Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/36322e3132322e3138382e302f32342d3234203d3e203330303538.roa
File: 36322e3132322e3138382e302f32342d3234203d3e203330303538.roa (raw, json)
Hash identifier: Sn6BjESg306oMG2v09CGJd3q5vLKGdFDpo5P27sfsZQ=
Subject key identifier: CA:F6:45:C1:F5:3C:46:F4:06:DE:B3:A3:71:73:8E:54:6C:EA:39:A9
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 1B2661F84351BA4E532320C146ACFBA36A4BAC84
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/36322e3132322e3138382e302f32342d3234203d3e203330303538.roa
Signing time: Sun 10 May 2026 21:43:33 +0000
ROA not before: Sun 10 May 2026 21:38:33 +0000
ROA not after: Sun 09 May 2027 21:43:33 +0000
asID: 30058
IP address blocks: 62.122.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:26:61:f8:43:51:ba:4e:53:23:20:c1:46:ac:fb:a3:6a:4b:ac:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: May 10 21:38:33 2026 GMT
Not After : May 9 21:43:33 2027 GMT
Subject: CN=CAF645C1F53C46F406DEB3A371738E546CEA39A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5d:ff:c4:e6:e1:4f:ac:eb:f1:14:5a:ea:c6:
77:81:b8:58:6e:66:a9:63:6b:0d:5c:5d:e3:43:e1:
dc:20:1d:f2:ed:5a:97:be:59:47:20:d0:12:e9:86:
c7:ad:1b:86:df:d7:53:19:52:43:87:4c:06:b1:af:
2e:c0:4a:00:d1:8e:53:cf:76:48:84:a1:dd:7a:42:
1c:83:ac:c4:3b:db:40:2d:60:84:fc:a8:8b:17:a7:
ea:6e:fd:3e:8a:05:45:00:ca:be:ff:6e:45:f7:91:
e0:f3:3c:85:ac:7e:46:d0:c0:a2:f8:37:c3:3d:df:
18:8b:71:87:31:64:09:4f:d1:9b:3f:23:a8:65:10:
b5:91:cd:51:3d:1b:0d:a7:ae:44:89:a6:76:8d:aa:
77:41:be:bb:c8:ad:0a:79:d3:cd:ed:d0:77:b7:78:
e4:84:65:3e:0d:56:9d:85:9e:29:73:a1:42:52:66:
c5:bb:1d:d3:0c:dc:6a:6e:bb:6c:34:e9:df:75:9f:
46:3e:8b:01:56:a2:12:9c:92:97:92:32:d8:28:ce:
38:ff:1b:df:09:79:ca:3c:2b:ed:df:c8:0e:ce:15:
d2:ef:2f:f7:86:75:48:15:a0:ae:9f:da:59:0b:d9:
28:2f:3e:b5:da:8c:3f:14:f8:01:0d:af:fa:81:c2:
29:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F6:45:C1:F5:3C:46:F4:06:DE:B3:A3:71:73:8E:54:6C:EA:39:A9
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/36322e3132322e3138382e302f32342d3234203d3e203330303538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.188.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:4c:da:be:aa:3d:44:5c:78:20:82:42:7a:9c:93:7f:63:df:
2e:a6:58:7b:30:a5:a1:1b:5b:55:cf:74:27:28:81:cc:61:84:
a7:d2:3d:76:d4:e3:b8:45:73:96:84:7e:63:c7:09:be:d9:e7:
6b:d4:e8:c2:ff:6c:f0:fe:a6:0d:15:8b:90:0d:d2:b7:c3:36:
e8:3d:c6:73:8f:32:fb:6e:da:2c:3b:15:b2:ae:e3:fb:23:36:
79:0a:dc:d5:43:07:ca:8a:9a:9e:b2:ad:60:a3:3b:06:4c:ea:
e1:1f:84:21:3c:e0:f8:ec:fd:07:0b:6f:1d:5c:3d:26:60:ec:
66:d7:3d:b8:be:b7:a6:7c:63:9a:3f:b5:16:0c:4b:27:19:68:
3a:db:af:9a:cc:67:c0:bd:02:9a:ca:cf:45:29:a9:ad:5a:84:
43:2e:73:f1:ad:bb:55:81:9e:d9:7d:10:93:28:28:81:85:9a:
62:d2:53:0a:94:ca:93:ed:52:33:1c:c2:4f:82:85:6b:30:85:
43:ef:ab:1a:84:15:79:52:4e:db:57:b3:08:b5:4c:41:44:66:
75:ab:b9:2d:80:a5:43:d3:8a:eb:29:34:60:32:4c:a3:08:fa:
1f:56:b1:bf:b3:97:98:06:77:a6:6b:9c:b7:93:93:77:00:0c:
97:88:43:6c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGyZh+ENRuk5TIyDBRqz7o2pLrIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjA1MTAyMTM4MzNaFw0yNzA1MDkyMTQzMzNaMDMxMTAvBgNV
BAMTKENBRjY0NUMxRjUzQzQ2RjQwNkRFQjNBMzcxNzM4RTU0NkNFQTM5QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBXf/E5uFPrOvxFFrqxneBuFhu
Zqljaw1cXeND4dwgHfLtWpe+WUcg0BLphsetG4bf11MZUkOHTAaxry7ASgDRjlPP
dkiEod16QhyDrMQ720AtYIT8qIsXp+pu/T6KBUUAyr7/bkX3keDzPIWsfkbQwKL4
N8M93xiLcYcxZAlP0Zs/I6hlELWRzVE9Gw2nrkSJpnaNqndBvrvIrQp5083t0He3
eOSEZT4NVp2FnilzoUJSZsW7HdMM3Gpuu2w06d91n0Y+iwFWohKckpeSMtgozjj/
G98Jeco8K+3fyA7OFdLvL/eGdUgVoK6f2lkL2SgvPrXajD8U+AENr/qBwimvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUyvZFwfU8RvQG3rOjcXOOVGzqOakwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzYzMjJlMzEzMjMyMmUzMTM4
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMwMzAzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Pnq8MA0GCSqGSIb3DQEBCwUAA4IBAQBdTNq+qj1EXHgggkJ6nJN/Y98uplh7MKWh
G1tVz3QnKIHMYYSn0j121OO4RXOWhH5jxwm+2edr1OjC/2zw/qYNFYuQDdK3wzbo
PcZzjzL7btosOxWyruP7IzZ5CtzVQwfKipqesq1gozsGTOrhH4QhPOD47P0HC28d
XD0mYOxm1z24vremfGOaP7UWDEsnGWg626+azGfAvQKays9FKamtWoRDLnPxrbtV
gZ7ZfRCTKCiBhZpi0lMKlMqT7VIzHMJPgoVrMIVD76sahBV5Uk7bV7MItUxBRGZ1
q7ktgKVD04rrKTRgMkyjCPofVrG/s5eYBnema5y3k5N3AAyXiENs
-----END CERTIFICATE-----
Generated at Wed May 13 06:57:54 2026 by rpki-client