Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135372e302f32342d3234203d3e20343030303331.roa
File: 34352e3135352e3135372e302f32342d3234203d3e20343030303331.roa (raw, json)
Hash identifier: ee9ZCdTZqPdudKM34Tqdt9Z4tCjrQwwkM8QRoW1IKQc=
Subject key identifier: 20:DB:8F:FD:C5:E1:E2:A4:1A:32:06:2E:C2:72:2A:9D:DC:FA:6C:8B
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 262EDE54223D39762F58FC8484BB6FD4D8118526
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135372e302f32342d3234203d3e20343030303331.roa
Signing time: Wed 22 Oct 2025 07:55:09 +0000
ROA not before: Wed 22 Oct 2025 07:50:09 +0000
ROA not after: Wed 21 Oct 2026 07:55:09 +0000
asID: 400031
IP address blocks: 45.155.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 21:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:2e:de:54:22:3d:39:76:2f:58:fc:84:84:bb:6f:d4:d8:11:85:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Oct 22 07:50:09 2025 GMT
Not After : Oct 21 07:55:09 2026 GMT
Subject: CN=20DB8FFDC5E1E2A41A32062EC2722A9DDCFA6C8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bd:7f:ab:61:58:08:35:08:00:8e:b2:70:43:
ca:94:b2:da:f0:31:f9:5e:76:a4:a6:7c:d7:3f:a8:
d1:de:ff:97:2c:9a:cd:f7:d6:ef:1f:2e:21:29:90:
27:b4:59:b7:6f:53:75:c9:9f:b2:2d:a7:53:25:60:
d2:5d:d9:22:06:ed:f8:e1:51:03:0b:79:3b:be:34:
e9:3d:ae:ef:cb:e1:09:92:10:ec:f3:36:00:70:0f:
cf:d9:bc:83:39:b7:67:5f:0c:f4:19:fd:bf:59:f8:
08:d2:59:74:83:8f:3b:d0:c2:49:f3:7b:09:fb:bf:
3c:8e:1f:f8:9c:e3:5e:13:75:64:f7:48:f4:64:06:
04:fe:d8:a8:d8:33:18:4e:42:7b:8e:3e:5f:2d:80:
06:4a:6c:52:cc:79:2c:1c:4a:ab:37:08:ad:64:8d:
c0:7c:8e:dd:72:44:52:1b:1d:10:d9:f8:b7:ba:6a:
1d:70:59:21:16:61:5e:c7:56:a1:b5:cc:53:61:ff:
1a:0a:ba:50:f1:fd:5d:5c:85:2b:c2:03:b9:d1:cc:
78:25:f9:5a:ed:d2:08:0b:7f:bd:af:c6:92:df:8a:
68:0e:19:5e:36:b2:07:cd:6e:9f:8d:49:76:5d:a5:
27:32:7f:ce:50:a9:df:80:c7:85:db:96:69:14:dc:
62:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:DB:8F:FD:C5:E1:E2:A4:1A:32:06:2E:C2:72:2A:9D:DC:FA:6C:8B
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135372e302f32342d3234203d3e20343030303331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.157.0/24
Signature Algorithm: sha256WithRSAEncryption
76:49:64:47:9c:78:01:81:6e:1f:b4:2f:4a:78:6e:d3:5a:d3:
e9:b2:c9:36:08:2a:ab:94:23:02:4c:28:3f:d1:55:cb:3b:d5:
83:83:54:65:c4:58:f0:57:5a:73:4d:08:47:e3:c1:02:b2:a8:
b7:35:e0:cb:ff:43:62:c6:c4:90:3b:1b:1b:db:2a:1b:bf:e3:
13:c3:8c:18:40:8c:d9:2b:e2:da:87:66:95:c2:ce:25:98:c4:
85:f9:a8:b2:a7:2b:1a:6f:5e:26:1f:92:bd:fa:3a:20:af:4e:
61:d8:39:8a:89:c7:98:45:ae:12:e3:ee:28:4c:27:b7:0a:f3:
5b:36:b9:06:a6:87:4c:75:f9:56:13:16:0a:0c:9e:6b:d8:22:
b1:d2:de:c6:2d:8e:ab:66:99:46:ab:40:fd:d9:b5:50:64:24:
5f:9a:33:7e:ed:e5:44:39:a1:e5:fd:74:c6:15:22:fb:db:07:
45:dd:46:39:2e:f4:88:40:6f:d8:ad:e1:ab:3c:dc:10:c3:f0:
db:a8:c6:d3:f6:13:50:9b:7d:8e:53:24:83:ea:7c:36:bf:34:
72:85:51:dc:cd:9e:74:b7:0f:55:0c:27:a4:b2:2f:d0:09:04:
6d:c3:4e:2c:b7:b3:0a:85:68:78:d7:d4:86:e9:86:28:88:6e:
6c:86:5f:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJi7eVCI9OXYvWPyEhLtv1NgRhSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTEwMjIwNzUwMDlaFw0yNjEwMjEwNzU1MDlaMDMxMTAvBgNV
BAMTKDIwREI4RkZEQzVFMUUyQTQxQTMyMDYyRUMyNzIyQTlERENGQTZDOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzvX+rYVgINQgAjrJwQ8qUstrw
MfledqSmfNc/qNHe/5csms331u8fLiEpkCe0WbdvU3XJn7Itp1MlYNJd2SIG7fjh
UQMLeTu+NOk9ru/L4QmSEOzzNgBwD8/ZvIM5t2dfDPQZ/b9Z+AjSWXSDjzvQwknz
ewn7vzyOH/ic414TdWT3SPRkBgT+2KjYMxhOQnuOPl8tgAZKbFLMeSwcSqs3CK1k
jcB8jt1yRFIbHRDZ+Le6ah1wWSEWYV7HVqG1zFNh/xoKulDx/V1chSvCA7nRzHgl
+Vrt0ggLf72vxpLfimgOGV42sgfNbp+NSXZdpScyf85Qqd+Ax4XblmkU3GINAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUINuP/cXh4qQaMgYuwnIqndz6bIswHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzEzNTM1MmUzMTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDMzMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtm50wDQYJKoZIhvcNAQELBQADggEBAHZJZEeceAGBbh+0L0p4btNa0+myyTYI
KquUIwJMKD/RVcs71YODVGXEWPBXWnNNCEfjwQKyqLc14Mv/Q2LGxJA7GxvbKhu/
4xPDjBhAjNkr4tqHZpXCziWYxIX5qLKnKxpvXiYfkr36OiCvTmHYOYqJx5hFrhLj
7ihMJ7cK81s2uQamh0x1+VYTFgoMnmvYIrHS3sYtjqtmmUarQP3ZtVBkJF+aM37t
5UQ5oeX9dMYVIvvbB0XdRjku9IhAb9it4as83BDD8NuoxtP2E1CbfY5TJIPqfDa/
NHKFUdzNnnS3D1UMJ6SyL9AJBG3DTiy3swqFaHjX1IbphiiIbmyGXxw=
-----END CERTIFICATE-----
Generated at Sun Nov 2 11:59:16 2025 by rpki-client