Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136372e302f32342d3234203d3e20323030323630.roa
File: 36322e38342e3136372e302f32342d3234203d3e20323030323630.roa (raw, json)
Hash identifier: v92AjdzJ9XQnqii2M836+7we3gXn9gIIg5SNY8lXy40=
Subject key identifier: 14:9D:27:54:6F:7A:59:30:6E:E3:D9:3F:E0:AB:BC:3D:DC:AB:66:C1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 171D91BAB5AA72040DB73814CFCB1F7B83FA8B2A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136372e302f32342d3234203d3e20323030323630.roa
Signing time: Sat 23 Aug 2025 07:30:02 +0000
ROA not before: Sat 23 Aug 2025 07:25:02 +0000
ROA not after: Sat 22 Aug 2026 07:30:02 +0000
asID: 200260
IP address blocks: 62.84.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:1d:91:ba:b5:aa:72:04:0d:b7:38:14:cf:cb:1f:7b:83:fa:8b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 23 07:25:02 2025 GMT
Not After : Aug 22 07:30:02 2026 GMT
Subject: CN=149D27546F7A59306EE3D93FE0ABBC3DDCAB66C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e0:31:a0:27:f9:f5:7c:0a:02:45:40:3b:28:
3f:0a:c2:ba:93:a6:19:42:c8:87:a1:01:55:5a:6d:
9f:9e:e6:1f:46:8f:9c:5e:f0:35:d2:43:99:af:76:
09:2e:20:65:12:46:36:ff:1b:a2:b4:02:01:99:13:
54:1e:f3:72:38:15:5d:37:8f:39:da:1d:d5:e9:88:
0e:8d:6c:dc:b1:69:0b:c0:d2:2d:00:46:c1:48:2a:
5f:f1:cc:28:3a:e6:b0:c8:74:0f:7d:09:fd:4b:8e:
6d:ca:82:ed:8a:7d:5e:f2:4e:de:f7:ca:ad:af:c9:
90:f1:76:62:61:4b:da:f0:c4:17:77:c1:a7:f6:75:
19:25:2a:1b:3e:25:fe:9d:76:67:b2:e5:f2:a0:83:
8d:4d:34:4c:c7:c3:a1:d6:eb:6d:43:14:79:db:60:
5c:a0:26:90:46:75:b2:25:23:32:87:60:c9:12:52:
67:fd:6c:d9:20:ed:f9:d1:65:00:9b:64:e2:ea:63:
75:e5:ee:6e:50:6e:c0:1e:fd:fd:0e:17:83:85:14:
7b:ce:ed:f6:14:c5:3b:fb:64:ff:5b:38:75:a7:3e:
64:76:f8:44:ce:82:58:16:e6:e9:e6:d3:0b:3d:f1:
a5:8a:38:01:fb:ee:23:59:13:f8:38:c8:98:04:85:
6c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9D:27:54:6F:7A:59:30:6E:E3:D9:3F:E0:AB:BC:3D:DC:AB:66:C1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136372e302f32342d3234203d3e20323030323630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.167.0/24
Signature Algorithm: sha256WithRSAEncryption
94:45:69:2e:b9:3b:48:f8:5a:8c:41:38:50:c0:4b:52:82:f2:
5d:e2:d3:ed:04:59:05:57:a5:61:b7:cb:48:94:13:7c:27:ac:
dd:9a:4c:63:ae:e7:ae:8b:b9:1d:68:ea:85:35:47:fa:7d:87:
a1:46:57:6f:72:73:14:ca:ac:d3:d7:c3:85:35:9d:71:2f:f0:
c8:eb:8b:59:6f:1f:76:82:66:0c:6d:07:73:d5:af:cc:21:a3:
42:9b:fd:eb:c9:ed:d9:a8:27:dc:fc:9e:f8:3b:de:69:ff:26:
05:4c:d6:62:5c:d0:99:1c:ee:09:95:df:10:43:52:35:57:e5:
42:c3:15:1f:9a:c7:e5:04:cf:41:83:75:36:ba:92:8e:68:3d:
66:f0:e9:1c:66:92:13:9c:5e:c5:f6:c9:d6:df:9e:a6:4e:a6:
c0:29:b8:d1:90:60:2c:3c:f1:69:c7:92:87:42:46:8d:dc:3e:
d7:8a:61:91:9d:3f:9d:80:55:10:72:5a:28:77:9b:e0:64:97:
a7:cc:4d:ac:6b:be:03:b9:b4:b1:de:6b:4f:b2:d0:1a:e1:57:
8e:ef:e1:6f:9c:82:63:4b:69:1b:78:95:fe:e9:66:32:0b:9e:
5c:fd:29:d0:03:33:be:6c:1c:80:44:24:ca:4f:45:7f:26:98:
52:15:4a:b7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFx2RurWqcgQNtzgUz8sfe4P6iyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjMwNzI1MDJaFw0yNjA4MjIwNzMwMDJaMDMxMTAvBgNV
BAMTKDE0OUQyNzU0NkY3QTU5MzA2RUUzRDkzRkUwQUJCQzNERENBQjY2QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw4DGgJ/n1fAoCRUA7KD8KwrqT
phlCyIehAVVabZ+e5h9Gj5xe8DXSQ5mvdgkuIGUSRjb/G6K0AgGZE1Qe83I4FV03
jznaHdXpiA6NbNyxaQvA0i0ARsFIKl/xzCg65rDIdA99Cf1Ljm3Kgu2KfV7yTt73
yq2vyZDxdmJhS9rwxBd3waf2dRklKhs+Jf6ddmey5fKgg41NNEzHw6HW621DFHnb
YFygJpBGdbIlIzKHYMkSUmf9bNkg7fnRZQCbZOLqY3Xl7m5QbsAe/f0OF4OFFHvO
7fYUxTv7ZP9bOHWnPmR2+ETOglgW5unm0ws98aWKOAH77iNZE/g4yJgEhWwJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFJ0nVG96WTBu49k/4Ku8PdyrZsEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzgzNDJlMzEzNjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzIzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
PlSnMA0GCSqGSIb3DQEBCwUAA4IBAQCURWkuuTtI+FqMQThQwEtSgvJd4tPtBFkF
V6Vht8tIlBN8J6zdmkxjrueui7kdaOqFNUf6fYehRldvcnMUyqzT18OFNZ1xL/DI
64tZbx92gmYMbQdz1a/MIaNCm/3rye3ZqCfc/J74O95p/yYFTNZiXNCZHO4Jld8Q
Q1I1V+VCwxUfmsflBM9Bg3U2upKOaD1m8OkcZpITnF7F9snW356mTqbAKbjRkGAs
PPFpx5KHQkaN3D7XimGRnT+dgFUQclood5vgZJenzE2sa74DubSx3mtPstAa4VeO
7+FvnIJjS2kbeJX+6WYyC55c/SnQAzO+bByARCTKT0V/JphSFUq3
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:17:39 2025 by rpki-client