Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131392e302f32342d3234203d3e20343032323033.roa
File: 34352e36352e3131392e302f32342d3234203d3e20343032323033.roa (raw, json)
Hash identifier: 8mpacF6uPmj/xetorecqqm155976BUQql8lWZ/BG5OY=
Subject key identifier: 54:EA:52:11:B3:B0:78:76:37:50:B8:46:8C:AA:D3:87:6B:87:84:34
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 75E874F1AA5DB4FCEA134868555A8E94FAB94C72
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131392e302f32342d3234203d3e20343032323033.roa
Signing time: Wed 18 Mar 2026 09:26:02 +0000
ROA not before: Wed 18 Mar 2026 09:21:02 +0000
ROA not after: Wed 17 Mar 2027 09:26:02 +0000
asID: 402203
IP address blocks: 45.65.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 05:34:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:e8:74:f1:aa:5d:b4:fc:ea:13:48:68:55:5a:8e:94:fa:b9:4c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Mar 18 09:21:02 2026 GMT
Not After : Mar 17 09:26:02 2027 GMT
Subject: CN=54EA5211B3B078763750B8468CAAD3876B878434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5f:ac:ea:74:f7:8c:92:50:7a:6e:7f:13:69:
33:f4:c2:6e:b7:f5:0e:bb:6a:cc:1f:3a:f8:73:89:
40:de:bd:f1:3b:07:eb:39:47:64:ef:8f:8d:50:45:
33:ca:d0:13:13:f3:7c:4b:1c:3c:0d:d1:5d:05:cc:
69:af:c1:f7:88:1d:1e:08:46:07:cb:4a:52:e5:00:
44:83:08:ae:9b:9d:b6:08:83:87:26:5e:38:78:ac:
28:1f:53:69:4a:6e:73:19:4f:35:b2:a5:9e:ae:03:
de:21:43:46:32:da:3b:4a:5d:54:a2:62:6a:b9:ef:
22:b0:33:79:3d:de:73:b2:a1:88:b2:bc:16:67:93:
15:11:73:3c:27:14:7b:94:0c:59:15:1e:5a:02:36:
d0:15:ce:19:f3:14:5f:20:59:c9:2e:8d:bd:15:ac:
17:df:8b:64:03:be:d9:32:88:03:46:15:20:bf:82:
28:c4:fd:80:08:fd:d0:f8:14:4a:67:7d:82:c3:c0:
f1:b6:67:4c:9b:f5:ac:90:c1:ef:95:3c:85:ee:0a:
d0:81:ea:c0:ff:ee:0d:ec:fa:36:17:4c:6d:5a:ca:
b2:67:f8:1a:75:18:63:1f:11:de:1e:b0:b1:94:a7:
99:4d:5d:98:57:58:65:6c:b7:c6:10:66:fc:ff:ed:
1c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:EA:52:11:B3:B0:78:76:37:50:B8:46:8C:AA:D3:87:6B:87:84:34
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131392e302f32342d3234203d3e20343032323033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.119.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:cc:7f:20:e2:99:c9:f5:eb:e6:33:52:24:f8:e9:7d:0c:1c:
d5:fb:1d:cf:bd:49:7d:ef:16:cb:e6:58:c6:d2:49:d1:86:e7:
f8:7d:16:06:30:f3:85:24:ba:a0:b2:cd:9f:6c:5f:2e:6f:6e:
70:80:d2:23:53:27:6c:30:76:ee:e6:07:d1:d5:2a:ba:88:43:
6c:a0:28:cf:d8:9a:d4:23:fb:25:d8:44:61:14:45:f9:05:e2:
5c:bf:34:ee:51:cf:d3:36:b7:a1:72:58:35:6a:25:03:84:2b:
ba:3c:03:b9:a4:02:c5:e1:35:47:a3:25:b7:88:26:1a:72:ac:
38:72:b7:24:98:90:7f:e2:dc:92:ce:cc:76:9a:84:d4:c5:8a:
ec:0b:6e:1c:e9:f5:d8:14:c0:39:a2:51:d1:43:0d:16:80:29:
cf:79:7e:cb:80:b7:b2:48:b6:42:6c:16:ae:ba:06:7f:61:d8:
fb:38:55:c0:63:ca:79:d0:a3:94:bd:67:07:cc:63:cf:cd:33:
5c:e7:06:d1:96:fd:ff:a4:e0:b1:26:27:79:2d:1b:cb:32:d1:
9a:3b:0c:65:4e:52:0e:ba:10:b2:08:31:d4:0d:f8:04:76:81:
77:fb:59:1c:39:e7:01:87:f1:66:ec:69:e1:e1:54:59:a4:1b:
89:15:3a:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdeh08apdtPzqE0hoVVqOlPq5THIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNjAzMTgwOTIxMDJaFw0yNzAzMTcwOTI2MDJaMDMxMTAvBgNV
BAMTKDU0RUE1MjExQjNCMDc4NzYzNzUwQjg0NjhDQUFEMzg3NkI4Nzg0MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjX6zqdPeMklB6bn8TaTP0wm63
9Q67aswfOvhziUDevfE7B+s5R2Tvj41QRTPK0BMT83xLHDwN0V0FzGmvwfeIHR4I
RgfLSlLlAESDCK6bnbYIg4cmXjh4rCgfU2lKbnMZTzWypZ6uA94hQ0Yy2jtKXVSi
Ymq57yKwM3k93nOyoYiyvBZnkxURczwnFHuUDFkVHloCNtAVzhnzFF8gWckujb0V
rBffi2QDvtkyiANGFSC/gijE/YAI/dD4FEpnfYLDwPG2Z0yb9ayQwe+VPIXuCtCB
6sD/7g3s+jYXTG1ayrJn+Bp1GGMfEd4esLGUp5lNXZhXWGVst8YQZvz/7RydAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVOpSEbOweHY3ULhGjKrTh2uHhDQwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzYzNTJlMzEzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMyMzIzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUF3MA0GCSqGSIb3DQEBCwUAA4IBAQDAzH8g4pnJ9evmM1Ik+Ol9DBzV+x3PvUl9
7xbL5ljG0knRhuf4fRYGMPOFJLqgss2fbF8ub25wgNIjUydsMHbu5gfR1Sq6iENs
oCjP2JrUI/sl2ERhFEX5BeJcvzTuUc/TNrehclg1aiUDhCu6PAO5pALF4TVHoyW3
iCYacqw4crckmJB/4tySzsx2moTUxYrsC24c6fXYFMA5olHRQw0WgCnPeX7LgLey
SLZCbBauugZ/Ydj7OFXAY8p50KOUvWcHzGPPzTNc5wbRlv3/pOCxJid5LRvLMtGa
OwxlTlIOuhCyCDHUDfgEdoF3+1kcOecBh/Fm7Gnh4VRZpBuJFTpf
-----END CERTIFICATE-----
Generated at Thu Mar 19 23:04:47 2026 by rpki-client