Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136342e302f32342d3234203d3e20323030353036.roa
File: 36322e38342e3136342e302f32342d3234203d3e20323030353036.roa (raw, json)
Hash identifier: p/04dpCydy7HUbYUs4uRAxQCFPiuCG7C3zp1nyDf6rA=
Subject key identifier: BE:17:7A:83:C7:E1:B3:4E:20:94:B8:64:E9:4C:41:6C:CB:A6:BA:17
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3C1102E0D2C3FA2A6B4AA2EBD4BE3057572E03F0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136342e302f32342d3234203d3e20323030353036.roa
Signing time: Tue 24 Mar 2026 13:06:30 +0000
ROA not before: Tue 24 Mar 2026 13:01:30 +0000
ROA not after: Tue 23 Mar 2027 13:06:30 +0000
asID: 200506
IP address blocks: 62.84.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:11:02:e0:d2:c3:fa:2a:6b:4a:a2:eb:d4:be:30:57:57:2e:03:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 24 13:01:30 2026 GMT
Not After : Mar 23 13:06:30 2027 GMT
Subject: CN=BE177A83C7E1B34E2094B864E94C416CCBA6BA17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e2:86:46:e1:0f:51:5f:12:34:59:95:6c:79:
7d:a2:1a:a1:be:8e:03:96:06:14:c9:67:4f:11:4c:
70:0b:89:43:53:66:8f:59:0a:d6:2f:0e:5f:d9:d6:
b2:f7:67:b3:5a:eb:07:6b:46:55:3c:6b:b5:9c:04:
80:c1:47:70:05:12:e1:53:14:5d:e4:d6:9d:8d:af:
1f:09:d6:40:71:cf:93:47:9b:31:07:40:2e:1a:a3:
42:78:6c:a7:0c:e3:50:30:45:9f:a7:a7:12:8c:ec:
73:18:7c:ec:6c:57:21:45:03:8c:1e:9c:97:25:73:
5e:94:53:d1:7a:eb:90:66:13:0b:8d:d9:fa:98:0f:
48:50:fa:8f:88:31:20:5d:0c:ae:36:83:c6:f5:42:
a8:18:4b:c8:5d:08:1a:33:10:66:e1:68:2e:e2:57:
26:84:7d:35:59:ec:86:bf:5e:fa:bc:14:4c:e7:5d:
08:ef:d3:97:ef:8b:da:8f:e4:39:e2:ae:89:34:a0:
91:b9:d2:dd:81:da:72:80:b1:e1:43:af:ce:dd:79:
af:7c:c6:cb:ca:a4:aa:3e:79:ef:33:b5:1b:f6:cd:
36:ef:09:d1:b9:a0:29:77:f2:a8:84:b9:c2:47:29:
69:d4:63:87:72:07:48:33:38:78:fc:aa:9e:d5:97:
a9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:17:7A:83:C7:E1:B3:4E:20:94:B8:64:E9:4C:41:6C:CB:A6:BA:17
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136342e302f32342d3234203d3e20323030353036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.164.0/24
Signature Algorithm: sha256WithRSAEncryption
72:19:68:b9:35:75:8e:1f:9c:2c:5d:f4:5f:2e:e1:b3:e0:4b:
16:47:ad:63:97:db:84:ee:34:04:c3:c2:39:3b:b3:4c:4c:17:
90:d2:9a:6b:cc:b1:d6:93:43:d9:79:3b:9f:23:45:8e:62:e5:
84:0a:38:bd:73:d9:d5:3a:97:f5:7c:8c:1f:31:2e:2b:ff:39:
eb:95:b5:82:10:32:79:37:33:1c:4e:d6:53:4e:2d:67:3a:0c:
b7:6e:02:d2:a0:6d:3e:20:8e:d1:e3:cb:5d:67:51:63:43:e4:
3e:c9:04:55:6b:cd:3a:c8:7d:d8:9f:b6:c0:87:54:eb:29:52:
ff:16:d3:d0:82:3b:d8:ae:21:d8:02:52:15:cd:3e:53:98:bf:
41:c5:21:17:1b:d4:dd:d8:da:63:6d:ec:88:8f:82:52:6f:0f:
01:b8:7f:95:52:f4:9a:b5:f5:dc:72:6a:5b:6f:4f:43:c3:2f:
5d:07:d8:87:db:a9:81:97:34:85:8e:a1:a6:66:7b:b3:f2:f7:
4b:38:6d:cd:d5:89:78:c6:55:db:9e:9c:91:49:0a:2c:48:83:
d4:cc:48:8a:41:41:72:73:4e:37:dd:c4:c6:ae:66:d1:48:94:
5b:b1:c2:2c:83:0c:6c:0c:03:1c:6a:90:38:d3:35:e1:ae:11:
fa:34:f7:0e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPBEC4NLD+iprSqLr1L4wV1cuA/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjQxMzAxMzBaFw0yNzAzMjMxMzA2MzBaMDMxMTAvBgNV
BAMTKEJFMTc3QTgzQzdFMUIzNEUyMDk0Qjg2NEU5NEM0MTZDQ0JBNkJBMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM4oZG4Q9RXxI0WZVseX2iGqG+
jgOWBhTJZ08RTHALiUNTZo9ZCtYvDl/Z1rL3Z7Na6wdrRlU8a7WcBIDBR3AFEuFT
FF3k1p2Nrx8J1kBxz5NHmzEHQC4ao0J4bKcM41AwRZ+npxKM7HMYfOxsVyFFA4we
nJclc16UU9F665BmEwuN2fqYD0hQ+o+IMSBdDK42g8b1QqgYS8hdCBozEGbhaC7i
VyaEfTVZ7Ia/Xvq8FEznXQjv05fvi9qP5Dnirok0oJG50t2B2nKAseFDr87dea98
xsvKpKo+ee8ztRv2zTbvCdG5oCl38qiEucJHKWnUY4dyB0gzOHj8qp7Vl6lfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvhd6g8fhs04glLhk6UxBbMumuhcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzgzNDJlMzEzNjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzUzMDM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
PlSkMA0GCSqGSIb3DQEBCwUAA4IBAQByGWi5NXWOH5wsXfRfLuGz4EsWR61jl9uE
7jQEw8I5O7NMTBeQ0pprzLHWk0PZeTufI0WOYuWECji9c9nVOpf1fIwfMS4r/znr
lbWCEDJ5NzMcTtZTTi1nOgy3bgLSoG0+II7R48tdZ1FjQ+Q+yQRVa806yH3Yn7bA
h1TrKVL/FtPQgjvYriHYAlIVzT5TmL9BxSEXG9Td2NpjbeyIj4JSbw8BuH+VUvSa
tfXccmpbb09Dwy9dB9iH26mBlzSFjqGmZnuz8vdLOG3N1Yl4xlXbnpyRSQosSIPU
zEiKQUFyc0433cTGrmbRSJRbscIsgwxsDAMcapA40zXhrhH6NPcO
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:33:59 2026 by rpki-client