Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136392e302f32342d3234203d3e20323135363338.roa
File: 36322e38342e3136392e302f32342d3234203d3e20323135363338.roa (raw, json)
Hash identifier: z7sKD7IV489/VJkiuBhclzTxLP1ZwmWZA1vT8laHigk=
Subject key identifier: FA:47:64:B3:91:3F:29:1E:60:19:B6:20:D5:14:7C:59:39:D7:7A:F6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 78B436178CD227ADEBD9F45ECFAB900EE7B361FB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136392e302f32342d3234203d3e20323135363338.roa
Signing time: Fri 16 May 2025 10:57:28 +0000
ROA not before: Fri 16 May 2025 10:52:28 +0000
ROA not after: Fri 15 May 2026 10:57:28 +0000
asID: 215638
IP address blocks: 62.84.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 17:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:b4:36:17:8c:d2:27:ad:eb:d9:f4:5e:cf:ab:90:0e:e7:b3:61:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 16 10:52:28 2025 GMT
Not After : May 15 10:57:28 2026 GMT
Subject: CN=FA4764B3913F291E6019B620D5147C5939D77AF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:cf:5a:46:72:d2:c7:fa:79:1a:09:f1:38:0c:
5b:02:4c:14:ab:07:08:aa:2d:b7:25:12:16:5f:c3:
be:24:85:73:a8:cc:7d:14:ab:b2:98:e0:83:9c:4b:
0e:bd:ef:59:b9:bf:eb:29:b4:05:21:a3:30:26:63:
fd:4e:ea:90:a8:68:2f:f3:7d:f1:82:94:39:23:77:
45:0e:86:69:06:7a:d4:91:78:c9:eb:7c:eb:82:7f:
a2:95:5f:df:16:ef:d0:22:2e:1a:0f:5f:ce:95:d5:
75:43:ba:dd:15:71:8f:61:b8:76:12:de:f6:03:f9:
cb:94:b7:9a:44:fd:43:5d:67:b8:e4:03:27:cd:d3:
d9:27:14:7b:9f:29:21:92:e1:ab:4a:21:8c:23:9c:
0c:f2:5c:98:8b:a7:b9:34:7e:1a:32:47:50:73:b8:
85:a5:7d:e7:ee:e3:f6:43:6d:a9:32:9b:d7:af:81:
ec:fc:39:16:3a:06:37:b0:17:94:62:64:16:38:37:
66:5c:f0:b1:79:09:84:0e:4f:dd:0b:79:ff:04:77:
1e:24:3e:90:5d:d6:86:31:a6:49:e0:16:87:52:d4:
70:66:eb:6e:a1:e3:70:4f:40:60:79:64:01:e4:92:
75:97:9a:c9:31:41:b1:10:74:22:b8:f6:7f:c7:6b:
ae:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:47:64:B3:91:3F:29:1E:60:19:B6:20:D5:14:7C:59:39:D7:7A:F6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136392e302f32342d3234203d3e20323135363338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.169.0/24
Signature Algorithm: sha256WithRSAEncryption
62:57:12:23:f9:05:41:39:9c:04:13:d1:e6:52:5d:8c:93:fb:
12:a5:9f:19:01:59:9f:91:df:9c:ab:5e:1c:bc:3b:30:a2:a5:
81:e3:cc:92:a6:98:ac:9e:46:a9:fa:94:76:f6:d8:c6:da:af:
fc:89:b1:6d:9a:20:50:01:5f:be:7f:25:67:61:b9:21:16:7b:
d9:3b:55:ec:40:10:0c:13:01:9e:6d:96:71:b6:8b:54:e5:fb:
3b:12:7d:33:f0:4a:6e:b4:5b:31:90:6a:ae:8a:70:70:cb:b8:
94:03:2a:b2:2d:bd:b6:9a:6d:dc:1d:fb:36:21:5a:4c:28:61:
9a:cb:8a:89:ad:22:8f:b3:21:ba:a5:40:19:31:5f:f5:b1:d4:
73:63:76:a0:27:32:fb:d4:f1:3e:f6:8e:c4:01:0a:14:59:08:
ae:52:9e:14:e5:45:19:a9:4f:f2:c2:03:08:cf:41:8d:8d:61:
e5:57:8c:e0:3e:01:55:d7:99:2a:ab:21:a8:31:70:ed:c1:32:
23:e2:9e:8f:8b:87:ac:d8:60:27:ce:2b:9b:70:fe:cb:c2:c8:
d6:cc:ae:75:0c:6d:3b:9e:74:7e:92:0a:db:ac:99:5d:8c:52:
70:6f:d7:db:9b:b5:81:e7:d1:e7:24:9b:2b:02:10:6c:fe:2a:
86:3d:42:00
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeLQ2F4zSJ63r2fRez6uQDuezYfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTYxMDUyMjhaFw0yNjA1MTUxMDU3MjhaMDMxMTAvBgNV
BAMTKEZBNDc2NEIzOTEzRjI5MUU2MDE5QjYyMEQ1MTQ3QzU5MzlENzdBRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsz1pGctLH+nkaCfE4DFsCTBSr
BwiqLbclEhZfw74khXOozH0Uq7KY4IOcSw6971m5v+sptAUhozAmY/1O6pCoaC/z
ffGClDkjd0UOhmkGetSReMnrfOuCf6KVX98W79AiLhoPX86V1XVDut0VcY9huHYS
3vYD+cuUt5pE/UNdZ7jkAyfN09knFHufKSGS4atKIYwjnAzyXJiLp7k0fhoyR1Bz
uIWlfefu4/ZDbakym9evgez8ORY6BjewF5RiZBY4N2Zc8LF5CYQOT90Lef8Edx4k
PpBd1oYxpkngFodS1HBm626h43BPQGB5ZAHkknWXmskxQbEQdCK49n/Ha67lAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+kdks5E/KR5gGbYg1RR8WTnXevYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzgzNDJlMzEzNjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzYzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
PlSpMA0GCSqGSIb3DQEBCwUAA4IBAQBiVxIj+QVBOZwEE9HmUl2Mk/sSpZ8ZAVmf
kd+cq14cvDswoqWB48ySppisnkap+pR29tjG2q/8ibFtmiBQAV++fyVnYbkhFnvZ
O1XsQBAMEwGebZZxtotU5fs7En0z8EputFsxkGquinBwy7iUAyqyLb22mm3cHfs2
IVpMKGGay4qJrSKPsyG6pUAZMV/1sdRzY3agJzL71PE+9o7EAQoUWQiuUp4U5UUZ
qU/ywgMIz0GNjWHlV4zgPgFV15kqqyGoMXDtwTIj4p6Pi4es2GAnziubcP7LwsjW
zK51DG07nnR+kgrbrJldjFJwb9fbm7WB59HnJJsrAhBs/iqGPUIA
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:22:41 2025 by rpki-client