Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e37322e34342e302f32322d3332203d3e20313431393935.roa
File: 36322e37322e34342e302f32322d3332203d3e20313431393935.roa (raw, json)
Hash identifier: sywyRRyzvM7VL/pN+Y7ysJ70VFAuNYpHBaaIKVLrMQs=
Subject key identifier: 38:70:F8:FE:AF:ED:90:4B:7A:E4:2D:03:20:56:1E:44:EA:51:55:7A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 651D4CD74363E6B948215DEC448CA448A666BE12
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e37322e34342e302f32322d3332203d3e20313431393935.roa
Signing time: Thu 30 Apr 2026 15:23:58 +0000
ROA not before: Thu 30 Apr 2026 15:18:58 +0000
ROA not after: Thu 29 Apr 2027 15:23:58 +0000
asID: 141995
IP address blocks: 62.72.44.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:1d:4c:d7:43:63:e6:b9:48:21:5d:ec:44:8c:a4:48:a6:66:be:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 15:18:58 2026 GMT
Not After : Apr 29 15:23:58 2027 GMT
Subject: CN=3870F8FEAFED904B7AE42D0320561E44EA51557A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ba:e3:a9:98:3d:5d:41:19:25:52:2f:28:e4:
19:f6:80:b7:fe:68:f4:6f:a4:2c:6b:72:e3:3f:84:
41:0e:79:cc:b8:9c:23:e3:46:34:a0:3c:77:92:75:
26:03:ba:d5:aa:35:de:7e:a8:11:5d:8b:90:1c:ff:
8f:02:d8:5c:7b:20:8a:b9:b5:5d:13:df:97:5f:a5:
a7:16:bf:82:25:d2:37:95:d5:b4:3e:d7:cf:e0:7c:
ce:c3:57:dc:1f:76:5d:1c:35:64:03:7e:84:f4:d4:
e2:db:fe:c6:be:79:01:24:a8:d9:43:93:f7:03:d5:
bd:9e:62:5e:eb:03:8f:a0:c6:77:70:91:bd:e5:10:
35:39:1f:60:bf:aa:c9:82:27:e9:d6:81:01:40:31:
84:4e:1e:1d:c3:1d:64:fa:92:b9:92:37:8c:84:37:
c9:fc:1e:d4:98:9d:a9:0e:56:63:6e:c0:c9:35:0b:
1e:a6:9b:d0:f6:64:9b:56:60:49:8e:9c:58:13:90:
7e:28:dd:01:3b:3a:76:8e:ce:39:3c:5a:77:54:e1:
aa:f0:33:4f:6d:5a:2a:50:0b:8c:73:04:78:96:eb:
8d:f0:d7:e7:a4:4b:84:dc:50:bd:89:29:ca:32:3e:
51:c2:d5:27:6b:c7:64:07:c5:4d:64:1d:ea:26:4a:
00:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:70:F8:FE:AF:ED:90:4B:7A:E4:2D:03:20:56:1E:44:EA:51:55:7A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e37322e34342e302f32322d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.44.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:e4:96:a0:d5:98:b3:9f:1d:08:8e:91:43:e0:4e:e3:13:6c:
8e:84:e3:73:f0:0b:51:7e:4b:d0:b7:9c:4d:67:aa:62:9e:8f:
a0:40:67:fa:b6:73:74:05:04:0f:3f:80:15:a6:aa:67:87:b9:
b4:64:f0:ee:d4:e2:4c:13:c3:b0:8c:ab:cf:17:ac:f6:65:28:
3c:db:dd:11:69:23:f3:d7:05:32:dc:1f:31:7e:1b:28:03:ed:
68:d4:86:36:f8:1b:3d:6d:03:5b:6c:d8:ca:c1:fe:1c:9c:76:
c0:0b:8d:e9:dc:f4:5a:4f:e2:a2:17:9e:6f:f2:35:3f:d3:8c:
1a:b6:c3:c4:f9:4a:39:47:2f:26:cf:eb:23:8a:3e:19:3b:11:
43:58:f9:fd:f9:cf:f6:ec:c0:ad:06:e8:47:54:ec:b2:2b:d7:
3c:45:bd:ad:f8:e8:2b:ae:db:3d:70:78:a5:42:6a:98:df:d2:
a0:b2:1a:51:37:a7:17:97:59:29:7f:e2:e6:2d:56:a0:09:5f:
a8:f2:1e:ce:57:19:ab:c8:69:2d:c1:f5:74:61:ef:12:eb:9f:
39:bd:a9:79:b3:72:a6:98:2b:ee:a8:86:31:11:f9:59:2d:19:
55:fd:3e:c0:7b:cc:aa:db:d3:49:af:13:8a:9d:95:8a:da:15:
cc:fd:74:00
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZR1M10Nj5rlIIV3sRIykSKZmvhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxNTE4NThaFw0yNzA0MjkxNTIzNThaMDMxMTAvBgNV
BAMTKDM4NzBGOEZFQUZFRDkwNEI3QUU0MkQwMzIwNTYxRTQ0RUE1MTU1N0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+uuOpmD1dQRklUi8o5Bn2gLf+
aPRvpCxrcuM/hEEOecy4nCPjRjSgPHeSdSYDutWqNd5+qBFdi5Ac/48C2Fx7IIq5
tV0T35dfpacWv4Il0jeV1bQ+18/gfM7DV9wfdl0cNWQDfoT01OLb/sa+eQEkqNlD
k/cD1b2eYl7rA4+gxndwkb3lEDU5H2C/qsmCJ+nWgQFAMYROHh3DHWT6krmSN4yE
N8n8HtSYnakOVmNuwMk1Cx6mm9D2ZJtWYEmOnFgTkH4o3QE7OnaOzjk8WndU4arw
M09tWipQC4xzBHiW643w1+ekS4TcUL2JKcoyPlHC1Sdrx2QHxU1kHeomSgBbAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUOHD4/q/tkEt65C0DIFYeROpRVXowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzczMjJlMzQzNDJl
MzAyZjMyMzIyZDMzMzIyMDNkM2UyMDMxMzQzMTM5MzkzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAj5I
LDANBgkqhkiG9w0BAQsFAAOCAQEAbuSWoNWYs58dCI6RQ+BO4xNsjoTjc/ALUX5L
0LecTWeqYp6PoEBn+rZzdAUEDz+AFaaqZ4e5tGTw7tTiTBPDsIyrzxes9mUoPNvd
EWkj89cFMtwfMX4bKAPtaNSGNvgbPW0DW2zYysH+HJx2wAuN6dz0Wk/ioheeb/I1
P9OMGrbDxPlKOUcvJs/rI4o+GTsRQ1j5/fnP9uzArQboR1TssivXPEW9rfjoK67b
PXB4pUJqmN/SoLIaUTenF5dZKX/i5i1WoAlfqPIezlcZq8hpLcH1dGHvEuufOb2p
ebNyppgr7qiGMRH5WS0ZVf0+wHvMqtvTSa8Tip2VitoVzP10AA==
-----END CERTIFICATE-----
Generated at Wed May 13 08:43:51 2026 by rpki-client