Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20313338393937.roa
File: 36322e3131322e3132382e302f32302d3234203d3e20313338393937.roa (raw, json)
Hash identifier: gn1EWILIjnPdb4uUP1SS51GqSoj+0YHU+Ji1cERwHek=
Subject key identifier: F1:AE:B8:E3:7C:67:B6:EE:7C:59:DB:2C:0E:94:0A:B2:99:AB:E5:70
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 4B2708E9FB68EAE47866E976013A8DA9450680E0
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20313338393937.roa
Signing time: Tue 19 May 2026 15:47:14 +0000
ROA not before: Tue 19 May 2026 15:42:14 +0000
ROA not after: Tue 18 May 2027 15:47:14 +0000
asID: 138997
IP address blocks: 62.112.128.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 03:18:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:27:08:e9:fb:68:ea:e4:78:66:e9:76:01:3a:8d:a9:45:06:80:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: May 19 15:42:14 2026 GMT
Not After : May 18 15:47:14 2027 GMT
Subject: CN=F1AEB8E37C67B6EE7C59DB2C0E940AB299ABE570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4d:94:64:b5:a4:32:3d:62:9b:6a:eb:5e:28:
5d:0d:1a:1b:7b:51:6f:6e:69:98:93:30:a4:94:31:
d4:2b:f9:6b:2f:d3:3c:97:16:29:dd:f5:71:3e:8d:
93:7c:1d:fe:27:71:8e:f2:ee:90:79:e2:3d:ff:83:
d9:fa:b5:35:38:42:4f:fb:ca:03:32:b2:1f:3f:f4:
49:52:84:c2:0d:b3:50:f1:9c:93:da:c5:8c:d1:c0:
ad:d6:9b:97:47:92:f4:8a:e6:69:45:fd:4d:b7:74:
0e:d8:44:f1:b0:30:7f:40:f3:17:0f:df:4b:fd:36:
fc:d7:35:bd:78:27:41:6e:d9:e2:cb:9c:57:88:ee:
25:c3:73:4e:3b:fb:f8:f5:11:7a:81:1b:6c:a1:75:
58:33:34:11:7a:da:19:cd:f1:66:b3:ec:1c:a5:e9:
52:86:f0:f9:27:94:5a:06:ec:d6:4f:5d:37:5c:a3:
06:ed:45:9e:e1:8f:bb:75:b0:b9:b6:1a:2a:7c:a6:
4f:63:9c:bb:c5:36:e0:70:17:04:fd:8d:3a:ac:94:
01:14:4a:4b:47:79:2c:f2:6f:ee:4a:63:e8:2d:f7:
e7:32:b7:fd:37:20:75:8c:67:3d:24:b7:1c:55:f3:
3e:3e:d5:22:c5:7a:e1:f8:a7:0d:1b:c9:9b:c0:e6:
5f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:AE:B8:E3:7C:67:B6:EE:7C:59:DB:2C:0E:94:0A:B2:99:AB:E5:70
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20313338393937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.128.0/20
Signature Algorithm: sha256WithRSAEncryption
57:66:f8:2b:63:d5:36:86:f4:ae:ff:3f:c7:8b:06:b6:22:18:
5f:4c:23:fe:7f:1e:94:08:0b:71:fd:89:3a:90:5b:06:d5:9c:
16:34:5b:f9:ae:81:7d:d3:9b:b2:26:b7:b1:0a:3a:43:0e:7d:
56:76:e1:1f:82:c8:92:2e:a9:ab:bf:11:05:03:f4:33:94:14:
c8:76:fe:36:39:12:85:a5:e4:09:17:18:8a:ac:cb:2c:1a:9b:
d7:65:4f:8e:c7:bb:0a:89:3a:d0:fb:42:1f:bb:f4:5e:7d:0a:
e3:03:1f:0c:5b:8d:4b:83:80:e4:37:d9:1d:98:5d:bf:7e:91:
04:25:81:21:ea:e2:b2:0e:26:36:6e:0b:2d:65:f0:81:53:2d:
e1:16:15:b0:eb:18:ce:6e:b6:d3:99:ae:75:fc:bd:7c:79:c6:
e9:5b:90:57:4e:ed:7a:30:fb:16:c2:99:3d:e1:7f:63:22:1e:
d1:e8:73:20:a8:22:e9:44:1e:b4:67:8c:d3:ae:d0:02:2e:18:
4f:51:c0:a1:af:23:99:99:a7:2a:48:65:77:5d:f8:56:50:85:
74:df:d7:74:9c:4b:26:59:23:67:85:f0:d7:a5:d2:28:ab:df:
1d:1e:78:f5:44:ff:9d:b7:de:d8:13:65:63:a2:54:12:8d:cd:
05:1e:7c:ee
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSycI6fto6uR4Zul2ATqNqUUGgOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNjA1MTkxNTQyMTRaFw0yNzA1MTgxNTQ3MTRaMDMxMTAvBgNV
BAMTKEYxQUVCOEUzN0M2N0I2RUU3QzU5REIyQzBFOTQwQUIyOTlBQkU1NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtTZRktaQyPWKbauteKF0NGht7
UW9uaZiTMKSUMdQr+Wsv0zyXFind9XE+jZN8Hf4ncY7y7pB54j3/g9n6tTU4Qk/7
ygMysh8/9ElShMINs1DxnJPaxYzRwK3Wm5dHkvSK5mlF/U23dA7YRPGwMH9A8xcP
30v9NvzXNb14J0Fu2eLLnFeI7iXDc047+/j1EXqBG2yhdVgzNBF62hnN8Waz7Byl
6VKG8PknlFoG7NZPXTdcowbtRZ7hj7t1sLm2Gip8pk9jnLvFNuBwFwT9jTqslAEU
SktHeSzyb+5KY+gt9+cyt/03IHWMZz0ktxxV8z4+1SLFeuH4pw0byZvA5l8VAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8a6443xntu58WdssDpQKspmr5XAwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzYzMjJlMzEzMTMyMmUzMTMy
MzgyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMTMzMzgzOTM5Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQ+cIAwDQYJKoZIhvcNAQELBQADggEBAFdm+Ctj1TaG9K7/P8eLBrYiGF9MI/5/
HpQIC3H9iTqQWwbVnBY0W/mugX3Tm7Imt7EKOkMOfVZ24R+CyJIuqau/EQUD9DOU
FMh2/jY5EoWl5AkXGIqsyywam9dlT47HuwqJOtD7Qh+79F59CuMDHwxbjUuDgOQ3
2R2YXb9+kQQlgSHq4rIOJjZuCy1l8IFTLeEWFbDrGM5uttOZrnX8vXx5xulbkFdO
7Xow+xbCmT3hf2MiHtHocyCoIulEHrRnjNOu0AIuGE9RwKGvI5mZpypIZXdd+FZQ
hXTf13ScSyZZI2eF8Nel0iir3x0eePVE/5233tgTZWOiVBKNzQUefO4=
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:03:30 2026 by rpki-client