Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3134362e3233322e302f32312d3332203d3e20313431393935.roa
File: 36322e3134362e3233322e302f32312d3332203d3e20313431393935.roa (raw, json)
Hash identifier: fPys4xqfSMv+n7AoqqgegSCQLCbiEhqfSELKPE1zAs0=
Subject key identifier: 36:E0:6B:C9:A6:2B:B4:8F:95:42:90:DE:0A:99:DB:48:14:11:E7:91
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6449B1CCB3B9B0AA02FC6D27DED627A1A86854E7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3134362e3233322e302f32312d3332203d3e20313431393935.roa
Signing time: Wed 22 Apr 2026 12:23:50 +0000
ROA not before: Wed 22 Apr 2026 12:18:50 +0000
ROA not after: Wed 21 Apr 2027 12:23:50 +0000
asID: 141995
IP address blocks: 62.146.232.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:49:b1:cc:b3:b9:b0:aa:02:fc:6d:27:de:d6:27:a1:a8:68:54:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 22 12:18:50 2026 GMT
Not After : Apr 21 12:23:50 2027 GMT
Subject: CN=36E06BC9A62BB48F954290DE0A99DB481411E791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c1:6a:d4:7a:d6:93:3e:53:62:2a:4c:b0:05:
ac:6d:8c:d7:c1:1d:4e:92:02:aa:d6:30:0f:65:d6:
60:63:2c:3d:f2:91:c4:13:a2:9b:ce:38:10:6d:d0:
ec:ed:c7:45:31:74:c3:d2:3d:ef:75:a0:73:67:00:
63:b2:3e:63:44:81:1f:e8:9e:71:6b:b9:f3:50:97:
48:9d:11:16:0e:b1:62:7a:11:ba:87:43:42:ae:7f:
d5:f7:ad:64:59:f5:f8:65:35:41:50:5c:76:16:61:
bc:f7:e2:e4:53:3d:74:74:a9:b8:49:9a:e4:d3:df:
a6:54:79:8e:d2:de:be:25:0e:61:2e:84:e8:ce:40:
5c:b9:66:6f:dd:46:55:02:da:c8:19:52:cf:c3:7e:
a7:b8:62:2b:8f:d1:f8:c5:55:a1:91:a2:84:d4:20:
98:8c:b6:3e:41:d7:c4:68:e4:e7:f5:4b:00:09:2b:
09:6a:6c:81:a3:bc:7a:93:13:a5:2c:ec:a2:b6:8c:
4f:ef:6e:8f:a8:b0:dc:ef:1f:23:89:63:9d:b3:0b:
04:24:3b:e9:a9:40:34:70:eb:1f:fc:4c:27:c1:f2:
41:5e:33:2a:2d:16:8b:a9:d7:2b:b4:61:79:ca:ff:
1d:b8:37:38:87:94:43:b1:0a:e5:b3:db:7b:1a:5f:
b7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E0:6B:C9:A6:2B:B4:8F:95:42:90:DE:0A:99:DB:48:14:11:E7:91
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3134362e3233322e302f32312d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.146.232.0/21
Signature Algorithm: sha256WithRSAEncryption
29:15:a8:5e:6f:01:0f:39:e7:c3:f1:14:be:bb:f8:aa:a0:b1:
14:8c:2d:47:08:ff:d0:bc:e9:dd:07:55:c8:51:08:50:6b:43:
7e:85:b3:b2:d5:e3:0c:b7:bc:2d:1b:91:37:e7:16:6a:6d:46:
bf:ae:30:4d:68:0a:fd:74:b2:f8:8d:17:e4:3a:4d:93:d3:41:
71:45:9d:a9:64:ea:49:f7:30:fd:d1:07:e6:65:ae:9c:37:c9:
03:22:2d:30:97:f1:d2:20:20:37:ca:81:82:33:51:32:1c:c6:
91:e9:c0:a4:20:65:a2:d4:72:c4:df:ba:d3:b2:ec:8f:f5:47:
fc:b8:d1:4c:04:47:0b:16:25:f7:ca:b6:e0:21:e1:28:e2:ee:
bd:e2:80:31:18:f1:be:a5:e1:c2:d0:1f:da:6b:2e:ee:88:cb:
12:54:97:ef:e8:0c:7a:c5:65:9d:6d:ee:da:ab:15:6e:1a:cb:
2e:27:eb:75:8f:81:b7:72:24:a6:0f:a2:79:15:4e:c4:98:e0:
55:87:55:eb:23:41:75:c1:72:1a:cb:a2:ba:25:39:2c:6a:6d:
39:70:fd:18:fe:da:21:e5:05:43:24:bc:86:de:29:45:fa:d6:
98:fb:9e:64:a4:b0:35:36:7f:39:7a:0f:c9:8a:b9:63:56:7f:
3a:33:8d:de
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZEmxzLO5sKoC/G0n3tYnoahoVOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjIxMjE4NTBaFw0yNzA0MjExMjIzNTBaMDMxMTAvBgNV
BAMTKDM2RTA2QkM5QTYyQkI0OEY5NTQyOTBERTBBOTlEQjQ4MTQxMUU3OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLwWrUetaTPlNiKkywBaxtjNfB
HU6SAqrWMA9l1mBjLD3ykcQTopvOOBBt0Oztx0UxdMPSPe91oHNnAGOyPmNEgR/o
nnFrufNQl0idERYOsWJ6EbqHQ0Kuf9X3rWRZ9fhlNUFQXHYWYbz34uRTPXR0qbhJ
muTT36ZUeY7S3r4lDmEuhOjOQFy5Zm/dRlUC2sgZUs/Dfqe4YiuP0fjFVaGRooTU
IJiMtj5B18Ro5Of1SwAJKwlqbIGjvHqTE6Us7KK2jE/vbo+osNzvHyOJY52zCwQk
O+mpQDRw6x/8TCfB8kFeMyotFoup1yu0YXnK/x24NziHlEOxCuWz23saX7erAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNuBryaYrtI+VQpDeCpnbSBQR55EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzEzNDM2MmUzMjMz
MzIyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAM+kugwDQYJKoZIhvcNAQELBQADggEBACkVqF5vAQ8558PxFL67+KqgsRSMLUcI
/9C86d0HVchRCFBrQ36Fs7LV4wy3vC0bkTfnFmptRr+uME1oCv10sviNF+Q6TZPT
QXFFnalk6kn3MP3RB+Zlrpw3yQMiLTCX8dIgIDfKgYIzUTIcxpHpwKQgZaLUcsTf
utOy7I/1R/y40UwERwsWJffKtuAh4Sji7r3igDEY8b6l4cLQH9prLu6IyxJUl+/o
DHrFZZ1t7tqrFW4ayy4n63WPgbdyJKYPonkVTsSY4FWHVesjQXXBchrLorolOSxq
bTlw/Rj+2iHlBUMkvIbeKUX61pj7nmSksDU2fzl6D8mKuWNWfzozjd4=
-----END CERTIFICATE-----
Generated at Wed May 13 10:41:41 2026 by rpki-client