Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/36322e3132322e3138352e302f32342d3234203d3e20333937343233.roa
File:                     36322e3132322e3138352e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier:          WeteA5qOGTmhboj/I1IbXUTAA6Vr+NpjXoqkx1UDFSQ=
Subject key identifier:   97:92:2F:10:4F:A4:1F:2F:D8:ED:08:A0:10:70:67:AB:15:90:91:6C
Certificate issuer:       /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial:       052FA58944DA49C77FCC7B8D30928001EF975097
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/36322e3132322e3138352e302f32342d3234203d3e20333937343233.roa
Signing time:             Tue 30 Jun 2026 03:48:48 +0000
ROA not before:           Tue 30 Jun 2026 03:43:48 +0000
ROA not after:            Tue 29 Jun 2027 03:48:48 +0000
asID:                     397423
IP address blocks:        62.122.185.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 Jul 2026 09:29:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:2f:a5:89:44:da:49:c7:7f:cc:7b:8d:30:92:80:01:ef:97:50:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
        Validity
            Not Before: Jun 30 03:43:48 2026 GMT
            Not After : Jun 29 03:48:48 2027 GMT
        Subject: CN=97922F104FA41F2FD8ED08A0107067AB1590916C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:43:23:6d:08:fb:46:40:4b:5d:62:be:52:0f:
                    95:66:8a:14:8e:77:fd:0b:2a:93:1b:05:11:cf:ad:
                    31:cd:6e:e4:45:59:76:ea:df:85:b6:81:63:55:5e:
                    d2:18:1b:0f:d0:a1:9e:23:90:be:15:d7:7c:fd:d3:
                    29:36:79:a0:55:e1:49:4c:0a:48:02:ac:28:b0:24:
                    d8:a7:60:e6:0b:d6:ca:28:e0:47:4a:a9:08:cc:77:
                    69:f1:d2:07:cf:e2:fb:a3:6a:f3:50:53:15:fc:0a:
                    c0:c5:23:c3:1b:d8:bc:c1:69:59:ba:ab:de:10:6b:
                    e4:3c:22:44:10:18:c2:a4:a9:e9:35:ab:33:96:02:
                    da:6e:f3:05:1a:7b:f3:34:34:4f:eb:aa:d9:be:84:
                    fe:9b:ce:58:83:8d:a3:45:0e:27:24:24:5e:72:78:
                    8f:c6:1d:5c:6a:cf:8d:4f:46:1d:b9:b4:05:a7:1c:
                    f6:6a:73:60:f6:4f:bb:ba:47:03:5b:86:7f:25:3f:
                    d8:c1:6b:70:58:02:35:88:99:51:7b:d6:27:b4:fb:
                    73:56:03:7c:06:39:a1:d7:61:99:0e:c3:e5:bf:fc:
                    19:20:df:67:a2:eb:22:f2:47:f2:5d:cb:b8:c4:1c:
                    b8:fe:a1:0c:16:15:89:f3:9d:ec:48:c6:12:fa:02:
                    7d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:92:2F:10:4F:A4:1F:2F:D8:ED:08:A0:10:70:67:AB:15:90:91:6C
            X509v3 Authority Key Identifier:
                keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/36322e3132322e3138352e302f32342d3234203d3e20333937343233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.122.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:cd:87:43:06:90:bf:04:ae:ee:2e:fb:91:e2:b7:0a:c4:80:
         01:14:c3:25:f2:7c:a7:60:12:6e:b2:b8:19:56:9b:8c:8b:d4:
         65:39:35:35:f2:4b:00:ef:83:a6:e9:8f:11:d4:9c:dc:ff:12:
         e7:da:92:33:e4:9b:5b:a3:f3:d9:a8:fb:d9:c9:ae:c9:4f:f4:
         a0:55:76:bc:77:01:3b:3c:c4:26:46:50:3a:16:2c:cd:60:f8:
         95:b1:c9:ee:ca:00:d6:16:bc:b1:3d:9e:96:04:b3:0e:4e:5f:
         b9:0a:d5:57:aa:08:b4:7e:87:ab:b5:db:b6:19:37:9a:ba:f6:
         cd:ae:fb:0b:ed:e9:d7:22:5d:8c:47:f1:4a:8e:23:fb:d2:b3:
         25:f8:4f:94:18:9c:55:48:5c:d1:50:90:5e:de:93:b8:ee:82:
         50:82:4a:07:ef:f8:39:63:65:9e:70:11:ef:e1:79:0e:cc:25:
         dd:8a:05:c0:08:a1:aa:d2:40:40:2f:bf:a9:52:2a:2e:c5:61:
         66:42:45:03:37:fc:c8:aa:44:ee:a3:90:58:ac:aa:5b:39:98:
         71:f6:13:cb:4c:1e:2d:de:06:30:7c:49:18:dd:29:44:32:68:
         e0:55:27:77:56:de:c6:74:71:00:7a:31:fc:a0:42:67:29:9f:
         76:a7:40:e4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBS+liUTaScd/zHuNMJKAAe+XUJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNjA2MzAwMzQzNDhaFw0yNzA2MjkwMzQ4NDhaMDMxMTAvBgNV
BAMTKDk3OTIyRjEwNEZBNDFGMkZEOEVEMDhBMDEwNzA2N0FCMTU5MDkxNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMQyNtCPtGQEtdYr5SD5VmihSO
d/0LKpMbBRHPrTHNbuRFWXbq34W2gWNVXtIYGw/QoZ4jkL4V13z90yk2eaBV4UlM
CkgCrCiwJNinYOYL1soo4EdKqQjMd2nx0gfP4vujavNQUxX8CsDFI8Mb2LzBaVm6
q94Qa+Q8IkQQGMKkqek1qzOWAtpu8wUae/M0NE/rqtm+hP6bzliDjaNFDickJF5y
eI/GHVxqz41PRh25tAWnHPZqc2D2T7u6RwNbhn8lP9jBa3BYAjWImVF71ie0+3NW
A3wGOaHXYZkOw+W//Bkg32ei6yLyR/Jdy7jEHLj+oQwWFYnznexIxhL6An25AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUl5IvEE+kHy/Y7QigEHBnqxWQkWwwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzYzMjJlMzEzMjMyMmUzMTM4
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAA+erkwDQYJKoZIhvcNAQELBQADggEBAMfNh0MGkL8Eru4u+5HitwrEgAEUwyXy
fKdgEm6yuBlWm4yL1GU5NTXySwDvg6bpjxHUnNz/EufakjPkm1uj89mo+9nJrslP
9KBVdrx3ATs8xCZGUDoWLM1g+JWxye7KANYWvLE9npYEsw5OX7kK1VeqCLR+h6u1
27YZN5q69s2u+wvt6dciXYxH8UqOI/vSsyX4T5QYnFVIXNFQkF7ek7juglCCSgfv
+DljZZ5wEe/heQ7MJd2KBcAIoarSQEAvv6lSKi7FYWZCRQM3/MiqRO6jkFisqls5
mHH2E8tMHi3eBjB8SRjdKUQyaOBVJ3dW3sZ0cQB6MfygQmcpn3anQOQ=
-----END CERTIFICATE-----
Generated at Thu Jul 2 21:54:24 2026 by rpki-client