Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3134362e3233322e302f32312d3332203d3e20313431393935.roa
File: 36322e3134362e3233322e302f32312d3332203d3e20313431393935.roa (raw, json)
Hash identifier: dvJyLpLGaaH+6l6BVOoJEa3GEQTtNKHPrHFEKYUZtRc=
Subject key identifier: 5A:5D:CF:4E:1D:D5:23:3C:B5:FC:33:8C:E1:83:5B:AD:1C:3B:F7:77
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4532E6D287AFA61B59B69ABE57D8AA94B9E707E3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3134362e3233322e302f32312d3332203d3e20313431393935.roa
Signing time: Wed 21 May 2025 11:46:24 +0000
ROA not before: Wed 21 May 2025 11:41:24 +0000
ROA not after: Wed 20 May 2026 11:46:24 +0000
asID: 141995
IP address blocks: 62.146.232.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:32:e6:d2:87:af:a6:1b:59:b6:9a:be:57:d8:aa:94:b9:e7:07:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 21 11:41:24 2025 GMT
Not After : May 20 11:46:24 2026 GMT
Subject: CN=5A5DCF4E1DD5233CB5FC338CE1835BAD1C3BF777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:15:de:df:78:07:3b:c9:16:a7:18:c1:dc:
4f:68:a8:70:2e:7f:ab:94:ed:6c:0b:92:5b:f2:f1:
8d:1a:55:b8:a6:2d:19:1e:ef:8b:4e:fa:54:2b:b2:
b0:d9:78:2f:65:c4:9a:05:01:c8:a2:d7:78:20:5e:
19:60:8d:33:67:4e:1f:33:51:f5:e1:bb:30:8b:e6:
d4:66:36:e1:6f:f0:c4:98:cc:3b:cb:f5:e6:7c:69:
ea:02:cf:7e:62:6f:21:57:10:2f:b3:af:19:59:5b:
8b:2c:dc:e2:f6:5e:70:87:4b:42:72:5c:b3:81:12:
7c:b8:0c:a1:fa:9b:4b:57:5f:4a:22:48:d9:20:db:
4c:29:3e:4d:92:fc:21:b5:10:c2:19:cb:0c:d1:8b:
b8:6d:b3:fe:48:ef:92:c7:8a:43:63:34:98:3b:0e:
3b:11:94:c1:03:e4:df:58:01:a0:23:2c:66:bd:32:
46:38:6f:e6:27:f6:fe:b0:0d:6a:23:e9:e6:17:9a:
bc:d1:e7:16:5e:a1:ea:17:6e:6f:52:aa:fe:e6:01:
8d:6d:6f:c8:be:df:3a:e1:23:a5:2a:e1:73:61:9f:
87:c9:43:b9:cf:df:bb:81:47:90:bd:9a:3c:50:62:
a0:a2:09:ed:0a:19:60:40:ed:08:59:f9:9a:78:13:
73:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5D:CF:4E:1D:D5:23:3C:B5:FC:33:8C:E1:83:5B:AD:1C:3B:F7:77
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3134362e3233322e302f32312d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.146.232.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:8a:80:b9:d7:2f:6a:24:bd:d6:c7:25:1e:c0:f8:5b:5d:1e:
8d:4b:d7:07:31:19:2c:b0:88:70:37:b8:7f:e5:4d:09:53:da:
a5:2f:11:46:4f:60:51:3d:18:6e:f3:6e:9a:d7:b1:08:f3:bc:
e6:c2:c8:a4:26:3f:27:df:5d:ea:68:3b:18:8c:d6:a2:f6:b3:
7e:cc:2f:7c:22:af:dd:cc:14:6e:90:ca:d0:c8:98:33:74:ed:
53:02:7e:9e:ab:8d:39:57:6b:91:b6:51:eb:7d:50:52:94:26:
a0:f9:6e:17:85:60:1e:c5:97:37:0f:58:1c:58:03:a2:4e:fc:
85:12:ac:d1:8b:53:05:47:4a:83:52:e3:98:ae:ec:19:18:2e:
aa:fd:f9:77:80:f7:62:c3:24:bc:72:39:89:b8:f1:32:50:6b:
e8:3b:2b:6b:ce:a7:a5:09:72:aa:71:c7:0a:6b:b6:17:e5:68:
fb:95:c5:bd:45:71:48:27:23:72:53:4a:f1:9c:ea:6b:7a:e5:
2a:44:b8:2e:52:b5:43:c3:ce:69:9a:80:ad:29:69:4b:be:fb:
7d:dd:de:f7:dd:12:33:2c:3b:3f:af:59:60:bd:ef:10:64:8c:
97:97:b7:38:fe:e1:fa:11:08:98:b2:d2:93:d3:09:48:8d:23:
1d:42:67:93
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURTLm0oevphtZtpq+V9iqlLnnB+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjExMTQxMjRaFw0yNjA1MjAxMTQ2MjRaMDMxMTAvBgNV
BAMTKDVBNURDRjRFMURENTIzM0NCNUZDMzM4Q0UxODM1QkFEMUMzQkY3NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgQxXe33gHO8kWpxjB3E9oqHAu
f6uU7WwLklvy8Y0aVbimLRke74tO+lQrsrDZeC9lxJoFAcii13ggXhlgjTNnTh8z
UfXhuzCL5tRmNuFv8MSYzDvL9eZ8aeoCz35ibyFXEC+zrxlZW4ss3OL2XnCHS0Jy
XLOBEny4DKH6m0tXX0oiSNkg20wpPk2S/CG1EMIZywzRi7hts/5I75LHikNjNJg7
DjsRlMED5N9YAaAjLGa9MkY4b+Yn9v6wDWoj6eYXmrzR5xZeoeoXbm9Sqv7mAY1t
b8i+3zrhI6Uq4XNhn4fJQ7nP37uBR5C9mjxQYqCiCe0KGWBA7QhZ+Zp4E3N1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWl3PTh3VIzy1/DOM4YNbrRw793cwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzEzNDM2MmUzMjMz
MzIyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAM+kugwDQYJKoZIhvcNAQELBQADggEBAJyKgLnXL2okvdbHJR7A+FtdHo1L1wcx
GSywiHA3uH/lTQlT2qUvEUZPYFE9GG7zbprXsQjzvObCyKQmPyffXepoOxiM1qL2
s37ML3wir93MFG6QytDImDN07VMCfp6rjTlXa5G2Uet9UFKUJqD5bheFYB7FlzcP
WBxYA6JO/IUSrNGLUwVHSoNS45iu7BkYLqr9+XeA92LDJLxyOYm48TJQa+g7K2vO
p6UJcqpxxwprthflaPuVxb1FcUgnI3JTSvGc6mt65SpEuC5StUPDzmmagK0paUu+
+33d3vfdEjMsOz+vWWC97xBkjJeXtzj+4foRCJiy0pPTCUiNIx1CZ5M=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:27:01 2025 by rpki-client