Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3136342e3230382e302f32302d3332203d3e203531313637.roa
File: 36322e3136342e3230382e302f32302d3332203d3e203531313637.roa (raw, json)
Hash identifier: dscuuw3pGowqe6QyBAT4QK6GIZxhTZBXarE4WXkejLM=
Subject key identifier: 28:0E:FA:9D:C4:F5:27:F6:C6:08:F6:C6:05:04:28:05:6B:16:62:4F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4A1223D7E4DAF6A8F26D5BEAE93D6993E3724BD1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3136342e3230382e302f32302d3332203d3e203531313637.roa
Signing time: Wed 10 Sep 2025 12:47:33 +0000
ROA not before: Wed 10 Sep 2025 12:42:33 +0000
ROA not after: Wed 09 Sep 2026 12:47:33 +0000
asID: 51167
IP address blocks: 62.164.208.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:12:23:d7:e4:da:f6:a8:f2:6d:5b:ea:e9:3d:69:93:e3:72:4b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 10 12:42:33 2025 GMT
Not After : Sep 9 12:47:33 2026 GMT
Subject: CN=280EFA9DC4F527F6C608F6C6050428056B16624F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e0:85:a6:dd:4f:3b:bd:7e:4d:00:e9:c9:72:
47:c1:4c:f3:82:ca:f5:12:8e:3f:72:de:8d:89:57:
1e:22:32:e6:e6:01:21:17:3b:f5:c6:26:6e:c1:da:
c0:a8:5f:fd:0b:6b:a3:28:ef:ba:e9:f0:fe:f7:8e:
07:e2:7c:77:ae:ad:db:2e:65:69:d3:2b:68:e1:45:
27:3f:ae:42:ad:48:fe:9c:02:74:eb:a0:96:7b:ad:
0e:ea:b0:7f:ee:4c:4b:49:98:e6:d4:59:73:71:47:
39:40:74:f2:cc:97:ed:ef:e8:36:2f:b7:39:c1:d8:
00:f9:af:c3:e8:d4:8e:3e:bb:e5:ad:0b:0d:0b:3f:
1b:bc:72:8d:41:27:90:99:3f:04:ea:4e:65:3e:02:
65:f2:d3:3b:8a:50:99:31:87:0d:71:fe:29:92:a1:
6a:5f:5a:5b:f6:34:ab:d8:da:de:68:8b:56:be:bf:
b1:f5:a7:cd:4d:85:42:13:98:32:f8:88:ac:06:aa:
01:20:1d:65:f5:1a:ca:a9:bc:6f:17:58:1f:32:df:
c7:73:d1:ca:52:8f:08:06:1e:b4:aa:ff:b0:7a:ad:
76:70:c2:37:b9:c8:1c:74:58:38:29:57:60:3a:36:
83:2a:31:29:88:c6:d6:85:25:83:90:74:81:00:36:
c0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0E:FA:9D:C4:F5:27:F6:C6:08:F6:C6:05:04:28:05:6B:16:62:4F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3136342e3230382e302f32302d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.208.0/20
Signature Algorithm: sha256WithRSAEncryption
27:cf:43:3a:70:e2:c1:ae:77:30:41:87:9a:b1:a7:af:d8:7e:
86:f5:ec:83:e8:c4:f0:93:cb:0d:87:8b:ef:8c:15:c5:60:82:
f7:9a:76:26:d8:58:81:b9:29:19:4e:f8:95:fa:37:16:2a:59:
4c:00:c6:dc:c3:65:94:37:7b:a3:66:79:36:2f:51:6b:d0:84:
f8:71:34:36:1e:74:b4:c8:ba:25:aa:a6:59:15:45:24:10:e7:
d9:69:97:28:08:0d:9f:5d:5b:f5:96:23:7e:4d:99:27:64:bd:
4e:b9:3c:f5:97:b6:88:29:6f:0a:f6:9d:87:fc:6a:54:80:31:
2b:75:57:50:82:83:eb:a5:08:d3:75:c3:2f:9c:ad:9d:11:0e:
8e:2a:0f:b0:b2:88:b2:82:1b:4d:18:e3:12:db:48:c7:29:1a:
53:9b:91:98:2a:35:09:dc:05:c7:9a:28:15:c2:2c:90:06:3c:
ac:e6:84:68:c1:0f:a7:a0:22:dc:a5:c8:86:8e:a0:43:ae:9b:
97:d5:e8:7e:f9:30:25:13:ff:3e:b0:ce:9f:0b:ea:ed:d9:fa:
98:f1:3d:12:94:34:88:af:3e:c6:c8:92:1f:d1:a5:ef:19:39:
8f:d2:fc:8d:ef:96:2f:3c:08:b4:7e:ff:84:49:4e:1a:fc:9d:
16:e0:a8:85
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUShIj1+Ta9qjybVvq6T1pk+NyS9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MTAxMjQyMzNaFw0yNjA5MDkxMjQ3MzNaMDMxMTAvBgNV
BAMTKDI4MEVGQTlEQzRGNTI3RjZDNjA4RjZDNjA1MDQyODA1NkIxNjYyNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB4IWm3U87vX5NAOnJckfBTPOC
yvUSjj9y3o2JVx4iMubmASEXO/XGJm7B2sCoX/0La6Mo77rp8P73jgfifHeurdsu
ZWnTK2jhRSc/rkKtSP6cAnTroJZ7rQ7qsH/uTEtJmObUWXNxRzlAdPLMl+3v6DYv
tznB2AD5r8Po1I4+u+WtCw0LPxu8co1BJ5CZPwTqTmU+AmXy0zuKUJkxhw1x/imS
oWpfWlv2NKvY2t5oi1a+v7H1p81NhUITmDL4iKwGqgEgHWX1GsqpvG8XWB8y38dz
0cpSjwgGHrSq/7B6rXZwwje5yBx0WDgpV2A6NoMqMSmIxtaFJYOQdIEANsDFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKA76ncT1J/bGCPbGBQQoBWsWYk8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzEzNjM0MmUzMjMw
MzgyZTMwMmYzMjMwMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
PqTQMA0GCSqGSIb3DQEBCwUAA4IBAQAnz0M6cOLBrncwQYeasaev2H6G9eyD6MTw
k8sNh4vvjBXFYIL3mnYm2FiBuSkZTviV+jcWKllMAMbcw2WUN3ujZnk2L1Fr0IT4
cTQ2HnS0yLolqqZZFUUkEOfZaZcoCA2fXVv1liN+TZknZL1OuTz1l7aIKW8K9p2H
/GpUgDErdVdQgoPrpQjTdcMvnK2dEQ6OKg+wsoiyghtNGOMS20jHKRpTm5GYKjUJ
3AXHmigVwiyQBjys5oRowQ+noCLcpciGjqBDrpuX1eh++TAlE/8+sM6fC+rt2fqY
8T0SlDSIrz7GyJIf0aXvGTmP0vyN75YvPAi0fv+ESU4a/J0W4KiF
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:28:57 2025 by rpki-client