Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138372e302f32342d3234203d3e20383334.roa
File: 34352e3134302e3138372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: GCm89xgkByLWL+Imp0AxBn7DQ7Tok6EogOuUcX5e2rQ=
Subject key identifier: 32:82:63:57:83:BB:EA:CE:F6:8D:6D:B4:F6:05:D5:00:1A:46:C9:E7
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5156CB9BDA58DC882B5A9E295D94ADCCD0937379
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138372e302f32342d3234203d3e20383334.roa
Signing time: Tue 04 Nov 2025 17:09:51 +0000
ROA not before: Tue 04 Nov 2025 17:04:51 +0000
ROA not after: Tue 03 Nov 2026 17:09:51 +0000
asID: 834
IP address blocks: 45.140.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 04:39:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:56:cb:9b:da:58:dc:88:2b:5a:9e:29:5d:94:ad:cc:d0:93:73:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 4 17:04:51 2025 GMT
Not After : Nov 3 17:09:51 2026 GMT
Subject: CN=3282635783BBEACEF68D6DB4F605D5001A46C9E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8d:20:7a:9a:6f:e8:76:1e:d7:9f:f4:37:75:
55:da:d7:e8:29:30:3d:84:f0:4f:97:7f:32:52:9d:
5c:d1:8a:f1:42:9d:a8:11:6a:08:39:f1:d0:95:62:
a8:1b:b9:23:6d:1c:1f:ae:21:37:cf:6e:5e:1c:82:
a0:8b:41:11:60:ce:b3:4a:46:72:d4:9a:04:a1:b8:
29:c8:63:21:8a:cd:6e:03:29:4e:f3:ec:28:07:5a:
05:a0:6a:7c:90:ea:04:24:53:4f:d1:cf:d4:ae:21:
ad:7a:f8:38:99:40:3b:da:3a:33:b1:91:8e:e7:5a:
09:f9:44:d7:7a:ac:c0:50:75:0c:3f:9f:88:53:50:
ec:d3:50:c9:2b:89:79:5a:de:41:34:2a:4a:e9:2e:
6b:6c:d8:b0:aa:ae:c2:c5:00:83:05:db:0a:a8:04:
5c:53:1c:df:6b:46:e8:90:ab:3b:f8:fc:57:e3:cf:
97:f0:e8:e4:a7:6e:29:a0:d0:3c:59:4d:cf:2c:aa:
a8:ce:2b:ed:29:e0:aa:0a:bb:b9:34:f5:43:df:8e:
bf:f0:34:50:9e:ac:52:8c:8a:59:8c:a3:17:c9:12:
88:25:2c:a6:33:c1:79:0f:76:ad:71:78:98:05:89:
72:b6:fe:50:bd:c1:b7:25:9a:3c:e1:db:cb:dd:02:
74:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:82:63:57:83:BB:EA:CE:F6:8D:6D:B4:F6:05:D5:00:1A:46:C9:E7
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.187.0/24
Signature Algorithm: sha256WithRSAEncryption
10:43:ab:e6:90:99:e5:0c:4f:a2:52:e0:16:2f:23:34:6f:1f:
b5:2c:51:ab:23:bd:7c:5c:1e:dc:87:54:6b:21:a1:82:eb:d2:
55:6e:08:40:c9:df:24:23:36:86:ee:1d:fe:f1:7b:dd:5e:97:
76:91:12:b8:3d:20:cd:f1:53:15:30:de:9d:87:39:db:d5:fa:
a0:76:d9:d9:50:f9:18:36:6f:b0:d2:85:96:60:5b:8d:0d:d5:
43:85:5e:f7:03:f9:06:9b:01:8a:45:e0:50:f0:c7:17:b3:f5:
32:80:ec:ee:15:01:66:96:de:77:aa:15:9c:42:da:4e:0b:2c:
af:53:8c:47:af:5a:8d:2f:d5:94:95:d1:06:60:e5:9f:9d:1b:
87:bc:22:6f:87:20:95:3e:e6:78:f5:c7:4a:ef:53:b6:98:4f:
d8:56:94:8c:2c:6e:8f:1f:48:5f:e7:e8:93:db:f0:47:bb:d4:
4c:1b:49:a3:5d:ad:3c:fa:7c:b1:a2:cf:13:cd:bd:b2:d7:34:
a5:a3:a6:c8:5c:59:cd:a2:73:3b:0d:99:a3:81:4b:43:7d:df:
ed:18:c3:c7:9e:98:c1:be:0d:e5:e8:94:11:e3:71:cb:0e:18:
40:fe:11:3b:a1:c4:ab:ae:3c:8d:6d:18:12:11:f1:ac:b4:c1:
b1:d4:2b:fb
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUUVbLm9pY3IgrWp4pXZStzNCTc3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTExMDQxNzA0NTFaFw0yNjExMDMxNzA5NTFaMDMxMTAvBgNV
BAMTKDMyODI2MzU3ODNCQkVBQ0VGNjhENkRCNEY2MDVENTAwMUE0NkM5RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCljSB6mm/odh7Xn/Q3dVXa1+gp
MD2E8E+XfzJSnVzRivFCnagRagg58dCVYqgbuSNtHB+uITfPbl4cgqCLQRFgzrNK
RnLUmgShuCnIYyGKzW4DKU7z7CgHWgWganyQ6gQkU0/Rz9SuIa16+DiZQDvaOjOx
kY7nWgn5RNd6rMBQdQw/n4hTUOzTUMkriXla3kE0KkrpLmts2LCqrsLFAIMF2wqo
BFxTHN9rRuiQqzv4/Ffjz5fw6OSnbimg0DxZTc8sqqjOK+0p4KoKu7k09UPfjr/w
NFCerFKMilmMoxfJEoglLKYzwXkPdq1xeJgFiXK2/lC9wbclmjzh28vdAnT/AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUMoJjV4O76s72jW209gXVABpGyecwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzAy
ZTMxMzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AC2MuzANBgkqhkiG9w0BAQsFAAOCAQEAEEOr5pCZ5QxPolLgFi8jNG8ftSxRqyO9
fFwe3IdUayGhguvSVW4IQMnfJCM2hu4d/vF73V6XdpESuD0gzfFTFTDenYc529X6
oHbZ2VD5GDZvsNKFlmBbjQ3VQ4Ve9wP5BpsBikXgUPDHF7P1MoDs7hUBZpbed6oV
nELaTgssr1OMR69ajS/VlJXRBmDln50bh7wib4cglT7mePXHSu9TtphP2FaUjCxu
jx9IX+fok9vwR7vUTBtJo12tPPp8saLPE829stc0paOmyFxZzaJzOw2Zo4FLQ33f
7RjDx56Ywb4N5eiUEeNxyw4YQP4RO6HEq648jW0YEhHxrLTBsdQr+w==
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:42:41 2025 by rpki-client