Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135382e302f32342d3234203d3e203231383539.roa
File: 34352e3135352e3135382e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: XuGO11wVvpuub4HELC4n1jHW4YCQnWV6MaqEEOcxysU=
Subject key identifier: 55:D3:96:6B:5F:4E:79:FD:7A:00:E8:38:1F:7D:45:02:E6:EB:C2:FF
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 5D23458AA779A75FCF43AA442A7CF5D1223AD72E
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135382e302f32342d3234203d3e203231383539.roa
Signing time: Tue 21 Oct 2025 10:55:09 +0000
ROA not before: Tue 21 Oct 2025 10:50:09 +0000
ROA not after: Tue 20 Oct 2026 10:55:09 +0000
asID: 21859
IP address blocks: 45.155.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 08:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:23:45:8a:a7:79:a7:5f:cf:43:aa:44:2a:7c:f5:d1:22:3a:d7:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Oct 21 10:50:09 2025 GMT
Not After : Oct 20 10:55:09 2026 GMT
Subject: CN=55D3966B5F4E79FD7A00E8381F7D4502E6EBC2FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:09:39:50:dc:9a:0a:8f:ff:8f:2a:d6:46:a8:
c2:b0:24:45:8c:41:fe:00:cf:38:6b:3d:cb:47:32:
a7:d1:85:f5:60:51:a7:05:a7:d9:9f:b0:97:fb:bb:
ed:38:95:16:37:a7:22:d0:f5:f8:29:8d:15:c5:8f:
f3:96:39:23:68:62:6b:fa:db:07:80:8d:7c:28:51:
66:d3:45:57:54:2d:62:37:8d:43:e7:c5:69:ba:bd:
79:b9:dc:b5:50:7f:47:e2:e3:0a:84:9b:d9:c5:25:
1b:2d:8d:e0:28:de:9b:21:ed:17:a0:50:dc:58:30:
b6:f2:86:e6:71:bc:19:d2:e1:e5:13:01:b6:96:5e:
94:ab:41:c7:e7:73:f3:93:1c:95:21:9d:10:79:f1:
6f:80:6c:e0:9b:fe:4a:84:58:46:e1:6e:1e:5f:6a:
4a:f7:b6:6e:22:0d:cb:70:3b:f5:93:93:66:b7:81:
2e:e1:73:17:ef:bb:0a:e3:e2:70:2a:ce:a0:42:a6:
1c:68:86:ae:42:08:44:d5:4e:22:e3:40:b5:4b:2a:
44:04:c7:ad:6c:86:cb:da:0a:e1:a9:ec:f4:88:d1:
8d:cc:23:2e:ee:24:ec:38:8d:97:88:9d:79:8c:a5:
e0:19:03:ad:79:a2:ef:62:72:4c:d9:c6:78:c4:07:
1b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D3:96:6B:5F:4E:79:FD:7A:00:E8:38:1F:7D:45:02:E6:EB:C2:FF
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135382e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.158.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:05:4a:15:3c:d1:30:e4:53:a2:03:3b:f0:5b:fa:3c:35:84:
bc:b9:07:20:13:b0:53:d5:20:03:76:f9:18:25:59:cb:48:ff:
94:6d:07:bb:ce:ce:18:28:cb:93:e0:9d:91:ac:cc:d2:b5:fc:
31:da:85:30:6a:07:79:17:79:21:f4:fb:d3:86:4d:ba:ad:b5:
d2:db:e4:8a:f5:8c:6a:a9:e3:ac:6a:40:2e:cd:89:1d:c9:f9:
6e:d1:a9:c6:51:21:c4:a3:81:e3:c0:a9:76:08:95:29:3e:0a:
60:1a:1c:65:a5:1f:f7:ea:14:6b:f5:de:5f:fc:be:39:38:2a:
f8:c7:b6:d0:0f:c9:43:28:aa:4a:e3:5c:f7:28:a4:8b:30:5d:
e9:9e:2b:fc:ba:76:ce:0d:20:34:b6:2f:45:59:f5:e6:62:a1:
c4:f1:b4:a7:fd:2c:0e:19:01:23:9d:d5:73:14:5d:08:a2:64:
70:94:4f:c6:79:3d:f7:a6:f4:7a:57:01:d5:da:78:aa:f6:7c:
ee:e7:0b:5a:06:f5:87:8e:90:8c:ac:50:f5:b4:93:2d:6e:cb:
63:29:5b:96:a8:b6:fa:9b:70:b6:dd:0d:54:99:f6:b0:3c:f2:
1c:1f:f3:03:92:cf:89:37:7d:23:83:5f:37:e0:e6:3c:01:2a:
3d:bf:e4:de
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXSNFiqd5p1/PQ6pEKnz10SI61y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTEwMjExMDUwMDlaFw0yNjEwMjAxMDU1MDlaMDMxMTAvBgNV
BAMTKDU1RDM5NjZCNUY0RTc5RkQ3QTAwRTgzODFGN0Q0NTAyRTZFQkMyRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDECTlQ3JoKj/+PKtZGqMKwJEWM
Qf4AzzhrPctHMqfRhfVgUacFp9mfsJf7u+04lRY3pyLQ9fgpjRXFj/OWOSNoYmv6
2weAjXwoUWbTRVdULWI3jUPnxWm6vXm53LVQf0fi4wqEm9nFJRstjeAo3psh7Reg
UNxYMLbyhuZxvBnS4eUTAbaWXpSrQcfnc/OTHJUhnRB58W+AbOCb/kqEWEbhbh5f
akr3tm4iDctwO/WTk2a3gS7hcxfvuwrj4nAqzqBCphxohq5CCETVTiLjQLVLKkQE
x61shsvaCuGp7PSI0Y3MIy7uJOw4jZeInXmMpeAZA615ou9ickzZxnjEBxupAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVdOWa19Oef16AOg4H31FAubrwv8wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzEzNTM1MmUzMTM1
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZueMA0GCSqGSIb3DQEBCwUAA4IBAQAfBUoVPNEw5FOiAzvwW/o8NYS8uQcgE7BT
1SADdvkYJVnLSP+UbQe7zs4YKMuT4J2RrMzStfwx2oUwagd5F3kh9PvThk26rbXS
2+SK9YxqqeOsakAuzYkdyflu0anGUSHEo4HjwKl2CJUpPgpgGhxlpR/36hRr9d5f
/L45OCr4x7bQD8lDKKpK41z3KKSLMF3pniv8unbODSA0ti9FWfXmYqHE8bSn/SwO
GQEjndVzFF0IomRwlE/GeT33pvR6VwHV2niq9nzu5wtaBvWHjpCMrFD1tJMtbstj
KVuWqLb6m3C23Q1UmfawPPIcH/MDks+JN30jg1834OY8ASo9v+Te
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:20:40 2025 by rpki-client