Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135362e302f32342d3234203d3e20343030303331.roa
File: 34352e3135352e3135362e302f32342d3234203d3e20343030303331.roa (raw, json)
Hash identifier: EVkA2Jv9qCjOmLzMQBqtVvmK1ApPdoWboKtBwn0hSko=
Subject key identifier: E8:ED:F4:DB:0C:C0:18:9A:B5:D1:70:CD:7C:01:EB:E3:69:3C:0D:C4
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 31CC4A81B0342B8275626149D034FFC9915CACFB
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135362e302f32342d3234203d3e20343030303331.roa
Signing time: Wed 22 Oct 2025 07:55:09 +0000
ROA not before: Wed 22 Oct 2025 07:50:09 +0000
ROA not after: Wed 21 Oct 2026 07:55:09 +0000
asID: 400031
IP address blocks: 45.155.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 21:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:cc:4a:81:b0:34:2b:82:75:62:61:49:d0:34:ff:c9:91:5c:ac:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Oct 22 07:50:09 2025 GMT
Not After : Oct 21 07:55:09 2026 GMT
Subject: CN=E8EDF4DB0CC0189AB5D170CD7C01EBE3693C0DC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:1e:35:10:7e:69:6b:1a:33:3d:4d:0b:63:00:
5a:03:d8:bf:02:08:96:8b:5e:f9:cd:2f:55:3b:6e:
66:e4:01:59:45:6a:7f:ad:d1:db:8d:db:97:2a:7b:
7d:48:45:e8:dd:d4:2d:02:a4:d2:b6:9a:c0:4d:a8:
7f:a0:65:18:95:d6:66:4e:30:10:0a:bc:72:e8:71:
2d:c4:b5:78:7a:0c:1e:f3:25:e2:09:8c:d1:b8:f7:
44:9d:92:c3:0c:77:09:29:82:c7:24:01:b6:9a:55:
21:37:14:24:46:e7:c1:da:01:a6:e9:de:a1:43:5e:
23:43:af:ac:b4:9b:8e:d0:9b:03:43:75:db:ce:3f:
d2:86:cc:25:cf:71:2d:97:f1:a3:f2:87:eb:28:00:
31:7f:d3:6f:42:5b:10:fb:7e:2c:a4:97:41:55:a0:
7a:b7:c7:4b:48:a9:1b:61:49:97:bd:83:06:00:c9:
bf:e1:6f:f3:e2:87:12:88:fd:8d:30:bb:e5:e0:40:
e9:a4:2a:b3:28:d9:0c:a1:46:a7:6a:1e:24:5a:9f:
34:58:07:58:8f:ec:0c:c6:b2:17:ca:5c:5f:72:d7:
75:7a:b6:ba:a3:29:c2:5d:69:fe:22:17:7d:23:f6:
95:d8:db:9e:0f:e3:14:81:fa:92:b8:a7:d0:8a:42:
2e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:ED:F4:DB:0C:C0:18:9A:B5:D1:70:CD:7C:01:EB:E3:69:3C:0D:C4
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135362e302f32342d3234203d3e20343030303331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.156.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:c7:69:f3:0b:98:50:ca:92:07:bb:e5:c2:14:f9:69:af:83:
86:a0:6f:77:34:ce:84:aa:22:95:74:87:2e:5a:85:e6:5b:79:
31:f8:87:fd:3a:d3:ca:f7:9b:f3:15:66:23:9f:ed:3b:52:5f:
30:59:74:db:e3:e9:5c:dd:48:0a:66:9c:fd:ba:e5:d7:4e:73:
6d:c7:78:82:4f:78:fa:a0:32:1f:a3:94:48:dc:72:4d:25:40:
85:e7:f3:b1:57:82:c1:a9:38:05:d4:7f:0e:5b:ba:d7:d6:e7:
c0:0f:95:69:64:82:73:a5:73:1e:7c:52:26:02:0f:dc:40:88:
25:dc:d4:12:3c:c6:ee:27:c3:1e:a9:7b:72:0f:c1:88:0c:3a:
3a:80:c2:0e:27:28:91:2f:71:36:34:63:76:cd:ea:c3:f7:f1:
ad:fe:92:3e:23:71:7e:ee:7b:32:68:70:0c:43:3f:da:7d:2d:
d4:ff:ad:52:06:60:ca:c3:a8:06:d9:60:3d:fd:26:17:c6:2a:
84:8f:50:9b:fb:7f:20:72:9b:09:ed:7c:82:89:a8:d3:eb:c3:
e0:b7:ee:68:78:9c:2c:64:c3:fe:a8:9c:f9:9a:ab:16:51:f4:
21:d8:38:46:41:a2:35:18:72:e8:fd:ad:9b:cb:26:fb:6d:57:
b2:28:e3:12
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMcxKgbA0K4J1YmFJ0DT/yZFcrPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTEwMjIwNzUwMDlaFw0yNjEwMjEwNzU1MDlaMDMxMTAvBgNV
BAMTKEU4RURGNERCMENDMDE4OUFCNUQxNzBDRDdDMDFFQkUzNjkzQzBEQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqHjUQfmlrGjM9TQtjAFoD2L8C
CJaLXvnNL1U7bmbkAVlFan+t0duN25cqe31IRejd1C0CpNK2msBNqH+gZRiV1mZO
MBAKvHLocS3EtXh6DB7zJeIJjNG490SdksMMdwkpgsckAbaaVSE3FCRG58HaAabp
3qFDXiNDr6y0m47QmwNDddvOP9KGzCXPcS2X8aPyh+soADF/029CWxD7fiykl0FV
oHq3x0tIqRthSZe9gwYAyb/hb/PihxKI/Y0wu+XgQOmkKrMo2QyhRqdqHiRanzRY
B1iP7AzGshfKXF9y13V6trqjKcJdaf4iF30j9pXY254P4xSB+pK4p9CKQi4lAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU6O302wzAGJq10XDNfAHr42k8DcQwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzEzNTM1MmUzMTM1
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDMzMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtm5wwDQYJKoZIhvcNAQELBQADggEBANnHafMLmFDKkge75cIU+Wmvg4agb3c0
zoSqIpV0hy5aheZbeTH4h/0608r3m/MVZiOf7TtSXzBZdNvj6VzdSApmnP265ddO
c23HeIJPePqgMh+jlEjcck0lQIXn87FXgsGpOAXUfw5butfW58APlWlkgnOlcx58
UiYCD9xAiCXc1BI8xu4nwx6pe3IPwYgMOjqAwg4nKJEvcTY0Y3bN6sP38a3+kj4j
cX7uezJocAxDP9p9LdT/rVIGYMrDqAbZYD39JhfGKoSPUJv7fyBymwntfIKJqNPr
w+C37mh4nCxkw/6onPmaqxZR9CHYOEZBojUYcuj9rZvLJvttV7Io4xI=
-----END CERTIFICATE-----
Generated at Sun Nov 2 11:57:52 2025 by rpki-client