Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130372e302f32342d3234203d3e20323134303235.roa
File: 34352e3134362e3130372e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: PQKqpCThen/jOxauldwF3BkKUpUg+d450E1F3CjP1CM=
Subject key identifier: 04:1D:79:04:E8:0F:3F:CF:27:A2:06:60:F0:BD:40:19:F2:4B:EC:CB
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 5881496F3099AD47B3B01942C68EF94AEF5CE885
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130372e302f32342d3234203d3e20323134303235.roa
Signing time: Sun 29 Mar 2026 14:53:21 +0000
ROA not before: Sun 29 Mar 2026 14:48:21 +0000
ROA not after: Sun 28 Mar 2027 14:53:21 +0000
asID: 214025
IP address blocks: 45.146.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:59:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:81:49:6f:30:99:ad:47:b3:b0:19:42:c6:8e:f9:4a:ef:5c:e8:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 29 14:48:21 2026 GMT
Not After : Mar 28 14:53:21 2027 GMT
Subject: CN=041D7904E80F3FCF27A20660F0BD4019F24BECCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4b:77:2a:2c:e2:46:65:2a:d7:52:b7:c9:cd:
bd:00:56:66:fa:0c:cd:30:82:86:70:fa:48:a2:ae:
d4:65:bd:d9:77:1e:cb:98:42:5b:86:99:bc:b2:f5:
ef:ec:65:f0:6f:57:58:1c:d6:7d:88:d4:ae:20:c7:
86:3f:f7:fb:e1:b5:36:11:92:8d:01:5b:97:50:60:
59:a2:dc:44:62:4f:9d:55:b1:f0:30:0d:0e:4f:75:
66:7c:fe:2d:09:0a:fb:82:1a:c4:23:d6:3c:33:c2:
90:c8:1a:77:42:56:13:37:16:b8:fc:53:6f:58:d4:
da:8c:c2:d1:a5:52:f9:fa:10:ba:28:52:e7:ca:29:
87:fc:d7:7e:ec:a7:91:8b:62:f5:df:6a:65:11:e7:
ef:f1:6a:e9:b7:ba:77:0d:22:52:b8:1d:c5:5c:33:
9c:49:db:e9:1c:b0:cf:77:9b:e7:71:c5:89:ee:85:
94:a7:75:b7:0c:b1:b7:12:ec:72:d3:49:6a:7d:53:
1d:e2:8e:35:8a:5c:58:45:ef:12:00:23:8b:bf:6b:
bf:90:b0:24:ec:9e:32:f7:d7:3e:69:49:7c:5b:5c:
55:a2:bf:a8:f0:b1:94:fa:69:a2:b0:7f:1a:15:dd:
7b:ff:cf:a4:e1:1c:fd:16:e2:36:5d:69:61:1b:bb:
32:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1D:79:04:E8:0F:3F:CF:27:A2:06:60:F0:BD:40:19:F2:4B:EC:CB
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130372e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.107.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:5b:b3:ef:49:de:8e:dd:e4:50:c7:9f:76:ed:48:f6:2c:6c:
d6:27:b5:0c:3c:62:2b:ec:89:9b:f5:c6:07:21:78:fe:fb:f7:
50:95:e2:d5:60:b2:dd:76:73:3d:fd:fa:92:7a:1f:ce:0c:97:
02:9e:36:31:3a:97:cd:aa:5a:54:13:4c:86:12:db:e3:37:07:
78:16:6f:00:a7:bf:e5:3a:38:09:69:34:f0:31:42:81:84:ba:
85:c5:a8:6c:df:4b:97:ed:a3:e6:65:03:a0:12:b4:56:8e:b5:
74:d5:55:86:3c:22:c2:8c:15:64:35:46:d6:c1:d5:89:86:c8:
99:90:fe:8b:cf:05:48:9a:28:4d:c1:c4:5d:8c:2a:f0:05:3b:
cc:21:33:22:5e:7f:61:53:55:9d:02:ae:86:79:c1:1c:f3:43:
90:0d:9b:90:27:1d:e1:a7:78:e4:0d:7f:aa:ce:3a:85:65:5c:
71:ae:b2:c8:02:38:af:8e:06:7d:30:e2:fa:0c:bf:b3:7d:dc:
1b:bb:0b:6c:ad:5a:21:7c:db:f6:e1:63:3d:c7:77:fb:ef:19:
68:e7:11:f2:fb:a1:8d:55:42:70:93:e2:55:6a:93:d9:34:85:
39:1c:53:34:7c:eb:81:86:9d:8d:03:f6:32:c8:ea:9a:90:41:
79:48:86:ba
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWIFJbzCZrUezsBlCxo75Su9c6IUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAzMjkxNDQ4MjFaFw0yNzAzMjgxNDUzMjFaMDMxMTAvBgNV
BAMTKDA0MUQ3OTA0RTgwRjNGQ0YyN0EyMDY2MEYwQkQ0MDE5RjI0QkVDQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLS3cqLOJGZSrXUrfJzb0AVmb6
DM0wgoZw+kiirtRlvdl3HsuYQluGmbyy9e/sZfBvV1gc1n2I1K4gx4Y/9/vhtTYR
ko0BW5dQYFmi3ERiT51VsfAwDQ5PdWZ8/i0JCvuCGsQj1jwzwpDIGndCVhM3Frj8
U29Y1NqMwtGlUvn6ELooUufKKYf8137sp5GLYvXfamUR5+/xaum3uncNIlK4HcVc
M5xJ2+kcsM93m+dxxYnuhZSndbcMsbcS7HLTSWp9Ux3ijjWKXFhF7xIAI4u/a7+Q
sCTsnjL31z5pSXxbXFWiv6jwsZT6aaKwfxoV3Xv/z6ThHP0W4jZdaWEbuzJnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBB15BOgPP88nogZg8L1AGfJL7MswHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMDMyMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmswDQYJKoZIhvcNAQELBQADggEBADxbs+9J3o7d5FDHn3btSPYsbNYntQw8
YivsiZv1xgcheP7791CV4tVgst12cz39+pJ6H84MlwKeNjE6l82qWlQTTIYS2+M3
B3gWbwCnv+U6OAlpNPAxQoGEuoXFqGzfS5fto+ZlA6AStFaOtXTVVYY8IsKMFWQ1
RtbB1YmGyJmQ/ovPBUiaKE3BxF2MKvAFO8whMyJef2FTVZ0CroZ5wRzzQ5ANm5An
HeGneOQNf6rOOoVlXHGussgCOK+OBn0w4voMv7N93Bu7C2ytWiF82/bhYz3Hd/vv
GWjnEfL7oY1VQnCT4lVqk9k0hTkcUzR864GGnY0D9jLI6pqQQXlIhro=
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:26:51 2026 by rpki-client