Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS62240.roa
File:                     AS62240.roa (raw, json)
Hash identifier:          Q8Uuytf4IzBQj36LR/VS339FCf1rS5UY2z6dBKWgvTk=
Subject key identifier:   06:68:D9:90:FF:7C:D1:55:6B:04:26:B3:14:48:9C:87:11:3D:35:60
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       7C3BA1B37E7EA464D5D55981A7D973E3978E8C9E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS62240.roa
Signing time:             Sun 05 Jul 2026 01:48:54 +0000
ROA not before:           Sun 05 Jul 2026 01:43:54 +0000
ROA not after:            Sun 04 Jul 2027 01:48:54 +0000
asID:                     62240
IP address blocks:        45.89.242.0/24 maxlen: 24
                          45.137.126.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Jul 2026 07:32:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:3b:a1:b3:7e:7e:a4:64:d5:d5:59:81:a7:d9:73:e3:97:8e:8c:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Jul  5 01:43:54 2026 GMT
            Not After : Jul  4 01:48:54 2027 GMT
        Subject: CN=0668D990FF7CD1556B0426B314489C87113D3560
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:77:1a:76:2f:5b:37:92:72:00:5e:b0:bb:21:
                    81:bd:9a:c1:51:28:14:4d:5f:72:0f:17:63:df:5e:
                    0b:02:e3:a2:e8:64:f3:5a:0f:06:8f:06:96:0a:dc:
                    59:04:d8:ae:0e:2e:8d:8a:c4:e6:59:21:de:dc:d7:
                    d4:da:c1:cd:a6:d7:d4:2b:2f:eb:14:9a:5a:11:ce:
                    46:94:cb:e7:ec:f2:80:21:b3:ff:e7:09:d3:f1:17:
                    3c:c3:39:a6:53:8d:96:60:8d:17:9b:f4:0f:35:f0:
                    38:22:15:be:26:44:ec:26:6c:fa:4f:ba:31:f2:4a:
                    87:b5:e0:87:bf:ee:f6:8e:2d:c8:48:86:2f:eb:93:
                    55:75:5d:53:e2:df:00:d5:4c:fc:9b:22:e6:84:d9:
                    cb:81:1c:2c:ac:14:f0:0f:ba:6c:8f:3a:99:e2:d3:
                    76:3a:bd:f0:f6:79:99:d5:37:89:40:3f:19:ef:0e:
                    8e:30:c8:75:74:a1:10:f8:63:34:43:c0:20:93:cc:
                    4e:d3:2c:74:36:61:1b:f9:db:9a:30:f4:78:55:c7:
                    c1:d9:08:8f:37:35:45:90:ec:b1:3e:ce:3c:72:6b:
                    9e:94:ae:23:11:fb:ec:10:f1:cc:b9:ad:93:ff:0c:
                    12:a3:4b:0d:5f:bf:77:20:bc:f4:2a:77:9e:d9:c0:
                    55:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:68:D9:90:FF:7C:D1:55:6B:04:26:B3:14:48:9C:87:11:3D:35:60
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS62240.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.242.0/24
                  45.137.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:27:e0:a4:b3:ec:1d:09:d8:bd:09:3d:cc:fb:df:a4:45:6b:
         6d:f5:1a:04:bf:33:46:71:8e:a5:25:7f:32:95:33:1f:8c:13:
         46:5a:7c:80:df:ac:4b:7f:a0:dc:7f:9e:cc:63:b0:cb:4a:25:
         4d:3c:32:c5:b4:85:e0:e9:62:c7:62:93:f2:de:40:e1:ae:6e:
         16:ed:6c:ef:8f:93:0c:49:78:e5:28:21:21:d7:7f:4e:8f:ff:
         31:3d:86:60:74:66:4e:29:b0:18:42:e7:24:ea:d6:24:f3:16:
         61:53:eb:d8:98:0a:f0:39:13:88:10:cb:29:a1:d7:81:e1:95:
         cb:13:f1:dd:47:f7:d3:0e:de:bf:18:dd:18:de:09:44:63:45:
         56:57:8f:ae:25:20:45:22:df:8e:f9:70:f5:84:4c:3e:a1:54:
         65:3f:2f:0e:d2:17:34:0d:22:e9:84:8d:e4:75:b5:22:af:8e:
         33:7c:29:ee:e4:eb:1b:5c:ad:19:b2:8a:a2:e0:15:39:2d:8d:
         4a:32:79:66:da:ff:ad:e7:98:81:b9:2b:9a:34:ad:0e:d8:05:
         45:f7:7e:b1:e7:c4:5b:2b:01:38:d8:4d:59:a7:53:36:04:99:
         90:69:29:21:36:83:96:36:b4:d8:5b:f7:9e:81:dc:a6:c0:02:
         6e:7a:9e:eb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUfDuhs35+pGTV1VmBp9lz45eOjJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA3MDUwMTQzNTRaFw0yNzA3MDQwMTQ4NTRaMDMxMTAvBgNV
BAMTKDA2NjhEOTkwRkY3Q0QxNTU2QjA0MjZCMzE0NDg5Qzg3MTEzRDM1NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDdxp2L1s3knIAXrC7IYG9msFR
KBRNX3IPF2PfXgsC46LoZPNaDwaPBpYK3FkE2K4OLo2KxOZZId7c19Tawc2m19Qr
L+sUmloRzkaUy+fs8oAhs//nCdPxFzzDOaZTjZZgjReb9A818DgiFb4mROwmbPpP
ujHySoe14Ie/7vaOLchIhi/rk1V1XVPi3wDVTPybIuaE2cuBHCysFPAPumyPOpni
03Y6vfD2eZnVN4lAPxnvDo4wyHV0oRD4YzRDwCCTzE7TLHQ2YRv525ow9HhVx8HZ
CI83NUWQ7LE+zjxya56UriMR++wQ8cy5rZP/DBKjSw1fv3cgvPQqd57ZwFWjAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUBmjZkP980VVrBCazFEichxE9NWAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjIyNDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAtWfID
BAAtiX4wDQYJKoZIhvcNAQELBQADggEBALcn4KSz7B0J2L0JPcz736RFa231GgS/
M0ZxjqUlfzKVMx+ME0ZafIDfrEt/oNx/nsxjsMtKJU08MsW0heDpYsdik/LeQOGu
bhbtbO+PkwxJeOUoISHXf06P/zE9hmB0Zk4psBhC5yTq1iTzFmFT69iYCvA5E4gQ
yymh14HhlcsT8d1H99MO3r8Y3RjeCURjRVZXj64lIEUi3475cPWETD6hVGU/Lw7S
FzQNIumEjeR1tSKvjjN8Ke7k6xtcrRmyiqLgFTktjUoyeWba/63nmIG5K5o0rQ7Y
BUX3frHnxFsrATjYTVmnUzYEmZBpKSE2g5Y2tNhb956B3KbAAm56nus=
-----END CERTIFICATE-----
Generated at Sun Jul 19 16:39:24 2026 by rpki-client