Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e203632363130.roa
File: 34352e3134302e3138362e302f32342d3234203d3e203632363130.roa (raw, json)
Hash identifier: bnYcH7oOy1PfoVNWXqUaba7mDOAn2zArq/8jNSVDeqw=
Subject key identifier: 6E:62:81:29:7E:DE:44:FE:F3:03:4D:F7:AE:14:E7:F0:A1:14:46:B9
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5B6ABAF80FD905B57E8AD5D832324B495B148275
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e203632363130.roa
Signing time: Tue 31 Mar 2026 09:06:41 +0000
ROA not before: Tue 31 Mar 2026 09:01:41 +0000
ROA not after: Tue 30 Mar 2027 09:06:41 +0000
asID: 62610
IP address blocks: 45.140.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:6a:ba:f8:0f:d9:05:b5:7e:8a:d5:d8:32:32:4b:49:5b:14:82:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 31 09:01:41 2026 GMT
Not After : Mar 30 09:06:41 2027 GMT
Subject: CN=6E6281297EDE44FEF3034DF7AE14E7F0A11446B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4f:b9:c1:b9:18:8e:94:37:06:4f:e1:3a:77:
36:14:e0:a9:20:a0:79:dc:6f:14:01:3a:f8:70:0b:
e6:f0:d2:a5:00:80:b5:a7:ca:22:c8:25:b1:1e:aa:
f1:4d:7e:2c:d2:93:c1:db:f3:b7:67:94:27:1f:1b:
01:3b:bc:81:74:55:30:46:a6:2c:26:63:17:9d:32:
a5:f8:ee:1d:51:b2:4a:89:14:05:a6:6a:41:40:c4:
dd:8f:fc:a2:df:13:df:8f:3f:a5:cf:c2:a2:c1:28:
f8:45:15:d3:01:b2:20:bd:2a:14:33:61:5a:80:e2:
5f:45:cb:66:32:af:35:72:c0:f0:3a:da:1b:e6:aa:
d7:68:d7:23:a4:ee:18:11:61:f1:b6:ec:6b:f3:f6:
14:6e:c6:ea:b4:41:bd:95:b5:26:6d:a2:9e:19:77:
e3:67:90:d4:a1:5e:63:56:a3:f5:a5:ab:f2:cb:fc:
2e:14:23:49:2e:b8:f9:7a:66:9c:32:71:bf:d3:63:
d8:f5:c3:69:d2:5c:55:9b:b3:15:d9:29:8f:aa:7f:
03:af:40:71:b2:a4:7b:1f:11:2e:da:29:a8:1b:b2:
98:83:99:a2:cd:1c:f1:4a:9b:46:f4:3c:40:41:9a:
43:23:a4:6a:d1:55:2c:aa:11:3f:e6:e6:97:58:57:
95:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:62:81:29:7E:DE:44:FE:F3:03:4D:F7:AE:14:E7:F0:A1:14:46:B9
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e203632363130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.186.0/24
Signature Algorithm: sha256WithRSAEncryption
47:48:77:11:b7:ea:53:41:27:d5:77:79:24:18:96:53:91:27:
3d:d7:12:86:35:76:0b:67:ad:21:f9:70:0f:01:a2:82:06:5c:
17:e9:4f:96:bb:80:e3:43:07:e0:0f:56:77:bf:a1:e6:e5:10:
dd:f0:aa:97:bd:83:0c:b3:0c:97:1d:b0:88:2c:dc:ac:30:e1:
3e:bc:9c:4e:10:5e:12:13:53:e9:40:48:20:ae:5f:0a:07:e7:
0c:b8:22:cf:b2:ee:1c:fb:04:f6:48:60:53:0d:88:1f:24:b4:
b1:65:ee:80:54:54:08:19:9b:a4:30:bf:d2:45:94:a5:d6:25:
aa:4c:db:fa:e9:56:d3:48:83:ef:e5:e9:7e:ab:a5:a3:22:32:
e2:68:7c:bc:43:65:30:df:bf:c8:47:94:21:71:16:f1:65:f8:
29:59:aa:10:27:c9:77:88:df:56:ac:7f:72:1a:83:7d:31:e1:
69:51:d9:7c:fa:8e:07:fd:5d:87:5d:de:4d:24:c7:86:e3:4b:
2d:6d:71:89:2e:92:7b:ca:e0:21:bd:cd:2d:09:00:c4:69:ca:
dc:fb:c8:c6:fa:1c:a6:86:ca:05:f4:63:c0:65:4b:33:6d:dd:
62:9e:72:0e:45:32:86:53:9d:bb:13:b3:9f:5c:6f:65:0f:23:
4b:6e:02:6b
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUW2q6+A/ZBbV+itXYMjJLSVsUgnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMzEwOTAxNDFaFw0yNzAzMzAwOTA2NDFaMDMxMTAvBgNV
BAMTKDZFNjI4MTI5N0VERTQ0RkVGMzAzNERGN0FFMTRFN0YwQTExNDQ2QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9T7nBuRiOlDcGT+E6dzYU4Kkg
oHncbxQBOvhwC+bw0qUAgLWnyiLIJbEeqvFNfizSk8Hb87dnlCcfGwE7vIF0VTBG
piwmYxedMqX47h1RskqJFAWmakFAxN2P/KLfE9+PP6XPwqLBKPhFFdMBsiC9KhQz
YVqA4l9Fy2YyrzVywPA62hvmqtdo1yOk7hgRYfG27Gvz9hRuxuq0Qb2VtSZtop4Z
d+NnkNShXmNWo/Wlq/LL/C4UI0kuuPl6Zpwycb/TY9j1w2nSXFWbsxXZKY+qfwOv
QHGypHsfES7aKagbspiDmaLNHPFKm0b0PEBBmkMjpGrRVSyqET/m5pdYV5WHAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUbmKBKX7eRP7zA033rhTn8KEURrkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzAy
ZTMxMzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzNjMxMzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtjLowDQYJKoZIhvcNAQELBQADggEBAEdIdxG36lNBJ9V3eSQYllORJz3X
EoY1dgtnrSH5cA8BooIGXBfpT5a7gONDB+APVne/oeblEN3wqpe9gwyzDJcdsIgs
3Kww4T68nE4QXhITU+lASCCuXwoH5wy4Is+y7hz7BPZIYFMNiB8ktLFl7oBUVAgZ
m6Qwv9JFlKXWJapM2/rpVtNIg+/l6X6rpaMiMuJofLxDZTDfv8hHlCFxFvFl+ClZ
qhAnyXeI31asf3Iag30x4WlR2Xz6jgf9XYdd3k0kx4bjSy1tcYkuknvK4CG9zS0J
AMRpytz7yMb6HKaGygX0Y8BlSzNt3WKecg5FMoZTnbsTs59cb2UPI0tuAms=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:02:55 2026 by rpki-client