Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/36322e3230342e33372e302f32342d3234203d3e20313938323331.roa
File: 36322e3230342e33372e302f32342d3234203d3e20313938323331.roa (raw, json)
Hash identifier: 2+e1pcV/1HjSIXMmpHYPl94RJ1VHndDhp/PzS1D2Aqo=
Subject key identifier: E1:96:E9:49:A2:F4:73:85:BD:40:20:99:99:48:25:E1:96:15:05:20
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 50E358D4771AF04FA4B942C8143E56B4E4FBA829
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/36322e3230342e33372e302f32342d3234203d3e20313938323331.roa
Signing time: Mon 09 Feb 2026 18:55:38 +0000
ROA not before: Mon 09 Feb 2026 18:50:38 +0000
ROA not after: Mon 08 Feb 2027 18:55:38 +0000
asID: 198231
IP address blocks: 62.204.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:e3:58:d4:77:1a:f0:4f:a4:b9:42:c8:14:3e:56:b4:e4:fb:a8:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:38 2026 GMT
Not After : Feb 8 18:55:38 2027 GMT
Subject: CN=E196E949A2F47385BD402099994825E196150520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:79:f9:16:03:da:96:d6:c5:be:92:9f:95:1d:
64:aa:12:b1:8a:0a:9d:0d:6f:c9:1d:27:09:02:d3:
06:29:24:96:bb:13:85:b5:ca:b5:63:93:a4:ba:37:
9b:2e:fa:0c:51:19:8e:49:b6:f6:31:e5:99:4e:cf:
8a:8b:21:99:e4:09:56:4d:14:c6:77:a8:c8:f3:b7:
79:73:ea:ef:34:72:0f:eb:da:ae:ea:61:d7:c6:4d:
06:40:60:43:30:d1:7a:1b:04:56:d5:97:5f:1b:32:
d2:78:c7:23:e5:9a:13:77:91:56:b1:50:d6:1e:f5:
07:54:bb:38:8e:5a:16:1e:38:e0:24:7f:2d:25:94:
b2:c5:ef:cf:d5:b9:ee:c5:37:7e:b9:d1:33:b3:6e:
8f:b4:49:0a:6f:fa:63:f7:21:f3:ce:f4:bd:b4:d3:
29:54:3a:b7:55:9a:49:9a:2b:25:e3:97:00:02:a3:
1f:02:87:72:e9:2f:0e:d4:d8:ca:7a:40:69:bc:63:
e1:e5:dd:7e:4b:76:15:e1:12:14:7a:71:9e:58:46:
58:f8:0e:ba:d1:fb:8f:c6:90:81:6a:c9:d0:f9:a2:
ff:77:fc:0c:24:67:a9:8a:3a:e3:c8:67:0b:aa:73:
1a:30:62:ea:d6:a8:de:4b:24:73:66:b0:b9:fe:29:
84:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:96:E9:49:A2:F4:73:85:BD:40:20:99:99:48:25:E1:96:15:05:20
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/36322e3230342e33372e302f32342d3234203d3e20313938323331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.37.0/24
Signature Algorithm: sha256WithRSAEncryption
03:30:87:1d:c7:ca:28:6c:e3:00:16:48:5d:16:06:14:da:52:
65:f6:af:7a:a5:9d:aa:e2:58:67:4a:90:a0:09:dc:b1:42:d6:
14:ce:7c:09:e6:0e:d8:53:76:44:fa:8a:b9:68:fe:1c:01:11:
71:24:bd:02:82:36:a7:95:df:37:5e:a3:64:e4:3d:f0:2a:ec:
27:e0:ca:60:e5:19:dc:a4:d9:07:c4:1b:ea:e7:24:e2:61:5c:
b5:12:51:53:6e:d2:13:b4:8c:9b:84:c8:4b:e0:8c:f9:f9:34:
29:93:74:ad:c8:6a:94:a4:2b:09:e1:e7:2a:22:91:7b:80:d5:
de:d9:81:3c:a4:09:38:d3:1a:16:57:c7:cb:92:3c:18:7b:dd:
9a:13:ea:13:eb:a6:8c:4f:b5:a1:42:2c:60:ea:c8:40:15:e1:
e3:16:f7:de:da:7a:e0:ca:fd:81:f1:81:c5:82:69:d5:22:38:
ae:5d:28:47:63:a2:6e:31:60:ee:f6:7b:3e:32:40:a3:0f:20:
ae:68:74:1c:90:e7:af:47:0b:d8:31:27:5a:4c:bb:ce:99:50:
8e:87:05:1e:e7:98:25:d0:e1:17:03:22:8b:24:bf:e7:df:20:
cf:a5:3e:fd:c0:cc:7a:41:05:0b:86:ba:28:71:7a:66:0d:44:
ef:a7:f0:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUONY1Hca8E+kuULIFD5WtOT7qCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzhaFw0yNzAyMDgxODU1MzhaMDMxMTAvBgNV
BAMTKEUxOTZFOTQ5QTJGNDczODVCRDQwMjA5OTk5NDgyNUUxOTYxNTA1MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVefkWA9qW1sW+kp+VHWSqErGK
Cp0Nb8kdJwkC0wYpJJa7E4W1yrVjk6S6N5su+gxRGY5JtvYx5ZlOz4qLIZnkCVZN
FMZ3qMjzt3lz6u80cg/r2q7qYdfGTQZAYEMw0XobBFbVl18bMtJ4xyPlmhN3kVax
UNYe9QdUuziOWhYeOOAkfy0llLLF78/Vue7FN3650TOzbo+0SQpv+mP3IfPO9L20
0ylUOrdVmkmaKyXjlwACox8Ch3LpLw7U2Mp6QGm8Y+Hl3X5LdhXhEhR6cZ5YRlj4
DrrR+4/GkIFqydD5ov93/AwkZ6mKOuPIZwuqcxowYurWqN5LJHNmsLn+KYT/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4ZbpSaL0c4W9QCCZmUgl4ZYVBSAwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzYzMjJlMzIzMDM0MmUzMzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM4MzIzMzMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
PswlMA0GCSqGSIb3DQEBCwUAA4IBAQADMIcdx8oobOMAFkhdFgYU2lJl9q96pZ2q
4lhnSpCgCdyxQtYUznwJ5g7YU3ZE+oq5aP4cARFxJL0Cgjanld83XqNk5D3wKuwn
4Mpg5RncpNkHxBvq5yTiYVy1ElFTbtITtIybhMhL4Iz5+TQpk3StyGqUpCsJ4ecq
IpF7gNXe2YE8pAk40xoWV8fLkjwYe92aE+oT66aMT7WhQixg6shAFeHjFvfe2nrg
yv2B8YHFgmnVIjiuXShHY6JuMWDu9ns+MkCjDyCuaHQckOevRwvYMSdaTLvOmVCO
hwUe55gl0OEXAyKLJL/n3yDPpT79wMx6QQULhroocXpmDUTvp/BO
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:43:39 2026 by rpki-client