Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133342e3232352e302f32342d3234203d3e20323133343338.roa
File: 34352e3133342e3232352e302f32342d3234203d3e20323133343338.roa (raw, json)
Hash identifier: HhkCs6IXoMArQ0dAQ8E/zyParikaQwGQi2gTjpoFI0M=
Subject key identifier: 3F:FD:B8:04:FD:39:32:02:7F:94:84:AB:9D:3F:FB:55:EB:93:61:65
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 71A358D73BDF518F9020172AFBC5599AE7C57685
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133342e3232352e302f32342d3234203d3e20323133343338.roa
Signing time: Tue 14 Apr 2026 08:23:36 +0000
ROA not before: Tue 14 Apr 2026 08:18:36 +0000
ROA not after: Tue 13 Apr 2027 08:23:36 +0000
asID: 213438
IP address blocks: 45.134.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:a3:58:d7:3b:df:51:8f:90:20:17:2a:fb:c5:59:9a:e7:c5:76:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 14 08:18:36 2026 GMT
Not After : Apr 13 08:23:36 2027 GMT
Subject: CN=3FFDB804FD3932027F9484AB9D3FFB55EB936165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:45:7b:48:f1:f2:88:40:11:f7:35:71:d3:30:
8b:40:d4:11:a1:53:40:6f:c6:85:16:85:51:06:88:
7a:56:24:a2:d2:f4:50:b1:12:ee:2d:f2:b6:d8:c1:
96:10:36:ef:af:e9:45:7f:71:c4:00:17:d6:e6:84:
7b:68:09:f3:d9:33:31:5e:3f:30:d9:af:49:21:0f:
a4:36:37:37:d1:8d:a6:29:59:c4:c3:20:3e:3a:56:
63:3b:f5:19:55:65:93:e5:33:68:cc:b2:ba:c1:45:
9e:15:68:f7:7a:0e:c8:f0:c8:a8:c7:04:9f:e0:d5:
ac:70:7b:ef:5b:47:be:08:58:52:1b:0a:34:44:c9:
b5:3b:84:7f:e0:a7:95:8e:3a:c1:0e:27:d1:fa:26:
80:db:3b:cb:78:88:d8:ad:e2:95:5b:57:16:d1:18:
9c:7a:c1:7d:9f:24:c8:2f:45:5b:ac:69:32:5b:89:
80:11:61:0d:d9:ed:92:8c:a4:b9:5a:84:c6:92:22:
06:14:62:10:be:3d:b7:56:d8:8c:94:a5:25:ee:ac:
a7:fe:31:4a:59:f0:1e:e2:3c:ec:91:6a:12:1d:63:
4d:7f:13:3e:9e:af:ea:e8:b7:d6:ea:82:78:de:c9:
63:4f:be:d2:9f:6d:9c:8a:bc:56:b9:18:07:8f:37:
30:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:FD:B8:04:FD:39:32:02:7F:94:84:AB:9D:3F:FB:55:EB:93:61:65
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133342e3232352e302f32342d3234203d3e20323133343338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.225.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:8b:56:9c:56:f7:b6:79:21:ea:70:cb:79:83:e2:04:71:0c:
b6:ba:25:47:34:22:30:10:1e:c1:d7:cf:86:29:6d:2b:74:9c:
12:49:5a:e9:25:b9:b2:e6:48:8e:3d:2e:67:18:d1:f0:5a:e9:
23:ac:91:a5:1f:8c:1c:7b:ed:0b:28:e9:3e:f2:70:67:ba:ad:
ef:50:2f:ae:3f:4e:55:29:ce:a6:5b:1c:66:42:08:7c:6c:2c:
f3:8a:0c:29:6f:fe:c0:b2:f4:71:be:d1:b1:2f:b1:d4:b3:5b:
b5:01:a1:a2:2a:52:08:fb:1d:bd:f9:da:cb:6d:b2:7b:b3:a0:
b1:6b:f4:0e:e8:e4:0c:34:8b:c8:a4:18:ce:d8:9d:d5:f0:c3:
32:42:06:7a:65:c2:24:00:b5:af:d0:a9:e2:52:30:b6:74:4d:
96:04:c6:7c:d0:84:84:7b:98:c3:67:1f:fd:69:bc:b5:36:42:
75:86:a0:a3:08:29:9f:64:7c:95:b3:e0:ed:99:6a:c4:5a:f7:
45:7f:ec:99:69:9e:d2:2d:39:30:02:18:e5:0b:08:e8:ef:d6:
1c:de:53:55:4f:01:39:59:a3:71:3a:1d:a6:b6:ec:da:ac:d0:
cf:68:1f:73:54:c4:02:58:87:21:1e:81:24:21:e4:86:46:c6:
a4:1e:06:9c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUcaNY1zvfUY+QIBcq+8VZmufFdoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA0MTQwODE4MzZaFw0yNzA0MTMwODIzMzZaMDMxMTAvBgNV
BAMTKDNGRkRCODA0RkQzOTMyMDI3Rjk0ODRBQjlEM0ZGQjU1RUI5MzYxNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqRXtI8fKIQBH3NXHTMItA1BGh
U0BvxoUWhVEGiHpWJKLS9FCxEu4t8rbYwZYQNu+v6UV/ccQAF9bmhHtoCfPZMzFe
PzDZr0khD6Q2NzfRjaYpWcTDID46VmM79RlVZZPlM2jMsrrBRZ4VaPd6DsjwyKjH
BJ/g1axwe+9bR74IWFIbCjREybU7hH/gp5WOOsEOJ9H6JoDbO8t4iNit4pVbVxbR
GJx6wX2fJMgvRVusaTJbiYARYQ3Z7ZKMpLlahMaSIgYUYhC+PbdW2IyUpSXurKf+
MUpZ8B7iPOyRahIdY01/Ez6er+rot9bqgnjeyWNPvtKfbZyKvFa5GAePNzCLAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUP/24BP05MgJ/lISrnT/7VeuTYWUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzQy
ZTMyMzIzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMzM0MzMzOC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2G4TANBgkqhkiG9w0BAQsFAAOCAQEAtItWnFb3tnkh6nDLeYPiBHEM
trolRzQiMBAewdfPhiltK3ScEkla6SW5suZIjj0uZxjR8FrpI6yRpR+MHHvtCyjp
PvJwZ7qt71Avrj9OVSnOplscZkIIfGws84oMKW/+wLL0cb7RsS+x1LNbtQGhoipS
CPsdvfnay22ye7OgsWv0DujkDDSLyKQYztid1fDDMkIGemXCJAC1r9Cp4lIwtnRN
lgTGfNCEhHuYw2cf/Wm8tTZCdYagowgpn2R8lbPg7ZlqxFr3RX/smWme0i05MAIY
5QsI6O/WHN5TVU8BOVmjcTodprbs2qzQz2gfc1TEAliHIR6BJCHkhkbGpB4GnA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:15:03 2026 by rpki-client