Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3233332e302f32342d3234203d3e203336333532.roa
File: 3139342e35302e3233332e302f32342d3234203d3e203336333532.roa (raw, json)
Hash identifier: fMy5Ibcr4i8ojGYObiUnUzKAAI18Gx6q8BkGOjs0huE=
Subject key identifier: 40:B7:9F:5F:62:5C:8C:2E:75:D0:04:BD:D9:55:49:6F:77:3F:8C:BD
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 6ADA4EDCAD09D6CE2C2806E74F6635A2430D3518
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3233332e302f32342d3234203d3e203336333532.roa
Signing time: Wed 22 Oct 2025 07:55:09 +0000
ROA not before: Wed 22 Oct 2025 07:50:09 +0000
ROA not after: Wed 21 Oct 2026 07:55:09 +0000
asID: 36352
IP address blocks: 194.50.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 19:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:da:4e:dc:ad:09:d6:ce:2c:28:06:e7:4f:66:35:a2:43:0d:35:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Oct 22 07:50:09 2025 GMT
Not After : Oct 21 07:55:09 2026 GMT
Subject: CN=40B79F5F625C8C2E75D004BDD955496F773F8CBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:39:17:71:38:73:95:7c:f9:a7:4b:43:19:06:
5f:89:21:72:5c:ac:28:f7:24:80:4e:dd:f8:2f:c9:
c6:2e:f1:24:b9:09:41:0e:83:5c:b8:b9:3d:26:f2:
13:92:d7:02:4d:43:ce:79:0b:7e:77:af:50:19:26:
bf:c3:a1:32:a7:1d:44:41:88:75:a5:5c:c6:c8:7a:
99:8a:40:3e:8d:88:5a:e5:08:d7:71:ca:2f:a2:88:
12:7c:a6:50:ef:9b:75:e3:c3:8f:89:0c:c2:91:1a:
68:92:9a:a5:2d:bb:89:ac:5e:ed:1c:79:64:7b:92:
ec:4d:b7:c6:07:fe:c7:72:05:10:ba:e3:b3:57:dc:
04:fd:d5:35:68:35:df:1b:f0:97:1d:da:6b:c2:32:
4d:ea:31:4f:68:5a:a5:c7:03:56:3b:a5:36:dc:df:
58:7a:2c:87:38:b5:08:2f:0a:62:7e:13:77:ab:6d:
4f:9d:15:ff:97:ee:a5:a5:85:9b:16:ed:cb:b9:a0:
1e:7c:d3:8f:9c:24:ae:97:12:76:5e:f7:4f:c8:86:
ad:d0:9a:c2:f8:19:bf:8b:b4:f9:4a:86:d3:2e:a6:
63:4a:ac:69:ca:69:53:01:c2:43:cc:44:6f:c7:c8:
4c:dd:11:13:88:4a:99:a4:80:35:e2:7c:c0:58:a1:
d6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B7:9F:5F:62:5C:8C:2E:75:D0:04:BD:D9:55:49:6F:77:3F:8C:BD
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3233332e302f32342d3234203d3e203336333532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.233.0/24
Signature Algorithm: sha256WithRSAEncryption
28:25:1d:db:16:2c:75:c4:f4:c1:7a:b0:89:3a:ae:0d:0c:5a:
ac:95:e6:a3:f1:c7:d5:c1:5d:15:dc:0d:46:42:50:0a:9c:bb:
17:e3:e3:c8:91:06:e4:aa:de:2d:6d:11:00:db:7e:e6:ce:b6:
bc:8e:bf:b1:8f:0d:fd:28:fe:7b:6a:a1:40:d3:f0:ba:3b:b0:
95:b8:ec:48:ab:19:27:a2:c3:d4:ad:d0:bd:c7:7c:5d:88:ed:
f8:28:6c:d6:37:d4:8c:81:0c:6f:7a:78:e5:41:0c:97:5f:c3:
24:00:9f:b4:5c:16:ec:d1:78:09:d7:44:66:4e:21:d3:a8:99:
4e:1b:95:46:c9:ee:a3:17:24:20:91:82:6a:ac:2b:57:b7:91:
e9:b9:42:df:2b:3f:f6:80:3c:a2:d1:fd:a1:c3:19:a4:f6:e8:
d9:37:ec:59:e3:36:28:50:d7:1a:d8:df:d9:f1:f0:43:8d:07:
56:da:d0:e0:d9:5c:94:7e:e4:2a:5b:af:96:0f:ee:ed:49:5f:
c1:7f:a3:65:13:55:1f:a9:cb:d3:1a:ba:67:5f:e2:5d:3a:94:
96:fe:f8:93:9a:01:26:b6:b2:94:58:0b:c4:19:ff:fb:41:97:
bc:14:23:c1:52:38:d7:c3:c1:9f:bd:5b:ba:60:7f:8b:ce:8f:
4f:2d:0e:6d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUatpO3K0J1s4sKAbnT2Y1okMNNRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTEwMjIwNzUwMDlaFw0yNjEwMjEwNzU1MDlaMDMxMTAvBgNV
BAMTKDQwQjc5RjVGNjI1QzhDMkU3NUQwMDRCREQ5NTU0OTZGNzczRjhDQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnORdxOHOVfPmnS0MZBl+JIXJc
rCj3JIBO3fgvycYu8SS5CUEOg1y4uT0m8hOS1wJNQ855C353r1AZJr/DoTKnHURB
iHWlXMbIepmKQD6NiFrlCNdxyi+iiBJ8plDvm3Xjw4+JDMKRGmiSmqUtu4msXu0c
eWR7kuxNt8YH/sdyBRC647NX3AT91TVoNd8b8Jcd2mvCMk3qMU9oWqXHA1Y7pTbc
31h6LIc4tQgvCmJ+E3erbU+dFf+X7qWlhZsW7cu5oB5804+cJK6XEnZe90/Ihq3Q
msL4Gb+LtPlKhtMupmNKrGnKaVMBwkPMRG/HyEzdEROISpmkgDXifMBYodaLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQLefX2JcjC510AS92VVJb3c/jL0wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzNTMwMmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM2MzMzNTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wjLpMA0GCSqGSIb3DQEBCwUAA4IBAQAoJR3bFix1xPTBerCJOq4NDFqsleaj8cfV
wV0V3A1GQlAKnLsX4+PIkQbkqt4tbREA237mzra8jr+xjw39KP57aqFA0/C6O7CV
uOxIqxknosPUrdC9x3xdiO34KGzWN9SMgQxvenjlQQyXX8MkAJ+0XBbs0XgJ10Rm
TiHTqJlOG5VGye6jFyQgkYJqrCtXt5HpuULfKz/2gDyi0f2hwxmk9ujZN+xZ4zYo
UNca2N/Z8fBDjQdW2tDg2VyUfuQqW6+WD+7tSV/Bf6NlE1UfqcvTGrpnX+JdOpSW
/viTmgEmtrKUWAvEGf/7QZe8FCPBUjjXw8GfvVu6YH+Lzo9PLQ5t
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:55:14 2025 by rpki-client