Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS62000.roa
File: AS62000.roa (raw, json)
Hash identifier: fptfvn0DwD670nJDwr7yrMyEbdnnL4G/aTQNr1T7tFA=
Subject key identifier: 68:7D:78:B7:44:4B:C1:D1:88:14:7A:1E:81:26:1A:8B:8A:C6:EF:2C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 32ADC6EA86E76EA90C10CBB427DA4921F6061DD9
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS62000.roa
Signing time: Fri 31 Oct 2025 19:55:11 +0000
ROA not before: Fri 31 Oct 2025 19:50:11 +0000
ROA not after: Fri 30 Oct 2026 19:55:11 +0000
asID: 62000
IP address blocks: 46.203.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:ad:c6:ea:86:e7:6e:a9:0c:10:cb:b4:27:da:49:21:f6:06:1d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 31 19:50:11 2025 GMT
Not After : Oct 30 19:55:11 2026 GMT
Subject: CN=687D78B7444BC1D188147A1E81261A8B8AC6EF2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:31:91:9c:21:56:c5:91:39:d6:eb:6d:b2:d5:
a1:cc:7a:89:1f:ae:31:15:ca:f7:c3:ae:64:e9:5a:
7b:75:2a:97:99:ef:44:1f:85:4b:c3:c3:2c:59:7c:
96:42:90:aa:13:d9:eb:94:94:57:1f:9c:da:63:59:
cf:c4:97:c8:a0:ad:3e:ea:32:af:bb:7a:d3:b3:53:
ee:b6:68:2a:3d:9d:7e:3d:a0:b1:dc:c5:e6:d3:96:
58:d7:6a:4c:4a:17:3b:61:8b:28:81:f6:7f:5c:0b:
01:96:c9:fc:29:e3:e3:0e:3c:b2:00:73:5b:28:26:
15:53:ba:e4:74:6a:33:d9:15:50:50:8c:10:af:a8:
ff:a2:31:5a:60:a1:b1:06:81:54:88:53:ad:c2:2f:
58:ae:4c:21:69:af:65:cb:71:43:a2:97:f0:dd:11:
32:4f:44:fe:de:c7:7b:17:49:fe:c3:8a:d0:af:c1:
a4:ce:1c:a6:f8:e2:4e:e9:e0:c3:40:e5:b0:05:3c:
e7:69:7c:78:c9:46:46:35:53:da:4f:2b:e5:eb:90:
33:e5:d9:fb:af:3c:e2:bb:94:b6:9d:ef:96:f0:b6:
b9:74:2b:76:8b:6b:54:ec:87:6b:65:1e:3b:ee:0e:
94:7d:84:a7:cc:f9:24:05:d0:9f:97:73:be:de:e8:
43:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7D:78:B7:44:4B:C1:D1:88:14:7A:1E:81:26:1A:8B:8A:C6:EF:2C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS62000.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.90.0/24
Signature Algorithm: sha256WithRSAEncryption
96:98:d7:7e:ef:4f:95:0e:2b:da:3a:5b:72:a0:b1:44:39:d8:
fb:e2:cd:59:3c:7c:4e:9d:db:60:80:ee:13:bc:aa:c4:00:e1:
72:fd:96:95:8b:84:fa:aa:84:34:51:c0:a4:3d:dd:f8:fb:de:
83:25:87:aa:8a:14:b1:ec:9d:dc:60:66:5b:7d:ca:f4:5f:ee:
18:13:e2:91:61:7c:44:4d:71:7d:b5:33:63:8a:d2:5f:66:1a:
2d:b3:d9:71:d6:2d:50:10:24:eb:c2:80:05:80:0e:9f:64:16:
50:8c:43:43:4f:c1:79:c5:c8:ff:c0:c8:7a:63:91:ce:34:0d:
d4:9e:0a:58:a2:74:23:3c:60:32:d9:da:f4:ed:00:03:24:2b:
a8:e9:8a:6d:af:ea:ca:4c:f9:32:8d:75:24:dd:06:c0:68:ac:
08:65:94:0d:4d:84:1f:86:d7:6d:a3:48:0d:1d:76:60:8e:cc:
46:fe:32:0c:7a:bd:86:79:71:b5:a2:5c:dc:3e:9b:82:48:d4:
33:6f:d0:97:e1:96:d8:69:93:00:e0:0c:52:68:1f:27:d9:6b:
de:4d:6b:60:dd:b0:f4:20:30:06:05:07:4f:e0:7f:7a:f0:82:
33:53:de:e1:69:15:36:af:9c:01:46:b2:c4:19:85:0e:da:37:
01:6d:19:6e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUMq3G6obnbqkMEMu0J9pJIfYGHdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMzExOTUwMTFaFw0yNjEwMzAxOTU1MTFaMDMxMTAvBgNV
BAMTKDY4N0Q3OEI3NDQ0QkMxRDE4ODE0N0ExRTgxMjYxQThCOEFDNkVGMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3MZGcIVbFkTnW622y1aHMeokf
rjEVyvfDrmTpWnt1KpeZ70QfhUvDwyxZfJZCkKoT2euUlFcfnNpjWc/El8igrT7q
Mq+7etOzU+62aCo9nX49oLHcxebTlljXakxKFzthiyiB9n9cCwGWyfwp4+MOPLIA
c1soJhVTuuR0ajPZFVBQjBCvqP+iMVpgobEGgVSIU63CL1iuTCFpr2XLcUOil/Dd
ETJPRP7ex3sXSf7DitCvwaTOHKb44k7p4MNA5bAFPOdpfHjJRkY1U9pPK+XrkDPl
2fuvPOK7lLad75bwtrl0K3aLa1Tsh2tlHjvuDpR9hKfM+SQF0J+Xc77e6EMZAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUaH14t0RLwdGIFHoegSYai4rG7ywwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNjIwMDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAuy1ow
DQYJKoZIhvcNAQELBQADggEBAJaY137vT5UOK9o6W3KgsUQ52PvizVk8fE6d22CA
7hO8qsQA4XL9lpWLhPqqhDRRwKQ93fj73oMlh6qKFLHsndxgZlt9yvRf7hgT4pFh
fERNcX21M2OK0l9mGi2z2XHWLVAQJOvCgAWADp9kFlCMQ0NPwXnFyP/AyHpjkc40
DdSeCliidCM8YDLZ2vTtAAMkK6jpim2v6spM+TKNdSTdBsBorAhllA1NhB+G122j
SA0ddmCOzEb+Mgx6vYZ5cbWiXNw+m4JI1DNv0JfhlthpkwDgDFJoHyfZa95Na2Dd
sPQgMAYFB0/gf3rwgjNT3uFpFTavnAFGssQZhQ7aNwFtGW4=
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:05:03 2025 by rpki-client