Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136392e302f32342d3234203d3e20323135363338.roa
File: 36322e38342e3136392e302f32342d3234203d3e20323135363338.roa (raw, json)
Hash identifier: cl74QBk6RoIuLgku2b5pSDORTia9Lz4lXDpnQmGRSLk=
Subject key identifier: 68:9B:6C:81:9F:7D:ED:EB:1C:8C:7A:89:79:9B:5C:DA:D5:66:A4:45
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 33BECE7FEC455647A0B5073DB6593FC89FDB4E94
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136392e302f32342d3234203d3e20323135363338.roa
Signing time: Fri 17 Apr 2026 11:23:46 +0000
ROA not before: Fri 17 Apr 2026 11:18:46 +0000
ROA not after: Fri 16 Apr 2027 11:23:46 +0000
asID: 215638
IP address blocks: 62.84.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 10:56:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:be:ce:7f:ec:45:56:47:a0:b5:07:3d:b6:59:3f:c8:9f:db:4e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 17 11:18:46 2026 GMT
Not After : Apr 16 11:23:46 2027 GMT
Subject: CN=689B6C819F7DEDEB1C8C7A89799B5CDAD566A445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c4:4f:1b:d3:5d:84:e4:81:c1:b0:44:95:79:
45:c6:be:82:a0:15:1b:9f:55:6a:e0:d0:91:c6:6c:
dd:b2:94:10:1f:6f:af:fc:8e:0e:9d:a8:f1:10:ed:
ad:26:f6:93:02:b0:10:38:2d:13:35:fb:f6:b9:81:
ac:00:78:b9:87:c9:23:2b:ff:a3:a4:0d:05:8a:6b:
e1:ea:75:b5:cc:08:d8:8e:c7:cf:e4:01:4c:07:5c:
ad:e0:91:e4:49:c9:ed:ac:bb:36:30:c3:e3:d3:ac:
34:cc:e8:1c:22:6c:3b:d5:c6:3f:74:2f:74:2b:ca:
05:0d:c9:73:29:e3:fd:48:3e:1e:de:5e:8b:5e:9b:
bf:79:40:84:c2:92:8b:63:8f:7d:da:7d:e8:85:81:
e4:eb:38:22:9a:66:a6:9f:bb:b7:9e:70:6a:16:68:
23:b7:78:6d:d0:92:78:a9:b9:1f:f1:0f:12:a6:74:
d2:77:d2:57:a8:76:4a:07:7b:47:9a:ff:2b:0b:28:
ad:81:3d:48:be:7a:ea:ca:04:95:f3:35:41:3e:1c:
e0:95:c5:1d:0b:f7:37:d0:ce:07:a7:ed:7f:9b:7f:
1b:9c:81:bb:5b:09:a6:99:55:a6:71:82:c6:45:16:
64:90:29:3d:0f:aa:1d:3f:6d:99:89:0a:3e:83:73:
94:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:9B:6C:81:9F:7D:ED:EB:1C:8C:7A:89:79:9B:5C:DA:D5:66:A4:45
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136392e302f32342d3234203d3e20323135363338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.169.0/24
Signature Algorithm: sha256WithRSAEncryption
57:91:37:bd:7d:d9:f9:bc:48:77:ab:6e:d7:ec:25:ce:c1:bf:
d3:0a:35:13:ef:ef:f3:85:cf:36:7f:a1:d5:80:c7:2f:a4:8d:
3b:53:65:07:3c:fc:b7:84:09:ed:f2:66:73:9c:24:67:c7:b7:
54:4a:5a:b0:4b:53:80:03:4e:e0:27:68:54:32:ce:37:cd:57:
b1:1e:2e:bd:87:6d:b9:c5:d5:00:52:b7:59:c2:21:53:9a:b2:
db:08:c9:c2:2f:a8:90:d2:ae:70:ce:06:55:89:58:e9:85:4d:
ec:a8:92:c0:97:0a:e6:8b:6c:81:05:ba:12:bb:08:07:2e:0e:
41:d0:53:6a:ab:39:c8:4a:42:55:2c:8f:f6:cf:34:d5:f5:ea:
bc:4c:09:c6:93:04:c5:fb:de:3b:4c:e9:c7:a5:e5:ed:fa:3b:
3f:0d:5f:b9:4b:39:7d:50:13:0b:a4:ec:97:80:31:0f:59:ec:
eb:ab:24:a4:99:19:52:e0:a1:25:4b:93:75:96:e1:26:34:27:
d6:fa:14:4d:9c:70:79:44:a1:a9:7f:c2:4b:a0:09:a9:20:78:
f4:3c:39:72:7f:9e:15:1a:e2:fd:68:77:d2:77:a3:d7:af:8f:
5c:80:30:6a:d5:23:21:87:6a:54:7b:d1:c0:ee:2a:f3:07:52:
e2:d4:b4:34
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUM77Of+xFVkegtQc9tlk/yJ/bTpQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTcxMTE4NDZaFw0yNzA0MTYxMTIzNDZaMDMxMTAvBgNV
BAMTKDY4OUI2QzgxOUY3REVERUIxQzhDN0E4OTc5OUI1Q0RBRDU2NkE0NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgxE8b012E5IHBsESVeUXGvoKg
FRufVWrg0JHGbN2ylBAfb6/8jg6dqPEQ7a0m9pMCsBA4LRM1+/a5gawAeLmHySMr
/6OkDQWKa+HqdbXMCNiOx8/kAUwHXK3gkeRJye2suzYww+PTrDTM6BwibDvVxj90
L3QrygUNyXMp4/1IPh7eXotem795QITCkotjj33afeiFgeTrOCKaZqafu7eecGoW
aCO3eG3QknipuR/xDxKmdNJ30leodkoHe0ea/ysLKK2BPUi+eurKBJXzNUE+HOCV
xR0L9zfQzgen7X+bfxucgbtbCaaZVaZxgsZFFmSQKT0Pqh0/bZmJCj6Dc5TrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaJtsgZ997escjHqJeZtc2tVmpEUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzgzNDJlMzEzNjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzYzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
PlSpMA0GCSqGSIb3DQEBCwUAA4IBAQBXkTe9fdn5vEh3q27X7CXOwb/TCjUT7+/z
hc82f6HVgMcvpI07U2UHPPy3hAnt8mZznCRnx7dUSlqwS1OAA07gJ2hUMs43zVex
Hi69h225xdUAUrdZwiFTmrLbCMnCL6iQ0q5wzgZViVjphU3sqJLAlwrmi2yBBboS
uwgHLg5B0FNqqznISkJVLI/2zzTV9eq8TAnGkwTF+947TOnHpeXt+js/DV+5Szl9
UBMLpOyXgDEPWezrqySkmRlS4KElS5N1luEmNCfW+hRNnHB5RKGpf8JLoAmpIHj0
PDlyf54VGuL9aHfSd6PXr49cgDBq1SMhh2pUe9HA7irzB1Li1LQ0
-----END CERTIFICATE-----
Generated at Sun Apr 19 23:06:14 2026 by rpki-client