Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135392e302f32342d3234203d3e20323134393431.roa
File: 34352e3135352e3135392e302f32342d3234203d3e20323134393431.roa (raw, json)
Hash identifier: WprLZ0caJLsKKnbXSREMKq6Jq8d42WBIKeez3W9qQzM=
Subject key identifier: 57:F3:66:C3:E4:60:46:1F:3A:FE:4B:C1:FF:4D:C4:E4:D7:4C:CA:D2
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 4FB029155BCA7FAAB0CD878DFA47D9A06E5269EA
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135392e302f32342d3234203d3e20323134393431.roa
Signing time: Mon 22 Sep 2025 08:55:07 +0000
ROA not before: Mon 22 Sep 2025 08:50:07 +0000
ROA not after: Mon 21 Sep 2026 08:55:07 +0000
asID: 214941
IP address blocks: 45.155.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 04:18:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:b0:29:15:5b:ca:7f:aa:b0:cd:87:8d:fa:47:d9:a0:6e:52:69:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Sep 22 08:50:07 2025 GMT
Not After : Sep 21 08:55:07 2026 GMT
Subject: CN=57F366C3E460461F3AFE4BC1FF4DC4E4D74CCAD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a0:e8:1e:58:32:9b:55:6a:08:28:00:65:99:
97:b9:0f:d5:52:08:8b:d0:5f:e8:d8:68:e0:33:b7:
b6:94:75:21:a7:d1:cc:93:25:87:ab:d2:cd:1c:5e:
c4:a8:04:24:19:b4:e4:48:4c:c3:ab:7d:b5:10:6a:
a2:4a:9b:77:33:b5:1a:9f:cc:7a:e5:bc:6b:56:b6:
33:d0:dd:a7:2a:91:cc:23:ed:27:97:1c:87:a6:d4:
c7:4c:24:e0:6b:65:0a:01:1a:61:83:1a:f1:e8:09:
fd:fd:ae:4d:05:86:58:d4:8d:af:bb:97:be:ff:9e:
a9:d3:c7:1f:4c:81:63:52:9b:2b:af:e4:d4:b5:9c:
36:08:35:1e:12:67:42:27:2b:06:5a:7d:90:e0:b7:
5a:e7:97:d4:f2:0d:dd:c8:29:61:b1:d7:45:3f:44:
38:92:c5:eb:ae:35:05:d6:d4:8c:c0:6b:e9:af:ba:
f9:3a:cb:06:4e:04:93:45:a5:78:8f:8e:6a:42:0a:
bd:42:80:a5:49:c1:f7:2c:bc:90:6c:96:21:b8:44:
1f:da:b6:95:df:2e:ac:3d:d5:ea:39:1f:1d:69:0a:
87:a3:8e:cf:fa:38:4f:e9:83:8e:4c:23:47:0b:f6:
20:22:29:2e:de:d1:91:6e:af:25:b4:91:e5:5a:59:
8c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F3:66:C3:E4:60:46:1F:3A:FE:4B:C1:FF:4D:C4:E4:D7:4C:CA:D2
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135392e302f32342d3234203d3e20323134393431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.159.0/24
Signature Algorithm: sha256WithRSAEncryption
57:65:b2:a4:e3:05:53:ba:c3:83:84:1a:d6:f0:74:4c:0a:d6:
08:1c:04:b1:82:b2:c1:b4:8e:28:16:fe:20:75:a6:50:09:92:
ec:38:ac:35:e8:41:8d:c4:b2:ee:3f:28:91:7e:7e:81:cf:cc:
c7:ea:4c:6b:19:77:02:da:1f:ef:4e:00:13:d0:12:9e:32:8a:
17:7f:cd:84:67:56:d6:0c:ad:55:bb:92:6f:03:d9:c8:2e:22:
9f:60:68:09:6c:7c:da:48:55:ba:81:22:04:df:99:b8:b2:17:
b2:63:e4:e5:8c:f4:d2:72:98:5d:f0:a1:6c:95:62:c9:97:47:
6c:34:bf:a5:81:66:d6:68:41:6e:0f:54:35:0e:76:d6:4e:06:
89:24:3d:14:53:e2:d5:2c:d9:f8:5d:d9:94:52:b5:de:1c:11:
04:ee:f4:82:93:c3:4a:5c:a7:20:07:4d:be:55:18:f3:6b:a9:
5e:c6:0e:d2:d1:f9:a6:0b:bf:ba:bc:1e:17:a4:a0:2e:14:ea:
0e:aa:77:27:60:e2:3c:99:e9:e4:b8:4a:6f:a6:71:c1:71:19:
3d:90:4d:51:ba:0d:fc:4a:38:85:19:1b:85:26:19:58:fe:10:
e6:7a:b4:9a:a0:6a:4f:fa:aa:00:14:bd:8b:c5:bc:b1:0c:f3:
e2:2f:cc:95
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUT7ApFVvKf6qwzYeN+kfZoG5SaeowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA5MjIwODUwMDdaFw0yNjA5MjEwODU1MDdaMDMxMTAvBgNV
BAMTKDU3RjM2NkMzRTQ2MDQ2MUYzQUZFNEJDMUZGNERDNEU0RDc0Q0NBRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHoOgeWDKbVWoIKABlmZe5D9VS
CIvQX+jYaOAzt7aUdSGn0cyTJYer0s0cXsSoBCQZtORITMOrfbUQaqJKm3cztRqf
zHrlvGtWtjPQ3acqkcwj7SeXHIem1MdMJOBrZQoBGmGDGvHoCf39rk0FhljUja+7
l77/nqnTxx9MgWNSmyuv5NS1nDYINR4SZ0InKwZafZDgt1rnl9TyDd3IKWGx10U/
RDiSxeuuNQXW1IzAa+mvuvk6ywZOBJNFpXiPjmpCCr1CgKVJwfcsvJBsliG4RB/a
tpXfLqw91eo5Hx1pCoejjs/6OE/pg45MI0cL9iAiKS7e0ZFuryW0keVaWYz9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUV/Nmw+RgRh86/kvB/03E5NdMytIwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzEzNTM1MmUzMTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzOTM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtm58wDQYJKoZIhvcNAQELBQADggEBAFdlsqTjBVO6w4OEGtbwdEwK1ggcBLGC
ssG0jigW/iB1plAJkuw4rDXoQY3Esu4/KJF+foHPzMfqTGsZdwLaH+9OABPQEp4y
ihd/zYRnVtYMrVW7km8D2cguIp9gaAlsfNpIVbqBIgTfmbiyF7Jj5OWM9NJymF3w
oWyVYsmXR2w0v6WBZtZoQW4PVDUOdtZOBokkPRRT4tUs2fhd2ZRStd4cEQTu9IKT
w0pcpyAHTb5VGPNrqV7GDtLR+aYLv7q8HhekoC4U6g6qdydg4jyZ6eS4Sm+mccFx
GT2QTVG6DfxKOIUZG4UmGVj+EOZ6tJqgak/6qgAUvYvFvLEM8+IvzJU=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:00:57 2025 by rpki-client