Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20323134303235.roa
File: 34352e3134302e3138362e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: KC2MAecFaVnz/Xm43qScJqkJT5noewUnSZVaiBL5DKE=
Subject key identifier: 3F:1B:15:6A:F6:46:FF:56:07:23:9B:94:42:2D:2C:D8:7B:73:E5:2F
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0676C14AEC0C3AA1AC051430EA3ECEDF072C7A18
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20323134303235.roa
Signing time: Tue 31 Mar 2026 09:06:12 +0000
ROA not before: Tue 31 Mar 2026 09:01:12 +0000
ROA not after: Tue 30 Mar 2027 09:06:12 +0000
asID: 214025
IP address blocks: 45.140.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:76:c1:4a:ec:0c:3a:a1:ac:05:14:30:ea:3e:ce:df:07:2c:7a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 31 09:01:12 2026 GMT
Not After : Mar 30 09:06:12 2027 GMT
Subject: CN=3F1B156AF646FF5607239B94422D2CD87B73E52F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d6:14:30:ae:b6:1b:5d:17:0f:93:28:8f:fc:
59:4f:5e:7a:2f:ba:70:85:1a:4c:aa:ee:66:c2:9d:
c3:13:f6:9a:b0:bf:00:98:ba:0c:2c:34:a1:f0:97:
2e:94:4a:f0:85:90:bf:e6:ef:ad:bc:a9:0a:1d:17:
0a:dc:8d:29:f3:b5:cc:6f:46:cf:b4:5c:e5:16:32:
6b:d3:31:50:f9:75:52:2b:39:6d:72:6b:5c:39:5d:
23:ee:9b:e4:de:f2:84:7f:f4:7c:54:04:2e:24:6d:
07:e5:a3:47:02:6a:20:50:e3:fe:20:47:fb:1b:17:
50:d7:01:f4:6c:60:c1:c3:78:9f:b7:fd:5b:73:f6:
2d:c9:bb:9d:25:d1:9f:c0:5b:bc:1d:a8:22:1f:89:
46:8e:f4:c4:3a:b1:1e:f7:b2:a3:11:00:73:7d:ec:
1f:8d:0d:8d:70:4a:f3:da:13:88:dd:66:c6:71:70:
15:fb:e7:87:42:06:57:cc:59:22:4d:73:8e:ba:ca:
23:5b:88:ac:a6:6a:1e:2d:76:10:a1:19:74:c1:bb:
6c:72:dc:11:87:4a:55:2c:ad:ec:e6:26:41:cb:fd:
57:95:30:48:d4:f9:db:a5:54:7f:7e:dd:09:39:c2:
45:f2:52:d3:79:8b:a1:50:76:5a:b5:47:57:3d:33:
80:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1B:15:6A:F6:46:FF:56:07:23:9B:94:42:2D:2C:D8:7B:73:E5:2F
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.186.0/24
Signature Algorithm: sha256WithRSAEncryption
29:63:79:91:17:25:07:86:70:7e:fa:1c:05:46:96:00:df:1d:
7b:67:76:3f:3c:50:34:be:f7:2b:6d:43:0a:01:15:c5:01:54:
d6:db:22:87:20:a1:e1:27:a6:fd:68:50:7a:63:3f:73:87:b2:
d1:5b:73:ff:6a:2d:90:33:02:b2:1a:4b:b1:db:d1:96:27:12:
cf:73:32:80:ea:36:bd:7a:45:65:72:dd:f0:eb:dc:11:a3:3e:
1a:3e:bc:2c:f8:73:58:8d:43:c9:7a:06:0e:d8:16:73:b5:76:
e9:cd:f5:9d:fe:27:52:7f:2d:b8:54:7f:4f:83:d4:f9:47:9b:
b7:4a:a6:95:3a:1e:d3:22:6e:0d:ad:e7:4c:9f:10:0c:f5:d1:
de:14:7d:53:2f:09:17:4d:77:55:8f:72:3a:01:46:59:fc:95:
82:d6:0e:48:2e:c4:8c:59:f5:b2:8c:10:af:04:64:69:99:9b:
8c:10:c8:05:08:14:c4:c6:83:8d:be:df:eb:66:9e:c6:dc:27:
6e:ce:96:16:fa:29:b2:d7:27:45:f6:45:a8:14:97:52:29:0e:
0b:32:f0:ef:77:01:a1:41:e2:25:f1:68:e1:d1:b8:c2:59:fd:
19:5c:f0:c1:c8:24:1f:d4:92:95:7d:a0:d4:63:42:c3:ed:82:
0b:78:9d:87
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUBnbBSuwMOqGsBRQw6j7O3wcsehgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMzEwOTAxMTJaFw0yNzAzMzAwOTA2MTJaMDMxMTAvBgNV
BAMTKDNGMUIxNTZBRjY0NkZGNTYwNzIzOUI5NDQyMkQyQ0Q4N0I3M0U1MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh1hQwrrYbXRcPkyiP/FlPXnov
unCFGkyq7mbCncMT9pqwvwCYugwsNKHwly6USvCFkL/m7628qQodFwrcjSnztcxv
Rs+0XOUWMmvTMVD5dVIrOW1ya1w5XSPum+Te8oR/9HxUBC4kbQflo0cCaiBQ4/4g
R/sbF1DXAfRsYMHDeJ+3/Vtz9i3Ju50l0Z/AW7wdqCIfiUaO9MQ6sR73sqMRAHN9
7B+NDY1wSvPaE4jdZsZxcBX754dCBlfMWSJNc466yiNbiKymah4tdhChGXTBu2xy
3BGHSlUsrezmJkHL/VeVMEjU+dulVH9+3Qk5wkXyUtN5i6FQdlq1R1c9M4C3AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUPxsVavZG/1YHI5uUQi0s2Htz5S8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzAy
ZTMxMzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDMwMzIzNS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2MujANBgkqhkiG9w0BAQsFAAOCAQEAKWN5kRclB4ZwfvocBUaWAN8d
e2d2PzxQNL73K21DCgEVxQFU1tsihyCh4Sem/WhQemM/c4ey0Vtz/2otkDMCshpL
sdvRlicSz3MygOo2vXpFZXLd8OvcEaM+Gj68LPhzWI1DyXoGDtgWc7V26c31nf4n
Un8tuFR/T4PU+Uebt0qmlToe0yJuDa3nTJ8QDPXR3hR9Uy8JF013VY9yOgFGWfyV
gtYOSC7EjFn1sowQrwRkaZmbjBDIBQgUxMaDjb7f62aextwnbs6WFvopstcnRfZF
qBSXUikOCzLw73cBoUHiJfFo4dG4wln9GVzwwcgkH9SSlX2g1GNCw+2CC3idhw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:34:21 2026 by rpki-client