83:4d:d8:1e:29:31:
b0:18:ee:c7:8f:f4:8d:29:4b:c4:67:35:54:ff:6e:
a2:65:d5:32:2a:9d:c9:8f:40:bf:c5:44:8d:f7:d9:
cf:e9:78:15:03:88:89:db:00:f7:50:c4:2e:09:4e:
d8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7D:AB:14:6B:08:82:48:A8:87:CD:82:E6:CC:48:9B:45:85:C5:4F
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.105.0/24
Signature Algorithm: sha256WithRSAEncryption
13:0d:c4:d2:84:3a:14:f6:56:ef:f9:6b:a1:26:60:b2:6e:14:
56:1f:8c:26:ef:b5:f7:c9:3b:d7:f4:de:58:c0:4d:04:6b:7a:
ec:78:43:34:fb:41:c2:b7:74:9d:bb:54:6b:38:10:01:dc:8f:
70:b5:84:8f:88:70:b9:ef:a4:e5:33:f1:bb:1c:1d:f5:3f:5c:
5f:7c:f7:6e:78:7a:ba:c5:a1:ab:d9:46:63:46:80:cf:be:7d:
46:6a:17:f8:69:ca:c0:8c:ea:df:90:32:fb:ca:f9:a6:82:2a:
eb:c1:c6:3f:96:cc:b1:80:43:73:01:7d:46:87:0f:3c:d3:35:
02:6e:62:bf:b3:30:70:5d:25:d4:88:4b:e8:d7:a0:6e:2f:73:
b8:e7:fe:d0:c7:4a:26:20:e9:d0:0f:bd:06:74:8f:bd:d7:e1:
8c:75:41:b5:9b:92:49:47:79:48:22:1d:0a:59:c9:e7:0e:78:
ee:a6:b9:cf:20:85:82:0e:ab:5d:57:f3:de:6e:00:ad:aa:e6:
55:d8:63:80:f7:c0:23:8d:83:6e:30:35:9e:00:1d:2e:90:59:
b9:cb:cd:d2:ac:51:ad:ba:41:92:bf:36:8a:72:60:be:69:ea:
4c:44:04:8b:33:7c:8f:b1:56:6f:cb:30:0c:05:af:4c:68:15:
56:46:35:53
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUK3ZzzzxyGqBflFL+Yxy/g99GzFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAyMDUxMTUwMzdaFw0yNzAyMDQxMTU1MzdaMDMxMTAvBgNV
BAMTKDc0N0RBQjE0NkIwODgyNDhBODg3Q0Q4MkU2Q0M0ODlCNDU4NUM1NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDktX42f2w7acVAJc6KYG66wAJb
rtLAmerft58VhEyz5S1qxxuhxQzEObIfrzUCo9u4AbuQSrAjr+22DMuI8V4RIg22
2C8rwr0dhVJKw+NdMTNyGiYrHwQZS25ZWCMp0lxOrw0pEFh2EK0Iy86RVVR/9g0Y
g6VZsF4dyh3TB5HO6jhKRuAac/e8+XbgQHhbeyT9aIIji+xZANCnPT4Zebvj6EC4
/sOp/vvVLhPTA3uHkHDk79dsQ3ZbOPSRLa8iyVsTcFwz2y5CPHjU8INN2B4pMbAY
7seP9I0pS8RnNVT/bqJl1TIqncmPQL/FRI332c/peBUDiInbAPdQxC4JTtiZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdH2rFGsIgkioh82C5sxIm0WFxU8wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmkwDQYJKoZIhvcNAQELBQADggEBABMNxNKEOhT2Vu/5a6EmYLJuFFYfjCbv
tffJO9f03ljATQRreux4QzT7QcK3dJ27VGs4EAHcj3C1hI+IcLnvpOUz8bscHfU/
XF989254errFoavZRmNGgM++fUZqF/hpysCM6t+QMvvK+aaCKuvBxj+WzLGAQ3MB
fUaHDzzTNQJuYr+zMHBdJdSIS+jXoG4vc7jn/tDHSiYg6dAPvQZ0j73X4Yx1QbWb
kklHeUgiHQpZyecOeO6muc8ghYIOq11X895uAK2q5lXYY4D3wCONg24wNZ4AHS6Q
WbnLzdKsUa26QZK/NopyYL5p6kxEBIszfI+xVm/LMAwFr0xoFVZGNVM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:30:11 2026 by rpki-client