Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa
File: 36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa (raw, json)
Hash identifier: Ogsf1pHLwh4alNxLGrqeI3xW1gva7biy757AFxsWwLA=
Subject key identifier: EC:CC:F2:9A:29:91:E5:E7:FC:BB:48:30:F0:32:66:3A:5E:6C:0C:A4
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 34AFD650EBDE6EAAD6F93FA7ACA77C38637A5960
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa
Signing time: Tue 19 May 2026 15:47:14 +0000
ROA not before: Tue 19 May 2026 15:42:14 +0000
ROA not after: Tue 18 May 2027 15:47:14 +0000
asID: 210542
IP address blocks: 62.112.128.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:af:d6:50:eb:de:6e:aa:d6:f9:3f:a7:ac:a7:7c:38:63:7a:59:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: May 19 15:42:14 2026 GMT
Not After : May 18 15:47:14 2027 GMT
Subject: CN=ECCCF29A2991E5E7FCBB4830F032663A5E6C0CA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f9:fc:ad:5f:f8:29:35:e8:78:82:c1:c4:55:
81:b9:92:37:b7:53:95:ae:ad:70:a5:37:4a:3c:0c:
37:3f:4f:11:c2:9b:72:67:05:87:9b:e8:69:80:d4:
6b:e6:dc:bf:7d:48:ec:9a:14:59:88:41:2c:56:96:
e2:34:46:83:c4:85:6a:8e:55:b5:16:c4:61:5e:70:
8b:de:96:03:c4:e8:d7:f1:b0:32:d6:c4:30:88:f0:
5c:8f:7a:87:ea:83:2d:0b:7c:97:60:c5:1f:7d:f3:
84:95:9e:05:f5:56:b8:ea:07:6c:df:5e:ff:c0:d8:
e5:39:07:c1:e0:e5:57:a1:5c:5e:01:b0:88:5b:79:
db:a8:5f:a4:30:c1:58:c4:b5:ed:4b:24:73:15:08:
36:d1:e8:82:fa:31:c8:0d:34:ff:ca:97:23:3b:5f:
88:5f:ad:da:01:60:57:94:5b:8d:bd:ee:6b:00:f6:
3a:8d:bf:d9:4d:21:3e:64:1e:e3:59:77:46:fd:1d:
5b:be:4e:1b:fc:5c:52:bd:ba:72:cf:96:02:03:58:
64:06:67:f3:cf:e0:64:50:75:ff:e1:40:e9:5f:a7:
48:4f:90:67:ae:ab:f1:63:31:46:d9:92:3c:7c:32:
20:53:52:c1:f7:ac:67:53:42:f8:4b:db:0f:06:ba:
88:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CC:F2:9A:29:91:E5:E7:FC:BB:48:30:F0:32:66:3A:5E:6C:0C:A4
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/36322e3131322e3132382e302f32302d3234203d3e20323130353432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.128.0/20
Signature Algorithm: sha256WithRSAEncryption
31:e3:73:10:22:8e:40:36:e5:be:83:ee:4e:e4:74:4e:89:cb:
aa:06:9f:28:28:e4:de:1c:87:8d:4a:2d:92:66:95:cf:db:d5:
d2:74:1c:c4:e2:a3:19:17:66:7b:f4:b7:33:71:35:57:27:36:
fd:96:4e:53:19:ab:b3:06:8e:59:ed:43:cf:8e:d5:c2:c2:cc:
85:9c:00:4f:c4:a6:c2:b6:4b:01:2c:a5:5e:c7:16:5a:19:aa:
84:03:33:7f:09:5f:ac:e5:3f:e8:11:82:88:7e:8d:a0:c5:cf:
ec:64:51:b3:22:0d:74:26:8f:8e:de:b5:32:c0:aa:29:ce:c4:
92:78:07:cb:8d:06:01:59:c2:e3:b3:f1:25:74:fb:5a:4e:f8:
ed:9f:e3:f9:d3:1a:d8:8c:f5:84:a2:f4:ab:42:7e:05:47:c6:
2b:36:83:c8:85:b6:94:fe:d3:a0:98:3a:78:93:08:32:45:72:
8a:29:87:5b:f4:2a:a1:a6:94:be:96:99:4b:6d:a5:68:4a:35:
03:27:81:7b:82:cc:5f:4b:f3:d3:e7:63:10:4c:42:0f:fd:9d:
a4:e3:d6:3b:78:ac:fd:b5:64:79:47:6d:8a:81:03:65:84:25:
02:f2:8d:cc:e1:d3:41:73:93:2e:7b:4f:72:13:78:e0:1f:2c:
03:28:1e:9f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNK/WUOvebqrW+T+nrKd8OGN6WWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNjA1MTkxNTQyMTRaFw0yNzA1MTgxNTQ3MTRaMDMxMTAvBgNV
BAMTKEVDQ0NGMjlBMjk5MUU1RTdGQ0JCNDgzMEYwMzI2NjNBNUU2QzBDQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW+fytX/gpNeh4gsHEVYG5kje3
U5WurXClN0o8DDc/TxHCm3JnBYeb6GmA1Gvm3L99SOyaFFmIQSxWluI0RoPEhWqO
VbUWxGFecIvelgPE6NfxsDLWxDCI8FyPeofqgy0LfJdgxR9984SVngX1VrjqB2zf
Xv/A2OU5B8Hg5VehXF4BsIhbeduoX6QwwVjEte1LJHMVCDbR6IL6McgNNP/KlyM7
X4hfrdoBYFeUW4297msA9jqNv9lNIT5kHuNZd0b9HVu+Thv8XFK9unLPlgIDWGQG
Z/PP4GRQdf/hQOlfp0hPkGeuq/FjMUbZkjx8MiBTUsH3rGdTQvhL2w8GuohdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7MzymimR5ef8u0gw8DJmOl5sDKQwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzYzMjJlMzEzMTMyMmUzMTMy
MzgyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjMxMzAzNTM0MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQ+cIAwDQYJKoZIhvcNAQELBQADggEBADHjcxAijkA25b6D7k7kdE6Jy6oGnygo
5N4ch41KLZJmlc/b1dJ0HMTioxkXZnv0tzNxNVcnNv2WTlMZq7MGjlntQ8+O1cLC
zIWcAE/EpsK2SwEspV7HFloZqoQDM38JX6zlP+gRgoh+jaDFz+xkUbMiDXQmj47e
tTLAqinOxJJ4B8uNBgFZwuOz8SV0+1pO+O2f4/nTGtiM9YSi9KtCfgVHxis2g8iF
tpT+06CYOniTCDJFcooph1v0KqGmlL6WmUttpWhKNQMngXuCzF9L89PnYxBMQg/9
naTj1jt4rP21ZHlHbYqBA2WEJQLyjczh00Fzky57T3ITeOAfLAMoHp8=
-----END CERTIFICATE-----
Generated at Sat Jun 6 05:26:00 2026 by rpki-client