Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63023.roa
File: AS63023.roa (raw, json)
Hash identifier: GbxqUwz39+vbgacA6zzm6FTgNYFY//ajkz77gY/SGi4=
Subject key identifier: 3D:8E:AF:36:49:4E:0D:36:5D:BA:B5:B7:96:EC:2A:DF:95:BA:F8:10
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2F2FA8B92074A6694052368FBC1E390D6700CCE3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63023.roa
Signing time: Fri 30 Jan 2026 12:41:38 +0000
ROA not before: Fri 30 Jan 2026 12:36:38 +0000
ROA not after: Fri 29 Jan 2027 12:41:38 +0000
asID: 63023
IP address blocks: 96.62.77.0/24 maxlen: 24
96.62.100.0/24 maxlen: 24
143.14.67.0/24 maxlen: 24
155.117.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:2f:a8:b9:20:74:a6:69:40:52:36:8f:bc:1e:39:0d:67:00:cc:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 30 12:36:38 2026 GMT
Not After : Jan 29 12:41:38 2027 GMT
Subject: CN=3D8EAF36494E0D365DBAB5B796EC2ADF95BAF810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2f:92:d8:22:ba:d1:75:9e:32:a5:40:37:32:
d6:07:1a:73:6c:c7:26:8e:f1:a8:a4:53:5d:c2:53:
cc:5a:10:08:ef:a2:9e:42:97:b4:75:1b:67:36:a3:
46:e6:46:31:9a:b2:6c:c8:15:8c:bb:0c:e0:42:b9:
1e:8b:9e:6e:8a:7b:b4:bd:ce:79:25:58:4d:7c:2d:
1b:02:1e:56:6d:15:f3:2a:61:b9:32:06:88:60:14:
d5:52:2f:e9:b2:f3:2f:49:94:db:53:49:a8:73:0a:
28:dd:fc:ff:8f:eb:a4:7a:40:e4:b5:f2:9b:9b:a4:
dd:4b:9e:65:ed:da:6d:fe:08:f6:e6:a3:d3:f9:d1:
cb:21:4f:d2:39:1f:21:7b:f6:8d:c4:61:d9:d4:ac:
7e:fa:b9:26:b6:79:3f:ec:64:61:58:c5:9a:de:cc:
44:78:26:98:70:d0:69:15:bc:bd:ea:09:c8:ab:5c:
7b:02:e7:45:5a:7c:8d:9f:bb:fa:04:89:3c:39:31:
51:87:2e:fa:f0:f0:be:cb:db:44:a7:23:df:04:d2:
f5:91:81:e3:67:ab:07:de:06:ee:08:27:d7:f9:d4:
29:6e:4b:92:6b:62:97:a8:0d:91:7d:25:4d:37:74:
32:b6:9c:ec:7a:28:35:e1:78:2d:1a:0a:02:fd:32:
84:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8E:AF:36:49:4E:0D:36:5D:BA:B5:B7:96:EC:2A:DF:95:BA:F8:10
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63023.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.77.0/24
96.62.100.0/24
143.14.67.0/24
155.117.206.0/24
Signature Algorithm: sha256WithRSAEncryption
96:ae:39:96:71:5e:f1:8c:f8:b4:ae:0b:b1:4c:1b:1e:a6:1c:
63:d7:b9:d2:ee:b8:6b:3b:2d:8b:08:10:be:18:7f:a0:ce:1f:
b9:d3:ef:19:a2:19:83:ea:18:64:41:5d:0a:79:7f:ad:de:80:
1f:df:ff:0a:4e:4c:66:91:ce:cd:52:a5:13:a7:cb:1c:fe:ed:
6a:84:5f:0c:b8:32:4e:02:1f:25:0c:a7:94:bf:ba:7c:ac:fb:
eb:e5:f2:8b:62:bd:1e:06:e2:b5:39:e3:f9:c6:a0:0b:f3:bc:
ac:db:2b:cf:85:ff:40:a6:ab:aa:29:79:91:84:92:72:fc:f2:
03:9f:ba:f0:04:2b:5d:b2:b9:cd:16:3a:20:12:09:3c:d7:18:
fa:a7:73:58:8b:ca:9f:1e:0d:3a:fa:e7:d7:74:9a:b6:41:85:
4b:f4:a2:81:85:5a:df:3b:ea:4d:1b:20:de:97:75:9a:f2:28:
f5:8e:9a:41:dd:ac:31:99:13:a5:b3:71:a9:42:09:3f:6f:b3:
31:9b:35:38:5b:d0:81:a1:4e:12:37:c6:a4:3b:3c:7a:25:1e:
e0:c8:af:bc:f7:94:bf:60:aa:78:36:0a:cf:6e:f2:ce:f4:17:
62:bb:38:be:90:76:cd:22:18:55:ed:f0:02:79:64:eb:b4:10:
b9:99:e9:4d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIULy+ouSB0pmlAUjaPvB45DWcAzOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAxMzAxMjM2MzhaFw0yNzAxMjkxMjQxMzhaMDMxMTAvBgNV
BAMTKDNEOEVBRjM2NDk0RTBEMzY1REJBQjVCNzk2RUMyQURGOTVCQUY4MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJL5LYIrrRdZ4ypUA3MtYHGnNs
xyaO8aikU13CU8xaEAjvop5Cl7R1G2c2o0bmRjGasmzIFYy7DOBCuR6Lnm6Ke7S9
znklWE18LRsCHlZtFfMqYbkyBohgFNVSL+my8y9JlNtTSahzCijd/P+P66R6QOS1
8pubpN1LnmXt2m3+CPbmo9P50cshT9I5HyF79o3EYdnUrH76uSa2eT/sZGFYxZre
zER4Jphw0GkVvL3qCcirXHsC50VafI2fu/oEiTw5MVGHLvrw8L7L20SnI98E0vWR
geNnqwfeBu4IJ9f51CluS5JrYpeoDZF9JU03dDK2nOx6KDXheC0aCgL9MoS5AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUPY6vNklODTZdurW3luwq35W6+BAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjMwMjMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABgPk0D
BABgPmQDBACPDkMDBACbdc4wDQYJKoZIhvcNAQELBQADggEBAJauOZZxXvGM+LSu
C7FMGx6mHGPXudLuuGs7LYsIEL4Yf6DOH7nT7xmiGYPqGGRBXQp5f63egB/f/wpO
TGaRzs1SpROnyxz+7WqEXwy4Mk4CHyUMp5S/unys++vl8otivR4G4rU54/nGoAvz
vKzbK8+F/0Cmq6opeZGEknL88gOfuvAEK12yuc0WOiASCTzXGPqnc1iLyp8eDTr6
59d0mrZBhUv0ooGFWt876k0bIN6XdZryKPWOmkHdrDGZE6WzcalCCT9vszGbNThb
0IGhThI3xqQ7PHolHuDIr7z3lL9gqng2Cs9u8s70F2K7OL6Qds0iGFXt8AJ5ZOu0
ELmZ6U0=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:16 2026 by rpki-client