Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131362e302f32332d3234203d3e20323131393336.roa
File: 34352e36352e3131362e302f32332d3234203d3e20323131393336.roa (raw, json)
Hash identifier: GXucdSTByrNZf/jA14dQ7LfXdfDVbmCUmr67C4aW9gc=
Subject key identifier: DA:A5:F5:4A:52:B3:1F:06:DA:8A:AC:30:22:49:BB:54:B5:9A:E2:C5
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 457E74BC21D28516FAC4707CB353717E1A04AF41
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131362e302f32332d3234203d3e20323131393336.roa
Signing time: Sun 31 Aug 2025 18:54:58 +0000
ROA not before: Sun 31 Aug 2025 18:49:58 +0000
ROA not after: Sun 30 Aug 2026 18:54:58 +0000
asID: 211936
IP address blocks: 45.65.116.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:7e:74:bc:21:d2:85:16:fa:c4:70:7c:b3:53:71:7e:1a:04:af:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Aug 31 18:49:58 2025 GMT
Not After : Aug 30 18:54:58 2026 GMT
Subject: CN=DAA5F54A52B31F06DA8AAC302249BB54B59AE2C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:f6:12:ab:e8:e1:41:c4:36:b7:56:a0:16:
09:c8:26:fa:36:82:40:b2:eb:bf:aa:11:c4:3c:9c:
43:9e:3d:6e:d1:9e:70:58:51:1a:c3:5d:ca:60:be:
97:da:f7:32:25:69:8d:3c:26:a3:b3:99:9d:cd:ab:
7e:2c:b2:2d:c7:84:33:74:59:b6:83:e5:dc:e2:44:
d0:58:64:51:63:b2:e5:b3:62:ce:f4:cf:80:ba:2b:
21:bf:8a:9e:a4:ae:86:93:7b:0b:c6:7e:0d:25:dc:
f6:ac:9f:28:a9:93:06:6a:86:de:96:f8:69:2f:b0:
9c:ca:2b:31:b9:d3:d0:85:3a:94:98:f6:81:e8:91:
c1:1d:4b:92:10:f2:72:77:35:6a:07:12:ec:de:7a:
ca:67:27:ea:bd:2d:98:2f:5d:34:85:bd:61:c5:02:
44:95:de:8b:e9:2e:0f:e6:8c:f2:6d:4f:e2:f7:a6:
98:5b:73:3b:b4:ad:2a:0a:ec:16:41:4f:d0:1f:0f:
83:2b:7c:dc:ec:ee:96:68:dd:7b:ad:4e:6c:07:05:
37:b3:c1:c3:84:8e:ed:c7:b8:3f:e6:3a:1c:6a:ed:
4d:36:d4:3e:bb:3f:20:ea:ad:a4:fc:ea:9d:96:f0:
d6:8d:5b:1f:f1:31:44:67:d0:a9:b7:85:cc:89:13:
8f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A5:F5:4A:52:B3:1F:06:DA:8A:AC:30:22:49:BB:54:B5:9A:E2:C5
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131362e302f32332d3234203d3e20323131393336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.116.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:03:7a:24:da:f0:82:4c:08:41:c6:9f:14:1c:77:b8:c7:ef:
88:9b:71:ee:c3:83:7a:d5:e4:da:cb:17:eb:7f:82:8b:1b:eb:
b5:c8:3b:87:58:63:6d:3d:70:b6:fc:80:4d:0f:14:3a:ab:e8:
07:f1:0a:1e:bd:cd:36:66:a5:ec:25:59:b6:9d:99:7d:03:6e:
64:bb:68:d6:68:e3:3a:b2:85:3b:c1:d6:e9:da:39:d8:1e:8e:
d2:3b:ec:19:fd:07:44:be:40:28:39:53:ff:9b:39:a5:17:c9:
b4:b7:ff:ee:71:7a:59:8c:b3:2c:55:61:a8:d9:9d:51:4e:9f:
d6:46:a0:5f:e5:3e:03:5a:c1:8c:09:cd:9f:55:40:a5:a7:00:
b9:1f:d7:26:9c:d1:2b:09:52:cb:f1:ea:22:0c:16:7a:d2:1b:
88:1b:40:41:29:9b:49:a3:c0:cd:9f:1a:57:1e:4e:a7:d9:9a:
1e:7c:3b:ee:5f:08:2d:b3:8c:0b:c9:4c:87:43:f7:7a:89:fd:
b7:f6:4f:bd:a6:0c:3c:0e:bc:be:eb:7a:f3:96:d6:f5:c5:80:
3f:7b:f1:55:4d:94:c2:f4:a8:15:cb:cd:82:87:89:ee:96:3f:
ac:4c:e1:ce:d8:b7:9b:ec:19:a0:29:9b:c0:7e:29:d1:86:44:
71:47:11:70
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURX50vCHShRb6xHB8s1NxfhoEr0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA4MzExODQ5NThaFw0yNjA4MzAxODU0NThaMDMxMTAvBgNV
BAMTKERBQTVGNTRBNTJCMzFGMDZEQThBQUMzMDIyNDlCQjU0QjU5QUUyQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxvYSq+jhQcQ2t1agFgnIJvo2
gkCy67+qEcQ8nEOePW7RnnBYURrDXcpgvpfa9zIlaY08JqOzmZ3Nq34ssi3HhDN0
WbaD5dziRNBYZFFjsuWzYs70z4C6KyG/ip6kroaTewvGfg0l3PasnyipkwZqht6W
+GkvsJzKKzG509CFOpSY9oHokcEdS5IQ8nJ3NWoHEuzeespnJ+q9LZgvXTSFvWHF
AkSV3ovpLg/mjPJtT+L3pphbczu0rSoK7BZBT9AfD4MrfNzs7pZo3XutTmwHBTez
wcOEju3HuD/mOhxq7U021D67PyDqraT86p2W8NaNWx/xMURn0Km3hcyJE48TAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2qX1SlKzHwbaiqwwIkm7VLWa4sUwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzYzNTJlMzEzMTM2
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzMTMxMzkzMzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LUF0MA0GCSqGSIb3DQEBCwUAA4IBAQBrA3ok2vCCTAhBxp8UHHe4x++Im3Huw4N6
1eTayxfrf4KLG+u1yDuHWGNtPXC2/IBNDxQ6q+gH8Qoevc02ZqXsJVm2nZl9A25k
u2jWaOM6soU7wdbp2jnYHo7SO+wZ/QdEvkAoOVP/mzmlF8m0t//ucXpZjLMsVWGo
2Z1RTp/WRqBf5T4DWsGMCc2fVUClpwC5H9cmnNErCVLL8eoiDBZ60huIG0BBKZtJ
o8DNnxpXHk6n2ZoefDvuXwgts4wLyUyHQ/d6if239k+9pgw8Dry+63rzltb1xYA/
e/FVTZTC9KgVy82Ch4nulj+sTOHO2Leb7BmgKZvAfinRhkRxRxFw
-----END CERTIFICATE-----
Generated at Thu Sep 18 05:17:42 2025 by rpki-client