Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131382e302f32342d3234203d3e20343030393039.roa
File: 34352e36352e3131382e302f32342d3234203d3e20343030393039.roa (raw, json)
Hash identifier: 9n5NRyTUo8TlgAQfcuMCg+y7JOPeAkm5nm3LNDjjJCY=
Subject key identifier: 17:71:FC:87:8E:A1:95:9F:A5:49:59:58:4B:0D:49:A1:E4:75:9A:46
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 0AB130E6DEE6A7F7AA24D7294B3B5F40F4AA1F49
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131382e302f32342d3234203d3e20343030393039.roa
Signing time: Thu 30 Oct 2025 13:55:11 +0000
ROA not before: Thu 30 Oct 2025 13:50:11 +0000
ROA not after: Thu 29 Oct 2026 13:55:11 +0000
asID: 400909
IP address blocks: 45.65.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 08:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:b1:30:e6:de:e6:a7:f7:aa:24:d7:29:4b:3b:5f:40:f4:aa:1f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Oct 30 13:50:11 2025 GMT
Not After : Oct 29 13:55:11 2026 GMT
Subject: CN=1771FC878EA1959FA54959584B0D49A1E4759A46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:50:dc:43:20:79:c0:0d:b3:61:a1:f8:46:3a:
8d:33:fd:d1:8c:e6:6c:68:77:32:f1:ce:11:18:e0:
f8:ba:e0:f4:62:72:5a:04:d9:b7:52:65:85:2a:5d:
88:0c:16:44:bd:90:42:ac:89:b9:cb:05:51:59:48:
ef:4f:93:c7:3e:5f:75:18:da:ea:53:d0:5d:1c:9a:
38:db:de:4e:c6:72:0a:b8:cc:5f:eb:10:ed:16:dd:
74:54:43:f5:d9:f8:13:34:79:55:20:10:53:e1:ee:
eb:cb:2a:a5:fb:11:6b:cc:7b:83:73:7f:c3:41:b2:
c5:aa:5d:b5:3d:0c:c2:ec:9d:bf:2e:7b:5d:2d:8c:
db:05:fa:e7:1b:e2:b9:53:9b:c9:68:7e:e0:9d:0f:
36:31:82:84:70:48:50:45:5a:3e:5c:8f:9c:2d:7d:
4d:ab:5e:8c:4c:2e:aa:b5:48:42:37:21:a7:c1:ae:
40:07:60:12:f8:fc:ae:84:bd:a3:20:83:f1:5a:37:
3d:26:af:d4:83:f9:36:34:77:d9:04:3c:a4:9f:a2:
64:c4:3a:63:82:ff:d1:46:96:da:c1:86:30:f8:ef:
87:da:0b:44:1a:44:5b:e7:83:f7:f1:9b:a2:5d:5f:
57:eb:56:2a:ec:a1:0c:68:48:ea:07:12:27:21:9a:
8c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:71:FC:87:8E:A1:95:9F:A5:49:59:58:4B:0D:49:A1:E4:75:9A:46
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131382e302f32342d3234203d3e20343030393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.118.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:80:e8:20:d5:e7:8a:18:88:0c:5b:29:7b:4f:5a:46:d5:b8:
74:c1:41:91:de:78:bb:e5:ef:ba:58:01:47:ae:cd:5e:42:68:
95:0a:5a:c4:99:93:18:31:c4:7a:50:d0:5d:91:1c:ff:f5:9a:
90:68:98:1f:4b:7f:3b:e8:03:6e:55:78:87:ef:a5:43:cf:36:
fa:af:6c:8a:02:04:17:b7:86:0f:5f:6c:be:5a:36:3d:f8:b9:
78:ab:70:30:e4:20:56:f2:38:f3:5a:0a:e8:0c:08:6b:e5:c6:
63:a4:fe:4f:c9:92:95:6e:6f:88:13:86:7c:f1:29:31:6d:1d:
e0:91:23:1d:77:a2:02:ef:a3:4e:95:2b:93:37:2a:ff:7f:a0:
8f:80:b6:1f:c3:34:ff:93:18:db:8d:0f:4e:8f:bb:94:48:53:
c9:14:f6:47:0f:ee:61:74:33:d6:26:62:2e:58:11:2a:e3:8d:
58:b5:32:b6:43:16:99:d1:ac:45:d1:77:83:18:12:49:f2:f3:
8e:5c:9c:0a:22:b4:c9:e9:76:00:95:53:23:92:85:c9:3e:39:
ee:5e:bf:a4:c5:ad:7a:cc:3e:de:4f:c9:58:32:22:2f:41:50:
4a:33:ac:46:69:b4:12:63:9c:aa:f9:7b:de:0c:45:20:0c:33:
c7:aa:12:95
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCrEw5t7mp/eqJNcpSztfQPSqH0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTEwMzAxMzUwMTFaFw0yNjEwMjkxMzU1MTFaMDMxMTAvBgNV
BAMTKDE3NzFGQzg3OEVBMTk1OUZBNTQ5NTk1ODRCMEQ0OUExRTQ3NTlBNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEUNxDIHnADbNhofhGOo0z/dGM
5mxodzLxzhEY4Pi64PRicloE2bdSZYUqXYgMFkS9kEKsibnLBVFZSO9Pk8c+X3UY
2upT0F0cmjjb3k7Gcgq4zF/rEO0W3XRUQ/XZ+BM0eVUgEFPh7uvLKqX7EWvMe4Nz
f8NBssWqXbU9DMLsnb8ue10tjNsF+ucb4rlTm8lofuCdDzYxgoRwSFBFWj5cj5wt
fU2rXoxMLqq1SEI3IafBrkAHYBL4/K6EvaMgg/FaNz0mr9SD+TY0d9kEPKSfomTE
OmOC/9FGltrBhjD474faC0QaRFvng/fxm6JdX1frVirsoQxoSOoHEichmozrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUF3H8h46hlZ+lSVlYSw1JoeR1mkYwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzYzNTJlMzEzMTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzkzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUF2MA0GCSqGSIb3DQEBCwUAA4IBAQDPgOgg1eeKGIgMWyl7T1pG1bh0wUGR3ni7
5e+6WAFHrs1eQmiVClrEmZMYMcR6UNBdkRz/9ZqQaJgfS3876ANuVXiH76VDzzb6
r2yKAgQXt4YPX2y+WjY9+Ll4q3Aw5CBW8jjzWgroDAhr5cZjpP5PyZKVbm+IE4Z8
8SkxbR3gkSMdd6IC76NOlSuTNyr/f6CPgLYfwzT/kxjbjQ9Oj7uUSFPJFPZHD+5h
dDPWJmIuWBEq441YtTK2QxaZ0axF0XeDGBJJ8vOOXJwKIrTJ6XYAlVMjkoXJPjnu
Xr+kxa16zD7eT8lYMiIvQVBKM6xGabQSY5yq+XveDEUgDDPHqhKV
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:18:28 2025 by rpki-client