Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36362e302f32342d3234203d3e20323033303534.roa
File: 34352e39352e36362e302f32342d3234203d3e20323033303534.roa (raw, json)
Hash identifier: IcEoLspy1mcUCbrPcNzBxMp1rzKvLDxWaQsvDfM8RoI=
Subject key identifier: 24:92:37:63:FA:FD:8D:74:18:21:30:AD:C1:16:C3:4E:B7:5A:1E:D6
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 0FD2049E7BD69923A186864231741A03BBBBD718
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36362e302f32342d3234203d3e20323033303534.roa
Signing time: Mon 30 Mar 2026 08:07:58 +0000
ROA not before: Mon 30 Mar 2026 08:02:58 +0000
ROA not after: Mon 29 Mar 2027 08:07:58 +0000
asID: 203054
IP address blocks: 45.95.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 08:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:d2:04:9e:7b:d6:99:23:a1:86:86:42:31:74:1a:03:bb:bb:d7:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Mar 30 08:02:58 2026 GMT
Not After : Mar 29 08:07:58 2027 GMT
Subject: CN=24923763FAFD8D74182130ADC116C34EB75A1ED6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8c:a7:5b:65:f7:fa:1a:b7:65:9b:52:a8:7b:
72:08:3b:35:6a:2c:56:1c:2d:49:d0:63:29:06:4c:
16:83:81:44:d1:13:e1:8e:33:51:2c:ef:90:92:c2:
ff:fd:0e:8f:9d:33:99:6d:ed:8a:fa:1b:0e:5b:84:
e3:ec:e1:9e:2a:0f:58:9d:60:3f:df:b0:64:1b:af:
04:64:fe:bb:52:fc:99:71:a2:f5:db:e2:7f:d6:64:
3a:c9:1e:79:c4:db:05:f4:8a:3b:25:ff:a5:c9:95:
e2:ee:c4:cf:c6:53:26:7c:2e:44:6a:09:24:d8:20:
ac:8e:94:eb:01:38:5e:48:9e:e8:b0:77:97:04:82:
fb:b9:16:b5:e6:d9:e4:4b:3d:3a:c7:ef:5d:35:e8:
d6:6b:51:2a:37:1e:1a:5d:99:a3:ed:a9:e9:66:51:
4a:00:33:03:41:06:06:b6:8b:d2:85:94:2d:53:33:
da:a5:3f:d0:25:3a:d0:17:f4:06:8c:36:f8:58:1a:
4f:eb:d3:48:aa:fc:10:03:0c:d3:e6:02:6d:a3:dd:
e5:8f:80:a7:4f:33:8a:b6:58:a3:2a:e8:86:a1:99:
ff:7a:3c:cb:38:a4:ce:c0:8d:48:6a:7b:4a:1a:3b:
f1:49:9f:24:b1:60:e0:4f:3b:8d:34:87:d7:9f:8a:
42:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:92:37:63:FA:FD:8D:74:18:21:30:AD:C1:16:C3:4E:B7:5A:1E:D6
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36362e302f32342d3234203d3e20323033303534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.66.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:ce:fe:f8:e4:bd:bb:6e:e1:c0:8f:81:e0:cd:4d:52:7b:2a:
66:b2:2e:7a:91:75:9f:5b:4c:9f:08:47:48:57:34:06:1c:55:
20:92:a2:7b:4c:8d:c1:ba:88:65:80:71:fb:24:46:9b:44:c4:
28:41:58:8b:51:b9:89:25:4f:cb:7d:7a:40:67:b1:39:e8:c6:
4b:35:4c:41:9c:c9:2d:71:7d:46:22:1f:1d:e9:64:8e:af:56:
06:fb:e7:f0:cb:d6:af:f8:28:ca:8e:f7:8b:a5:3a:71:05:cb:
25:60:db:f8:d1:7d:07:5b:6e:f9:bf:4b:de:3a:06:f6:9e:25:
6e:64:f6:77:32:d2:6c:74:49:68:11:f5:30:75:65:6d:76:b5:
0d:e3:51:d8:1f:10:4b:36:4a:b5:69:dc:d5:eb:0a:05:f1:50:
20:2b:84:2c:1e:9e:f1:12:35:07:be:dc:64:d8:dc:4d:e0:8a:
6c:40:6a:cd:f0:d9:7b:55:57:2e:7b:a5:9d:52:4d:68:e6:45:
00:4d:d9:d1:20:03:f1:a9:6b:c4:b7:1e:51:a9:42:89:2b:8b:
a9:5f:93:6f:fc:36:23:53:8f:40:c4:fc:47:2e:a8:08:df:76:
81:18:bb:87:dd:41:80:64:83:dd:4a:27:ac:22:db:75:c2:33:
7f:3f:19:3a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUD9IEnnvWmSOhhoZCMXQaA7u71xgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNjAzMzAwODAyNThaFw0yNzAzMjkwODA3NThaMDMxMTAvBgNV
BAMTKDI0OTIzNzYzRkFGRDhENzQxODIxMzBBREMxMTZDMzRFQjc1QTFFRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbjKdbZff6Grdlm1Koe3IIOzVq
LFYcLUnQYykGTBaDgUTRE+GOM1Es75CSwv/9Do+dM5lt7Yr6Gw5bhOPs4Z4qD1id
YD/fsGQbrwRk/rtS/JlxovXb4n/WZDrJHnnE2wX0ijsl/6XJleLuxM/GUyZ8LkRq
CSTYIKyOlOsBOF5Inuiwd5cEgvu5FrXm2eRLPTrH71016NZrUSo3HhpdmaPtqelm
UUoAMwNBBga2i9KFlC1TM9qlP9AlOtAX9AaMNvhYGk/r00iq/BADDNPmAm2j3eWP
gKdPM4q2WKMq6Iahmf96PMs4pM7AjUhqe0oaO/FJnySxYOBPO400h9efikITAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUJJI3Y/r9jXQYITCtwRbDTrdaHtYwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzkzNTJlMzYzNjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzUzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1f
QjANBgkqhkiG9w0BAQsFAAOCAQEAD87++OS9u27hwI+B4M1NUnsqZrIuepF1n1tM
nwhHSFc0BhxVIJKie0yNwbqIZYBx+yRGm0TEKEFYi1G5iSVPy316QGexOejGSzVM
QZzJLXF9RiIfHelkjq9WBvvn8MvWr/goyo73i6U6cQXLJWDb+NF9B1tu+b9L3joG
9p4lbmT2dzLSbHRJaBH1MHVlbXa1DeNR2B8QSzZKtWnc1esKBfFQICuELB6e8RI1
B77cZNjcTeCKbEBqzfDZe1VXLnulnVJNaOZFAE3Z0SAD8alrxLceUalCiSuLqV+T
b/w2I1OPQMT8Ry6oCN92gRi7h91BgGSD3UonrCLbdcIzfz8ZOg==
-----END CERTIFICATE-----
Generated at Mon Mar 30 15:53:18 2026 by rpki-client