Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36342e302f32342d3234203d3e20323131333733.roa
File: 34352e39352e36342e302f32342d3234203d3e20323131333733.roa (raw, json)
Hash identifier: t/MYMgzDbaVA94OGDbJcLP85lGX3T66tzpNgs+P9sO4=
Subject key identifier: 83:06:5F:86:F8:87:52:ED:D8:2E:0B:F3:10:02:4C:08:D0:09:7A:05
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 51C5FAC6A5C0A28040F9BE428FE595D713898FAC
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36342e302f32342d3234203d3e20323131333733.roa
Signing time: Mon 25 Aug 2025 09:54:13 +0000
ROA not before: Mon 25 Aug 2025 09:49:13 +0000
ROA not after: Mon 24 Aug 2026 09:54:13 +0000
asID: 211373
IP address blocks: 45.95.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 01:52:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c5:fa:c6:a5:c0:a2:80:40:f9:be:42:8f:e5:95:d7:13:89:8f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Aug 25 09:49:13 2025 GMT
Not After : Aug 24 09:54:13 2026 GMT
Subject: CN=83065F86F88752EDD82E0BF310024C08D0097A05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:86:72:f4:63:3d:9b:3f:b5:90:c1:fa:8d:3f:
77:1a:54:64:01:ac:35:d9:e1:e2:0a:9f:f8:73:4b:
b4:47:0a:34:b0:4b:c6:d4:aa:1f:bc:c9:72:d1:4d:
8f:79:7a:02:2f:37:55:df:ea:16:1c:78:3a:db:2f:
d6:65:64:3c:ba:ca:b2:1b:f1:81:b3:70:fc:43:8d:
9c:95:11:83:03:af:6a:0f:a8:11:f8:0c:88:14:c2:
4e:f3:8c:26:85:c8:cc:c8:bf:f2:a1:4c:83:be:75:
a4:21:22:b5:b3:42:9f:61:46:0c:d9:3f:65:2e:15:
e0:88:a1:9e:70:84:92:95:ea:8f:b6:fd:51:69:ca:
4b:31:36:b5:d2:e9:57:5c:64:99:ee:d8:63:76:d3:
f8:bb:9f:79:bd:d9:9a:0b:22:f9:11:eb:dc:d2:8c:
e6:57:cc:73:9b:c9:c4:53:3f:ff:b1:45:e6:fb:b2:
46:42:98:e1:0d:2e:2c:fc:56:79:29:df:14:f0:c4:
2f:18:06:c2:97:66:4d:55:0e:da:c8:76:7c:86:93:
49:c6:6d:aa:94:0a:db:43:e9:87:59:7c:97:03:06:
a7:64:c1:d8:8c:3d:94:e7:cc:81:37:cf:cf:0e:34:
76:48:57:83:19:ea:55:82:2f:b8:88:78:d4:f0:77:
e1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:06:5F:86:F8:87:52:ED:D8:2E:0B:F3:10:02:4C:08:D0:09:7A:05
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36342e302f32342d3234203d3e20323131333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.64.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:f3:70:25:44:d3:98:4b:dc:5f:f6:a7:5a:71:b9:a3:03:46:
75:c6:4f:1f:1c:3c:7c:a9:72:fa:55:02:6f:cd:fe:2d:bb:4e:
d4:f6:51:41:6d:bf:d7:98:2f:d1:97:e3:88:5c:c6:fc:5c:8b:
90:61:01:d5:71:ad:09:3c:c3:96:a7:76:f3:81:4c:5e:2f:e1:
7f:d3:e0:35:ba:66:62:41:ce:e3:34:ea:9c:b8:84:ad:78:97:
00:89:16:70:27:95:72:1c:ed:f5:e9:81:28:39:f8:d2:d6:4a:
95:6f:19:b3:75:62:25:86:9f:97:78:9b:17:95:cd:81:38:1b:
cf:34:6f:ea:aa:20:10:15:8b:de:15:19:0f:01:32:91:a8:9c:
28:c0:b7:96:d0:e9:07:a6:b2:04:c2:d5:6f:28:d8:00:fa:ef:
c7:01:3e:a9:aa:13:08:d9:b6:5a:66:29:cc:9f:a6:17:ff:b9:
59:5b:29:4c:f1:c5:20:f3:40:a0:c3:9e:1e:8b:08:25:1b:95:
fe:c8:6f:5c:e9:aa:c7:85:d9:bd:fa:1e:04:25:e9:89:4d:ed:
b4:d1:a3:b6:d0:b2:5e:1d:82:ee:53:41:0e:91:6d:f8:a6:76:
e3:38:e3:aa:37:fc:c8:90:e2:f4:4a:79:08:8e:6a:c6:18:ac:
27:fa:4b:a3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUUcX6xqXAooBA+b5Cj+WV1xOJj6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA4MjUwOTQ5MTNaFw0yNjA4MjQwOTU0MTNaMDMxMTAvBgNV
BAMTKDgzMDY1Rjg2Rjg4NzUyRUREODJFMEJGMzEwMDI0QzA4RDAwOTdBMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrhnL0Yz2bP7WQwfqNP3caVGQB
rDXZ4eIKn/hzS7RHCjSwS8bUqh+8yXLRTY95egIvN1Xf6hYceDrbL9ZlZDy6yrIb
8YGzcPxDjZyVEYMDr2oPqBH4DIgUwk7zjCaFyMzIv/KhTIO+daQhIrWzQp9hRgzZ
P2UuFeCIoZ5whJKV6o+2/VFpyksxNrXS6VdcZJnu2GN20/i7n3m92ZoLIvkR69zS
jOZXzHObycRTP/+xReb7skZCmOENLiz8Vnkp3xTwxC8YBsKXZk1VDtrIdnyGk0nG
baqUCttD6YdZfJcDBqdkwdiMPZTnzIE3z88ONHZIV4MZ6lWCL7iIeNTwd+EdAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUgwZfhviHUu3YLgvzEAJMCNAJegUwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzkzNTJlMzYzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTMzMzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1f
QDANBgkqhkiG9w0BAQsFAAOCAQEAmvNwJUTTmEvcX/anWnG5owNGdcZPHxw8fKly
+lUCb83+LbtO1PZRQW2/15gv0ZfjiFzG/FyLkGEB1XGtCTzDlqd284FMXi/hf9Pg
NbpmYkHO4zTqnLiErXiXAIkWcCeVchzt9emBKDn40tZKlW8Zs3ViJYafl3ibF5XN
gTgbzzRv6qogEBWL3hUZDwEykaicKMC3ltDpB6ayBMLVbyjYAPrvxwE+qaoTCNm2
WmYpzJ+mF/+5WVspTPHFIPNAoMOeHosIJRuV/shvXOmqx4XZvfoeBCXpiU3ttNGj
ttCyXh2C7lNBDpFt+KZ24zjjqjf8yJDi9Ep5CI5qxhisJ/pLow==
-----END CERTIFICATE-----
Generated at Mon Sep 15 09:34:28 2025 by rpki-client