Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e37322e32342e302f32322d3234203d3e203437353833.roa
File: 36322e37322e32342e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: /Mwh+4JRt4ePRedj2/b9iZWvayfDEyJK9JGqlqtX4ws=
Subject key identifier: AE:11:11:49:13:23:CF:FE:F5:3B:BF:5C:14:C2:C5:3F:01:36:0D:AC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1045318ED8650BA40541E187458251972E17F8A4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e37322e32342e302f32322d3234203d3e203437353833.roa
Signing time: Fri 22 May 2026 08:24:25 +0000
ROA not before: Fri 22 May 2026 08:19:25 +0000
ROA not after: Fri 21 May 2027 08:24:25 +0000
asID: 47583
IP address blocks: 62.72.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:45:31:8e:d8:65:0b:a4:05:41:e1:87:45:82:51:97:2e:17:f8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 22 08:19:25 2026 GMT
Not After : May 21 08:24:25 2027 GMT
Subject: CN=AE1111491323CFFEF53BBF5C14C2C53F01360DAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8c:9a:bc:90:5d:eb:c0:fe:8e:11:ca:38:dd:
d8:9f:de:f0:39:bd:1c:40:8d:63:d7:34:38:85:8c:
d0:74:42:04:99:3e:7c:f7:fa:08:b3:4e:7a:28:97:
15:0a:9f:45:29:38:23:a4:ea:d5:4b:f8:ae:22:09:
21:4a:ca:79:81:8f:fb:3c:e9:5a:01:84:00:fa:24:
7e:97:c2:b8:44:ab:26:56:70:e8:72:35:15:83:6f:
2e:d1:3c:68:45:e9:65:ef:bc:31:1b:20:39:ad:f6:
c3:24:32:a4:85:cd:e1:51:f3:d0:9a:c8:5b:6a:ce:
7f:a0:74:f7:2d:8c:06:3c:78:8c:9a:09:b4:bb:7c:
58:c1:70:cc:c6:bb:e6:8a:70:de:d0:3f:b4:29:c6:
36:ca:1f:b9:a9:b8:08:a3:9d:6b:c6:d0:55:84:7a:
7c:48:68:7b:b2:f1:b7:ad:30:ba:8c:df:11:eb:29:
50:20:29:69:a7:1b:02:f9:d1:c8:b9:77:41:7b:4f:
ef:10:06:35:10:2b:50:74:ec:ff:07:23:cc:89:c1:
f4:61:49:5c:03:27:dd:af:30:e0:04:9a:86:68:8d:
de:7f:12:ce:83:2e:f6:fc:84:a5:15:2d:29:d8:44:
8a:b4:37:db:bb:81:ae:0c:70:97:7f:f2:e2:51:c7:
1a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:11:11:49:13:23:CF:FE:F5:3B:BF:5C:14:C2:C5:3F:01:36:0D:AC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e37322e32342e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.24.0/22
Signature Algorithm: sha256WithRSAEncryption
53:cf:62:09:bf:b3:b6:76:1b:60:5a:ad:29:84:ad:d3:8f:a2:
b4:5d:de:7b:58:45:fc:f7:94:58:e7:d9:46:c5:c6:b8:4d:6d:
8e:8f:fb:2a:45:6d:de:55:ee:e1:a0:d3:cb:bf:cf:17:22:41:
6b:52:ed:8c:c6:5c:2a:f2:16:38:f9:44:f8:36:0f:ab:d1:3c:
aa:78:25:b5:c2:f9:b1:48:b9:72:0b:cc:75:95:15:6c:dc:75:
11:5d:bf:3d:7b:ff:1c:59:f4:16:58:1c:3f:e0:bb:de:f3:af:
69:ae:d4:14:0b:45:cb:46:93:9e:d5:15:aa:26:53:53:25:d2:
18:39:80:09:53:3b:84:39:8b:fb:c4:71:c2:59:33:08:06:3f:
10:d7:2c:e1:1a:a2:93:a9:92:8a:96:c5:37:cd:65:6d:4a:9e:
9e:d8:58:05:70:b6:4b:78:70:fa:6d:41:7d:18:04:66:51:10:
03:3f:df:80:06:52:a0:e3:a3:4e:dd:7f:82:04:68:5e:dd:ca:
c2:c6:bd:7b:ba:20:53:d6:95:4e:24:f5:88:d3:5b:82:39:a2:
1c:a0:7a:63:c6:b2:fd:e5:df:20:55:78:88:87:03:d9:1b:94:
09:d9:bd:d9:77:7d:b7:c3:1e:f9:71:b9:ec:c9:b3:0a:5e:b0:
a5:9f:6b:e1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUEEUxjthlC6QFQeGHRYJRly4X+KQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjIwODE5MjVaFw0yNzA1MjEwODI0MjVaMDMxMTAvBgNV
BAMTKEFFMTExMTQ5MTMyM0NGRkVGNTNCQkY1QzE0QzJDNTNGMDEzNjBEQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6jJq8kF3rwP6OEco43dif3vA5
vRxAjWPXNDiFjNB0QgSZPnz3+gizTnoolxUKn0UpOCOk6tVL+K4iCSFKynmBj/s8
6VoBhAD6JH6XwrhEqyZWcOhyNRWDby7RPGhF6WXvvDEbIDmt9sMkMqSFzeFR89Ca
yFtqzn+gdPctjAY8eIyaCbS7fFjBcMzGu+aKcN7QP7QpxjbKH7mpuAijnWvG0FWE
enxIaHuy8betMLqM3xHrKVAgKWmnGwL50ci5d0F7T+8QBjUQK1B07P8HI8yJwfRh
SVwDJ92vMOAEmoZojd5/Es6DLvb8hKUVLSnYRIq0N9u7ga4McJd/8uJRxxohAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUrhERSRMjz/71O79cFMLFPwE2DawwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzczMjJlMzIzNDJl
MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI+SBgw
DQYJKoZIhvcNAQELBQADggEBAFPPYgm/s7Z2G2BarSmErdOPorRd3ntYRfz3lFjn
2UbFxrhNbY6P+ypFbd5V7uGg08u/zxciQWtS7YzGXCryFjj5RPg2D6vRPKp4JbXC
+bFIuXILzHWVFWzcdRFdvz17/xxZ9BZYHD/gu97zr2mu1BQLRctGk57VFaomU1Ml
0hg5gAlTO4Q5i/vEccJZMwgGPxDXLOEaopOpkoqWxTfNZW1Knp7YWAVwtkt4cPpt
QX0YBGZREAM/34AGUqDjo07df4IEaF7dysLGvXu6IFPWlU4k9YjTW4I5ohygemPG
sv3l3yBVeIiHA9kblAnZvdl3fbfDHvlxuezJswpesKWfa+E=
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:17:48 2026 by rpki-client