Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e3130362e37322e302f32342d3234203d3e20323031333431.roa
File: 36322e3130362e37322e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: hC0uciWIzlM4IwfEzLolidGvYIFL5QVvGhJwYCagFeY=
Subject key identifier: 2F:89:2F:BC:4E:C2:FC:E0:D0:28:1A:0A:5B:94:1D:07:48:66:FE:B2
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 46F115A89CEEF702A5238299C911149B2B0C10D7
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e3130362e37322e302f32342d3234203d3e20323031333431.roa
Signing time: Thu 23 Oct 2025 16:47:58 +0000
ROA not before: Thu 23 Oct 2025 16:42:58 +0000
ROA not after: Thu 22 Oct 2026 16:47:58 +0000
asID: 201341
IP address blocks: 62.106.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 07:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:f1:15:a8:9c:ee:f7:02:a5:23:82:99:c9:11:14:9b:2b:0c:10:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 23 16:42:58 2025 GMT
Not After : Oct 22 16:47:58 2026 GMT
Subject: CN=2F892FBC4EC2FCE0D0281A0A5B941D074866FEB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ee:39:1d:53:81:c5:09:ef:b2:14:3d:b1:6b:
2c:f9:82:cd:99:3f:9c:da:c9:d5:4e:d3:49:93:49:
2c:be:d9:90:98:a5:b1:22:85:38:8e:3f:0b:7e:89:
c5:fb:8e:d8:8c:4e:c4:8d:65:bd:d6:38:ed:c3:a8:
92:30:fa:51:4e:8e:d8:f4:9a:8c:f0:7f:a8:43:92:
75:cb:e8:f4:ae:6c:73:c6:ea:e6:89:92:71:2a:f1:
14:4b:58:bf:ea:f5:85:71:55:1f:85:62:99:35:85:
2c:6d:3e:6c:79:48:14:a1:b5:65:23:c1:49:af:34:
2e:5d:26:fd:f3:c0:28:d7:b3:05:c8:9b:64:c7:60:
c1:74:a8:21:40:1b:2f:e0:02:cf:1d:fb:4c:d9:5a:
24:08:63:ef:c2:85:8b:8b:43:df:44:81:fe:f8:02:
0b:e3:59:10:54:77:72:b2:e7:a5:ba:9e:ac:86:a2:
6c:aa:04:9e:2a:ca:90:14:d5:58:5f:ff:02:e8:60:
1b:30:ce:c7:2a:0f:72:50:80:85:d7:b0:b1:c8:7a:
36:4e:d7:8f:17:a8:d8:56:e4:41:02:dc:4a:f4:1a:
d6:39:f1:70:97:d0:d3:34:4d:d7:f7:da:80:cd:10:
b1:d2:35:4c:23:ca:ab:c3:60:19:84:5e:97:c4:24:
69:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:89:2F:BC:4E:C2:FC:E0:D0:28:1A:0A:5B:94:1D:07:48:66:FE:B2
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e3130362e37322e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.72.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e5:05:dd:b8:fb:d1:4d:e8:dc:e7:e9:3a:42:51:da:24:70:
de:c1:2b:37:6f:79:cd:4b:b1:f4:54:be:1c:65:ae:88:1d:b6:
65:93:2e:96:51:1e:b2:44:4a:15:c8:cc:98:2c:d4:e0:70:55:
13:61:61:2d:10:dd:26:73:5c:ae:59:22:1b:8f:87:8a:47:ab:
d4:06:19:20:66:73:f2:a8:88:84:4c:1b:af:36:b5:d6:88:2f:
ed:87:be:bd:de:dd:d9:f2:ed:47:fb:3e:a6:36:65:20:14:b2:
15:c0:99:fa:75:9f:e6:2e:5e:c9:39:4e:9d:a6:0d:b1:a5:89:
7e:17:e0:29:a4:c7:de:15:1a:20:58:7f:49:46:a1:90:53:6d:
c6:0e:7d:eb:28:4c:cd:33:6c:20:3a:a7:eb:9f:d8:d0:59:5b:
ca:51:28:ce:95:c1:6a:e9:f8:88:f3:f6:b9:8b:89:02:5c:d3:
02:08:12:78:f9:25:38:dc:06:9d:86:dd:3b:74:47:7b:8e:ba:
6d:31:7c:09:0c:3d:98:ab:a6:34:b9:b2:04:86:59:d8:9e:b1:
33:12:8f:61:c6:a7:af:74:5d:b4:d1:14:d5:9e:42:49:ce:77:
9f:62:0d:31:6a:81:96:7b:5f:88:c6:47:f9:bf:b3:ff:1d:a2:
91:18:cb:be
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIURvEVqJzu9wKlI4KZyREUmysMENcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjMxNjQyNThaFw0yNjEwMjIxNjQ3NThaMDMxMTAvBgNV
BAMTKDJGODkyRkJDNEVDMkZDRTBEMDI4MUEwQTVCOTQxRDA3NDg2NkZFQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx7jkdU4HFCe+yFD2xayz5gs2Z
P5zaydVO00mTSSy+2ZCYpbEihTiOPwt+icX7jtiMTsSNZb3WOO3DqJIw+lFOjtj0
mozwf6hDknXL6PSubHPG6uaJknEq8RRLWL/q9YVxVR+FYpk1hSxtPmx5SBShtWUj
wUmvNC5dJv3zwCjXswXIm2THYMF0qCFAGy/gAs8d+0zZWiQIY+/ChYuLQ99Egf74
AgvjWRBUd3Ky56W6nqyGomyqBJ4qypAU1Vhf/wLoYBswzscqD3JQgIXXsLHIejZO
148XqNhW5EEC3Er0GtY58XCX0NM0Tdf32oDNELHSNUwjyqvDYBmEXpfEJGmjAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUL4kvvE7C/ODQKBoKW5QdB0hm/rIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNjMyMmUzMTMwMzYy
ZTM3MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA+akgwDQYJKoZIhvcNAQELBQADggEBAJvlBd24+9FN6Nzn6TpCUdokcN7B
Kzdvec1LsfRUvhxlrogdtmWTLpZRHrJEShXIzJgs1OBwVRNhYS0Q3SZzXK5ZIhuP
h4pHq9QGGSBmc/KoiIRMG682tdaIL+2Hvr3e3dny7Uf7PqY2ZSAUshXAmfp1n+Yu
Xsk5Tp2mDbGliX4X4Cmkx94VGiBYf0lGoZBTbcYOfesoTM0zbCA6p+uf2NBZW8pR
KM6VwWrp+Ijz9rmLiQJc0wIIEnj5JTjcBp2G3Tt0R3uOum0xfAkMPZirpjS5sgSG
WdiesTMSj2HGp690XbTRFNWeQknOd59iDTFqgZZ7X4jGR/m/s/8dopEYy74=
-----END CERTIFICATE-----
Generated at Mon Nov 3 22:09:00 2025 by rpki-client