Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS62000.roa
File: AS62000.roa (raw, json)
Hash identifier: Qo49AuXbe9LiJKnN01lrQT/qxnTHXgDL1k4d2Y1kGOg=
Subject key identifier: 43:2F:FB:D9:3E:66:24:00:6A:81:2A:96:0E:E4:2E:F7:1D:A5:C7:0E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4127DE4647DD9C694DF80D013BAB7A3B4BC85360
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS62000.roa
Signing time: Tue 03 Feb 2026 21:55:36 +0000
ROA not before: Tue 03 Feb 2026 21:50:36 +0000
ROA not after: Tue 02 Feb 2027 21:55:36 +0000
asID: 62000
IP address blocks: 82.26.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:27:de:46:47:dd:9c:69:4d:f8:0d:01:3b:ab:7a:3b:4b:c8:53:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 3 21:50:36 2026 GMT
Not After : Feb 2 21:55:36 2027 GMT
Subject: CN=432FFBD93E6624006A812A960EE42EF71DA5C70E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a3:2d:a4:56:9d:1c:e4:6b:86:85:a1:52:ac:
59:3e:0e:8e:7c:29:ae:9d:6c:fe:30:b1:fc:fe:a8:
f6:c1:76:c9:74:4c:05:cb:8e:63:2b:06:97:8d:f9:
22:a3:32:9d:d0:c9:4c:92:97:cd:a5:99:14:e1:54:
ab:0c:3b:0e:b4:10:61:61:4a:91:7c:5a:bd:d5:67:
ca:d5:ed:d9:a2:70:9a:75:7b:0a:e0:52:06:82:fb:
66:0f:bc:4f:10:b9:63:02:c4:f8:57:fb:d7:ef:51:
53:35:69:8d:27:a8:36:16:3c:60:85:15:73:20:25:
6c:bf:25:3e:60:34:63:79:ba:a7:bb:14:b6:36:e8:
62:1c:9a:c1:d8:69:89:ef:c1:37:a7:33:6e:64:37:
88:8c:76:f3:74:d5:d1:96:20:2d:7a:13:f7:0e:ac:
2d:f4:f6:c1:80:5a:80:6a:c1:1f:91:00:b1:43:f5:
58:48:99:b7:ce:ec:24:e7:f1:fe:a8:6d:3a:8c:59:
f7:21:54:db:b7:b3:f3:b1:2b:b6:a4:dc:36:64:44:
75:f4:cc:48:90:0b:b9:7d:dc:4e:f7:e0:10:1b:89:
9a:f9:40:66:06:a0:d2:0f:7d:ed:b9:61:94:18:88:
8f:37:6d:0a:46:6d:85:77:9d:d4:0e:44:45:9b:a6:
17:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:2F:FB:D9:3E:66:24:00:6A:81:2A:96:0E:E4:2E:F7:1D:A5:C7:0E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS62000.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.68.0/24
Signature Algorithm: sha256WithRSAEncryption
10:bc:9e:5a:85:93:9e:9e:74:e8:7a:d0:8c:6c:ff:15:7e:5b:
13:58:4b:d8:b3:10:f4:5f:d8:c6:e7:9c:8e:d2:2f:12:d5:1d:
10:fa:6b:f9:be:38:f6:5a:95:f5:69:f7:93:d7:1d:4e:be:33:
95:8a:87:38:63:eb:c2:c9:af:f4:7c:5a:04:f2:06:4c:42:d5:
28:83:5d:fa:7d:97:c4:1f:5e:ba:73:b5:f4:95:7d:ff:c5:58:
b0:f4:ff:e0:04:25:15:10:d4:dc:57:6d:61:af:fb:4a:bb:4e:
12:6d:a9:c8:d5:68:93:5f:af:f8:a4:2a:42:84:11:5a:df:43:
4d:a1:bb:32:4a:c4:75:56:cd:e9:66:fa:bc:fe:b9:6c:58:9e:
ed:9e:29:43:6a:5e:26:ea:78:18:04:57:af:63:60:bb:e0:cf:
fb:0b:62:24:bd:b3:f2:e4:a8:31:28:c4:49:83:55:e0:f5:96:
2a:06:32:16:ab:39:3b:2c:f4:7d:28:3b:09:6e:fe:98:e4:52:
f4:ba:20:f3:d3:47:e2:5c:15:a4:3a:35:79:f7:3d:91:1c:3d:
0e:da:8b:c1:19:a7:2d:a8:9e:a7:4a:3e:29:0a:02:53:f3:b9:
bd:79:7e:b5:bd:47:11:e0:0f:02:59:66:47:65:6b:7a:04:88:
47:4c:c9:53
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUQSfeRkfdnGlN+A0BO6t6O0vIU2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMDMyMTUwMzZaFw0yNzAyMDIyMTU1MzZaMDMxMTAvBgNV
BAMTKDQzMkZGQkQ5M0U2NjI0MDA2QTgxMkE5NjBFRTQyRUY3MURBNUM3MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaoy2kVp0c5GuGhaFSrFk+Do58
Ka6dbP4wsfz+qPbBdsl0TAXLjmMrBpeN+SKjMp3QyUySl82lmRThVKsMOw60EGFh
SpF8Wr3VZ8rV7dmicJp1ewrgUgaC+2YPvE8QuWMCxPhX+9fvUVM1aY0nqDYWPGCF
FXMgJWy/JT5gNGN5uqe7FLY26GIcmsHYaYnvwTenM25kN4iMdvN01dGWIC16E/cO
rC309sGAWoBqwR+RALFD9VhImbfO7CTn8f6obTqMWfchVNu3s/OxK7ak3DZkRHX0
zEiQC7l93E734BAbiZr5QGYGoNIPfe25YZQYiI83bQpGbYV3ndQOREWbphcJAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUQy/72T5mJABqgSqWDuQu9x2lxw4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjIwMDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSGkQw
DQYJKoZIhvcNAQELBQADggEBABC8nlqFk56edOh60Ixs/xV+WxNYS9izEPRf2Mbn
nI7SLxLVHRD6a/m+OPZalfVp95PXHU6+M5WKhzhj68LJr/R8WgTyBkxC1SiDXfp9
l8QfXrpztfSVff/FWLD0/+AEJRUQ1NxXbWGv+0q7ThJtqcjVaJNfr/ikKkKEEVrf
Q02huzJKxHVWzelm+rz+uWxYnu2eKUNqXibqeBgEV69jYLvgz/sLYiS9s/LkqDEo
xEmDVeD1lioGMharOTss9H0oOwlu/pjkUvS6IPPTR+JcFaQ6NXn3PZEcPQ7ai8EZ
py2onqdKPikKAlPzub15frW9RxHgDwJZZkdla3oEiEdMyVM=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:13:24 2026 by rpki-client