Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/37372e38332e3130342e302f32342d3234203d3e203531303832.roa
File: 37372e38332e3130342e302f32342d3234203d3e203531303832.roa (raw, json)
Hash identifier: f4KVXxUKp4riN8a3EihoRPkWdBINxwO2o5MNyOJ3lyE=
Subject key identifier: 18:A5:DE:CF:90:06:14:D0:6F:A2:E5:67:D4:EB:34:ED:CB:47:44:6E
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 275FBC4DF53EBE5A4ADC3A6CA412123B164A98D2
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/37372e38332e3130342e302f32342d3234203d3e203531303832.roa
Signing time: Thu 04 Sep 2025 17:05:57 +0000
ROA not before: Thu 04 Sep 2025 17:00:57 +0000
ROA not after: Thu 03 Sep 2026 17:05:57 +0000
asID: 51082
IP address blocks: 77.83.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 00:46:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:5f:bc:4d:f5:3e:be:5a:4a:dc:3a:6c:a4:12:12:3b:16:4a:98:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Sep 4 17:00:57 2025 GMT
Not After : Sep 3 17:05:57 2026 GMT
Subject: CN=18A5DECF900614D06FA2E567D4EB34EDCB47446E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:70:4d:56:d5:9c:b5:e4:68:e1:13:f0:a1:28:
4b:f8:73:c4:79:6b:7c:cd:61:e2:70:8c:3f:c4:cd:
e0:d9:93:64:3d:0e:6d:99:79:89:3c:ff:e2:da:9a:
a7:12:ca:d8:3a:7e:62:15:14:61:34:3c:5e:bf:b8:
d6:26:5e:7a:6f:95:1e:c0:13:2f:38:38:f1:5b:c4:
bb:10:83:04:5f:6c:d3:5a:86:29:6d:11:43:20:19:
dc:5d:c3:1b:fa:c2:26:63:1d:d9:87:14:de:b7:08:
fe:5d:ae:48:eb:c7:81:b3:b4:ae:f1:cc:49:7e:82:
f8:01:16:9e:7c:af:b2:04:38:76:2c:ee:49:47:b5:
0d:90:2c:83:ba:84:b7:5a:c9:3c:4a:88:11:c7:85:
79:14:6c:44:55:cd:e4:ac:f5:5b:1e:0d:0f:df:5f:
5a:bf:df:3e:27:06:be:67:af:8b:28:4b:bb:60:f2:
f0:59:f5:1c:cf:e4:43:a7:f5:dd:63:ee:aa:24:17:
10:9c:5c:eb:07:78:fc:fc:cd:8a:01:04:ba:97:20:
f2:98:79:38:70:dc:35:7f:57:d1:3e:de:4b:00:7c:
9d:89:47:88:6a:94:80:ec:30:55:e1:83:74:92:df:
98:58:51:62:54:9c:d8:21:4d:ed:40:e1:28:df:58:
42:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A5:DE:CF:90:06:14:D0:6F:A2:E5:67:D4:EB:34:ED:CB:47:44:6E
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/37372e38332e3130342e302f32342d3234203d3e203531303832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.104.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:7f:cd:54:58:27:a4:80:bf:e7:4f:63:00:f3:d6:11:cf:ab:
de:f3:c0:72:75:9a:24:a9:19:f0:22:e7:95:38:70:37:5d:c9:
ee:96:33:48:3c:36:67:5b:82:1b:1c:ac:3a:d5:9f:db:ee:2d:
0c:f6:7d:7a:02:81:df:9f:f2:e9:a8:7f:68:fd:f0:bd:ee:0b:
a2:43:23:9e:ab:d0:1f:18:05:03:42:41:ec:e3:1a:2c:4a:c5:
76:3e:0a:09:e3:4a:10:f0:13:c7:a9:9a:d3:6e:06:fb:01:37:
52:8d:e4:86:7f:db:3f:2f:93:34:42:d6:da:6b:06:c5:af:ad:
1e:47:31:70:fe:4e:55:33:b1:23:5f:cd:1d:25:d0:e1:e5:58:
db:14:b7:c0:f2:d4:ea:da:27:0c:a9:56:28:88:ff:eb:93:d6:
1b:c7:a4:cf:08:cd:5f:43:54:e2:da:c7:a2:54:4e:06:15:94:
2e:63:85:9a:76:0a:67:93:91:55:bd:72:d4:3b:64:4a:dd:d8:
00:26:63:5c:2a:a9:9d:d4:9b:54:24:39:69:00:02:00:c1:e6:
52:1e:e5:d1:7c:92:d2:66:f7:83:6f:b2:8d:34:d7:15:18:9d:
9e:61:bd:02:19:e3:72:e2:bd:9c:a7:99:5e:b6:77:cf:c2:be:
8d:8f:9d:e5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJ1+8TfU+vlpK3DpspBISOxZKmNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA5MDQxNzAwNTdaFw0yNjA5MDMxNzA1NTdaMDMxMTAvBgNV
BAMTKDE4QTVERUNGOTAwNjE0RDA2RkEyRTU2N0Q0RUIzNEVEQ0I0NzQ0NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzcE1W1Zy15GjhE/ChKEv4c8R5
a3zNYeJwjD/EzeDZk2Q9Dm2ZeYk8/+LamqcSytg6fmIVFGE0PF6/uNYmXnpvlR7A
Ey84OPFbxLsQgwRfbNNahiltEUMgGdxdwxv6wiZjHdmHFN63CP5drkjrx4GztK7x
zEl+gvgBFp58r7IEOHYs7klHtQ2QLIO6hLdayTxKiBHHhXkUbERVzeSs9VseDQ/f
X1q/3z4nBr5nr4soS7tg8vBZ9RzP5EOn9d1j7qokFxCcXOsHePz8zYoBBLqXIPKY
eThw3DV/V9E+3ksAfJ2JR4hqlIDsMFXhg3SS35hYUWJUnNghTe1A4SjfWEJxAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUGKXez5AGFNBvouVn1Os07ctHRG4wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzczNzJlMzgzMzJlMzEzMDM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMTMwMzgzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1T
aDANBgkqhkiG9w0BAQsFAAOCAQEA4X/NVFgnpIC/509jAPPWEc+r3vPAcnWaJKkZ
8CLnlThwN13J7pYzSDw2Z1uCGxysOtWf2+4tDPZ9egKB35/y6ah/aP3wve4LokMj
nqvQHxgFA0JB7OMaLErFdj4KCeNKEPATx6ma024G+wE3Uo3khn/bPy+TNELW2msG
xa+tHkcxcP5OVTOxI1/NHSXQ4eVY2xS3wPLU6tonDKlWKIj/65PWG8ekzwjNX0NU
4trHolROBhWULmOFmnYKZ5ORVb1y1DtkSt3YACZjXCqpndSbVCQ5aQACAMHmUh7l
0XyS0mb3g2+yjTTXFRidnmG9AhnjcuK9nKeZXrZ3z8K+jY+d5Q==
-----END CERTIFICATE-----
Generated at Sat Sep 6 11:46:52 2025 by rpki-client