Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131392e302f32342d3234203d3e20343031333232.roa
File: 34352e36352e3131392e302f32342d3234203d3e20343031333232.roa (raw, json)
Hash identifier: uQY3MjA3qyCCjwwZd/b3uqr2nmUioW/RQD+9hVzXbOg=
Subject key identifier: DA:1C:37:EB:1A:67:05:A9:0D:36:B3:FE:D3:FE:A5:73:86:07:7F:29
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 09F469EA1025C3D544B1FFAB0168887E52ABEF0F
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131392e302f32342d3234203d3e20343031333232.roa
Signing time: Thu 26 Mar 2026 04:33:18 +0000
ROA not before: Thu 26 Mar 2026 04:28:18 +0000
ROA not after: Thu 25 Mar 2027 04:33:18 +0000
asID: 401322
IP address blocks: 45.65.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:21:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:f4:69:ea:10:25:c3:d5:44:b1:ff:ab:01:68:88:7e:52:ab:ef:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Mar 26 04:28:18 2026 GMT
Not After : Mar 25 04:33:18 2027 GMT
Subject: CN=DA1C37EB1A6705A90D36B3FED3FEA57386077F29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:91:96:ba:80:b9:f7:ac:2f:68:61:35:42:05:
53:7c:d9:19:2d:54:73:e1:e1:86:c0:f8:77:e7:36:
6f:96:62:bc:30:9d:8f:85:77:0b:29:72:7a:91:cf:
0e:d6:03:39:18:7d:99:77:b9:af:44:8d:33:52:b2:
dc:05:fe:bd:50:28:a3:76:13:15:4e:46:1b:26:a8:
ba:dc:e2:43:9f:f8:43:d2:16:87:cf:29:8e:7b:e8:
26:2f:95:1f:5b:80:ae:08:1a:93:f2:a0:38:5f:56:
03:f8:b8:1d:c7:96:75:4c:af:5f:76:7a:ac:50:2c:
67:d9:0d:bc:bf:fd:bb:83:7e:96:03:44:21:e5:1c:
18:f5:37:8f:ae:33:06:8c:ed:b4:d2:ea:b9:77:e9:
16:a0:e6:df:75:b2:df:43:d9:fd:45:f2:f8:7b:73:
02:6d:a3:08:3f:d4:44:5c:22:8f:2d:d7:4a:7a:b4:
a4:2a:7b:83:2a:b8:f6:72:e0:45:45:80:e4:d2:15:
21:02:12:bb:03:6a:81:00:9e:02:15:8b:35:d4:a4:
22:b9:83:eb:49:63:26:bb:4a:68:41:f4:26:52:33:
fe:ea:70:54:13:10:9f:f1:de:3c:1a:21:9d:6c:b6:
d3:98:23:d2:70:3c:f0:41:39:52:97:c1:ae:1f:64:
35:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1C:37:EB:1A:67:05:A9:0D:36:B3:FE:D3:FE:A5:73:86:07:7F:29
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131392e302f32342d3234203d3e20343031333232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.119.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:fe:be:08:51:ed:da:2d:40:bb:26:f8:bf:20:cd:83:74:ed:
4b:2e:f6:63:80:04:00:73:7e:0e:a7:4f:42:02:50:25:9b:c4:
d9:39:64:0f:25:2a:67:f3:d4:a9:fe:69:49:fc:d8:6c:6f:d4:
0e:12:1f:eb:cf:2a:8c:0d:a4:11:fb:79:c9:22:d5:19:72:7b:
16:bb:e4:62:3b:db:19:93:1a:55:de:2a:10:3c:c8:13:f4:42:
3e:62:78:c7:9e:b4:b9:4a:a5:29:96:04:13:42:2f:6a:33:cf:
f7:c9:39:3b:02:64:83:50:c8:aa:8b:26:07:65:d8:be:9f:c6:
8b:f9:61:3b:65:b9:a2:6b:94:2c:38:8c:d8:48:9f:c4:37:a6:
64:ce:6e:db:3d:15:42:7a:02:bb:2f:b1:10:08:fe:66:60:b0:
40:6e:d1:f1:2e:e6:b9:f5:b6:c2:62:c5:21:9e:2f:c0:b7:7f:
73:9a:1b:d8:7c:4d:b9:3c:f2:9b:2d:2c:94:7d:2f:53:cd:a4:
85:6e:97:79:e7:d1:46:b3:3e:49:80:48:86:41:3b:47:84:0a:
af:de:3b:dd:75:93:a1:42:70:0d:72:a3:50:af:17:ea:7f:fb:
62:e8:03:03:cb:c8:b3:3f:6b:9e:e5:af:b8:41:d2:9a:ce:b3:
17:79:c9:0e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCfRp6hAlw9VEsf+rAWiIflKr7w8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNjAzMjYwNDI4MThaFw0yNzAzMjUwNDMzMThaMDMxMTAvBgNV
BAMTKERBMUMzN0VCMUE2NzA1QTkwRDM2QjNGRUQzRkVBNTczODYwNzdGMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCekZa6gLn3rC9oYTVCBVN82Rkt
VHPh4YbA+HfnNm+WYrwwnY+FdwspcnqRzw7WAzkYfZl3ua9EjTNSstwF/r1QKKN2
ExVORhsmqLrc4kOf+EPSFofPKY576CYvlR9bgK4IGpPyoDhfVgP4uB3HlnVMr192
eqxQLGfZDby//buDfpYDRCHlHBj1N4+uMwaM7bTS6rl36Rag5t91st9D2f1F8vh7
cwJtowg/1ERcIo8t10p6tKQqe4MquPZy4EVFgOTSFSECErsDaoEAngIVizXUpCK5
g+tJYya7SmhB9CZSM/7qcFQTEJ/x3jwaIZ1sttOYI9JwPPBBOVKXwa4fZDW1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2hw36xpnBakNNrP+0/6lc4YHfykwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzYzNTJlMzEzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMxMzMzMjMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUF3MA0GCSqGSIb3DQEBCwUAA4IBAQBr/r4IUe3aLUC7Jvi/IM2DdO1LLvZjgAQA
c34Op09CAlAlm8TZOWQPJSpn89Sp/mlJ/Nhsb9QOEh/rzyqMDaQR+3nJItUZcnsW
u+RiO9sZkxpV3ioQPMgT9EI+YnjHnrS5SqUplgQTQi9qM8/3yTk7AmSDUMiqiyYH
Zdi+n8aL+WE7Zbmia5QsOIzYSJ/EN6Zkzm7bPRVCegK7L7EQCP5mYLBAbtHxLua5
9bbCYsUhni/At39zmhvYfE25PPKbLSyUfS9TzaSFbpd559FGsz5JgEiGQTtHhAqv
3jvddZOhQnANcqNQrxfqf/ti6AMDy8izP2ue5a+4QdKazrMXeckO
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:00:59 2026 by rpki-client