Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/37372e38332e3130352e302f32342d3234203d3e203432383331.roa
File: 37372e38332e3130352e302f32342d3234203d3e203432383331.roa (raw, json)
Hash identifier: G5PlCw5ksoUk7ieeEHXCWXrLXJkbkpEfN03aETxQdg4=
Subject key identifier: 63:00:F3:B7:5F:A3:A0:A0:41:A7:3F:3F:4E:E1:0C:77:66:0F:C7:0B
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 2A58858ED35931EC234FCF046A52E13C3306C134
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/37372e38332e3130352e302f32342d3234203d3e203432383331.roa
Signing time: Tue 02 Sep 2025 15:55:00 +0000
ROA not before: Tue 02 Sep 2025 15:50:00 +0000
ROA not after: Tue 01 Sep 2026 15:55:00 +0000
asID: 42831
IP address blocks: 77.83.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:58:85:8e:d3:59:31:ec:23:4f:cf:04:6a:52:e1:3c:33:06:c1:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Sep 2 15:50:00 2025 GMT
Not After : Sep 1 15:55:00 2026 GMT
Subject: CN=6300F3B75FA3A0A041A73F3F4EE10C77660FC70B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8d:c5:13:a9:9f:6a:b2:80:91:38:1f:d5:44:
a7:0e:7c:58:e2:fb:46:c0:ea:74:c6:2a:1d:6b:8f:
20:bb:e0:48:e6:b4:03:31:bd:cb:89:9f:2f:05:9b:
75:7c:e5:56:ab:0a:a9:25:4a:3a:65:b5:5b:4d:fa:
ae:e4:78:dc:2b:df:1e:93:66:e8:a9:2d:35:b3:ba:
bf:1f:e5:5d:16:b5:d4:1a:39:34:8e:0e:14:bc:ec:
21:02:ae:46:64:08:43:d9:35:55:97:a1:df:29:ee:
c2:c4:af:33:13:0f:fa:0b:20:11:75:75:91:f1:85:
9a:ef:ae:a8:c4:cd:7e:6c:e6:28:a4:d2:75:66:22:
ee:13:34:6b:50:fa:71:2a:75:3a:72:43:68:08:c8:
33:dc:52:2b:84:b5:20:d5:8f:e5:9b:e6:86:19:46:
60:81:60:a0:6b:47:43:1d:d7:7a:18:33:fa:7e:aa:
a9:be:e7:0c:44:61:5f:24:03:2e:b2:ea:6f:dc:d2:
24:09:30:44:22:7b:f4:cb:47:93:47:47:e1:55:6d:
51:49:1c:88:c6:a2:39:8c:80:9a:3d:af:c7:c2:61:
a7:2f:fd:c1:88:2a:da:c2:05:00:42:d2:5f:02:49:
40:d6:1b:35:6e:e3:0f:6e:06:7a:2f:77:2a:da:45:
e3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:00:F3:B7:5F:A3:A0:A0:41:A7:3F:3F:4E:E1:0C:77:66:0F:C7:0B
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/37372e38332e3130352e302f32342d3234203d3e203432383331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.105.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:aa:9f:59:43:28:d8:3a:79:cf:7f:e4:e0:fa:c4:3f:c8:22:
d1:ce:f2:90:33:61:bb:73:dc:61:79:44:ea:5f:a9:b6:de:08:
e3:37:29:aa:3f:81:dc:64:12:0f:b2:a2:b7:ef:5f:2b:f5:a3:
23:fc:fd:cf:a5:70:97:f7:3d:a7:90:d3:72:4d:8a:c0:20:f6:
49:c6:58:4e:1f:e8:b1:3e:69:a2:c6:eb:6a:e9:65:b3:b2:63:
c2:b9:68:c0:09:ea:ac:05:cc:b3:56:b1:43:cb:bf:7a:7d:ab:
2f:93:e6:c2:26:d9:5e:72:1d:6a:ec:c2:0d:b3:ed:c1:8c:b4:
a7:8b:fa:53:51:21:18:d1:e1:51:5b:0a:dd:97:2b:73:54:02:
5c:3f:cc:e4:c1:09:c2:ae:db:9d:9c:82:4b:c6:47:19:a1:4f:
66:21:f3:be:0d:43:9f:a4:31:aa:9f:bc:66:a6:45:dc:93:08:
28:92:ed:13:d8:c1:d8:ef:6c:55:2f:5c:fa:bb:f0:ed:a9:4d:
3d:8c:e2:c5:98:41:8f:37:09:c8:9f:93:f6:88:c9:53:cb:71:
34:6a:8d:e2:e4:54:87:e6:92:37:9f:28:dd:21:22:e5:ad:8f:
ae:f7:6c:a0:20:64:ae:96:d7:58:79:38:3f:7b:69:f9:e4:27:
dd:49:74:46
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUKliFjtNZMewjT88EalLhPDMGwTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA5MDIxNTUwMDBaFw0yNjA5MDExNTU1MDBaMDMxMTAvBgNV
BAMTKDYzMDBGM0I3NUZBM0EwQTA0MUE3M0YzRjRFRTEwQzc3NjYwRkM3MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzjcUTqZ9qsoCROB/VRKcOfFji
+0bA6nTGKh1rjyC74EjmtAMxvcuJny8Fm3V85VarCqklSjpltVtN+q7keNwr3x6T
ZuipLTWzur8f5V0WtdQaOTSODhS87CECrkZkCEPZNVWXod8p7sLErzMTD/oLIBF1
dZHxhZrvrqjEzX5s5iik0nVmIu4TNGtQ+nEqdTpyQ2gIyDPcUiuEtSDVj+Wb5oYZ
RmCBYKBrR0Md13oYM/p+qqm+5wxEYV8kAy6y6m/c0iQJMEQie/TLR5NHR+FVbVFJ
HIjGojmMgJo9r8fCYacv/cGIKtrCBQBC0l8CSUDWGzVu4w9uBnovdyraReNbAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUYwDzt1+joKBBpz8/TuEMd2YPxwswHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzczNzJlMzgzMzJlMzEzMDM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMjM4MzMzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1T
aTANBgkqhkiG9w0BAQsFAAOCAQEAraqfWUMo2Dp5z3/k4PrEP8gi0c7ykDNhu3Pc
YXlE6l+ptt4I4zcpqj+B3GQSD7Kit+9fK/WjI/z9z6Vwl/c9p5DTck2KwCD2ScZY
Th/osT5posbraulls7JjwrlowAnqrAXMs1axQ8u/en2rL5PmwibZXnIdauzCDbPt
wYy0p4v6U1EhGNHhUVsK3Zcrc1QCXD/M5MEJwq7bnZyCS8ZHGaFPZiHzvg1Dn6Qx
qp+8ZqZF3JMIKJLtE9jB2O9sVS9c+rvw7alNPYzixZhBjzcJyJ+T9ojJU8txNGqN
4uRUh+aSN58o3SEi5a2PrvdsoCBkrpbXWHk4P3tp+eQn3Ul0Rg==
-----END CERTIFICATE-----
Generated at Fri Sep 19 14:22:41 2025 by rpki-client