Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e332e33362e302f32342d3234203d3e20313437303439.roa
File: 36322e332e33362e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: PahDyh0LClmxtxPYFSQL1GsfR9P+A8Ydi7HDD8zvxIY=
Subject key identifier: 4F:27:6A:49:7D:E4:A8:7F:48:5E:B3:9F:F7:6F:4F:01:DC:91:93:8B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0EBF0D5E144EFFE972BDA3E481699013C155421F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e332e33362e302f32342d3234203d3e20313437303439.roa
Signing time: Fri 24 Oct 2025 07:47:59 +0000
ROA not before: Fri 24 Oct 2025 07:42:59 +0000
ROA not after: Fri 23 Oct 2026 07:47:59 +0000
asID: 147049
IP address blocks: 62.3.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:bf:0d:5e:14:4e:ff:e9:72:bd:a3:e4:81:69:90:13:c1:55:42:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 24 07:42:59 2025 GMT
Not After : Oct 23 07:47:59 2026 GMT
Subject: CN=4F276A497DE4A87F485EB39FF76F4F01DC91938B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:70:ae:46:12:b2:66:e5:bd:4f:1d:9f:ce:a8:
61:d8:03:fc:cd:91:38:ec:cb:06:1f:52:94:3c:3b:
c8:a1:cd:b1:8e:0b:c8:55:a8:0b:51:06:78:cc:d0:
07:75:98:c6:35:64:71:a7:ff:b6:1d:45:d9:91:08:
c0:29:0b:07:de:be:79:80:5f:90:06:b8:3d:56:41:
7d:3b:bf:8e:a0:13:bc:10:f5:3f:38:9c:a1:ef:27:
d7:b8:b4:89:a3:2d:22:a8:88:7e:66:06:8d:54:bc:
ae:82:6c:69:c0:f3:ea:a1:94:f8:58:28:66:1d:a1:
f7:85:cc:a4:18:c9:54:76:5b:05:97:a0:ba:4c:9e:
4c:ae:c1:ff:f4:cf:68:d2:e5:65:74:03:a1:03:07:
f8:95:88:8a:1c:2e:49:83:9c:f5:36:00:e2:9d:86:
99:e4:15:3d:9e:0e:3b:19:f1:10:ce:9c:39:75:0f:
0b:6c:f0:db:0f:83:b3:aa:85:c8:97:f2:8a:fc:43:
5a:76:b8:28:31:5e:b9:4b:98:47:0d:bb:40:d4:c9:
6e:06:33:d3:8a:d3:35:a5:fa:b5:35:5f:9c:c1:8c:
7a:c4:9e:09:dd:94:4b:ee:ca:9b:6e:df:06:ef:73:
0f:5b:59:73:c1:c9:26:fb:44:95:10:73:f8:de:77:
7e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:27:6A:49:7D:E4:A8:7F:48:5E:B3:9F:F7:6F:4F:01:DC:91:93:8B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e332e33362e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.36.0/24
Signature Algorithm: sha256WithRSAEncryption
75:7e:bc:2a:37:91:f7:1b:49:3a:52:6c:89:33:68:76:c1:a5:
80:f0:29:1b:b8:b4:9e:06:37:2c:33:e9:1b:91:c0:fa:b7:d6:
a3:bc:7b:f8:2c:90:cf:de:81:25:b5:59:36:81:25:32:49:89:
d0:e4:c2:98:27:a1:65:f8:9b:15:54:66:7d:88:94:12:14:60:
79:c0:25:36:7d:bd:44:c3:7e:04:21:3d:28:46:8f:fa:e4:7e:
9b:69:79:64:b3:73:ab:7c:58:62:e9:06:66:42:99:3a:12:8e:
5b:0e:39:32:c3:60:5f:78:c7:51:69:4a:9d:98:44:41:ec:68:
d8:ab:ad:71:2d:54:20:2e:03:43:93:b4:c7:f1:35:56:be:6e:
ce:30:9c:0f:50:34:36:8f:a0:bf:e0:e3:ff:66:4d:a7:05:c8:
81:7a:cf:da:82:9e:4b:7c:5c:b1:cc:78:af:7a:32:90:90:24:
f6:fb:b1:54:ab:49:08:68:e1:c6:88:d5:d0:ee:1f:7d:16:57:
7b:a6:64:84:0f:ad:5a:d7:3b:77:e0:60:66:d5:93:01:be:a3:
75:c8:9a:a5:75:ad:32:93:07:eb:48:58:21:1d:c8:b6:bc:93:
c1:2d:75:4f:da:4c:58:3e:94:3f:08:a8:ee:fa:87:8f:42:a0:
9e:f3:62:e7
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUDr8NXhRO/+lyvaPkgWmQE8FVQh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjQwNzQyNTlaFw0yNjEwMjMwNzQ3NTlaMDMxMTAvBgNV
BAMTKDRGMjc2QTQ5N0RFNEE4N0Y0ODVFQjM5RkY3NkY0RjAxREM5MTkzOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxcK5GErJm5b1PHZ/OqGHYA/zN
kTjsywYfUpQ8O8ihzbGOC8hVqAtRBnjM0Ad1mMY1ZHGn/7YdRdmRCMApCwfevnmA
X5AGuD1WQX07v46gE7wQ9T84nKHvJ9e4tImjLSKoiH5mBo1UvK6CbGnA8+qhlPhY
KGYdofeFzKQYyVR2WwWXoLpMnkyuwf/0z2jS5WV0A6EDB/iViIocLkmDnPU2AOKd
hpnkFT2eDjsZ8RDOnDl1Dwts8NsPg7OqhciX8or8Q1p2uCgxXrlLmEcNu0DUyW4G
M9OK0zWl+rU1X5zBjHrEngndlEvuyptu3wbvcw9bWXPBySb7RJUQc/jed34tAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUTydqSX3kqH9IXrOf929PAdyRk4swHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNjMyMmUzMzJlMzMz
NjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AD4DJDANBgkqhkiG9w0BAQsFAAOCAQEAdX68KjeR9xtJOlJsiTNodsGlgPApG7i0
ngY3LDPpG5HA+rfWo7x7+CyQz96BJbVZNoElMkmJ0OTCmCehZfibFVRmfYiUEhRg
ecAlNn29RMN+BCE9KEaP+uR+m2l5ZLNzq3xYYukGZkKZOhKOWw45MsNgX3jHUWlK
nZhEQexo2KutcS1UIC4DQ5O0x/E1Vr5uzjCcD1A0No+gv+Dj/2ZNpwXIgXrP2oKe
S3xcscx4r3oykJAk9vuxVKtJCGjhxojV0O4ffRZXe6ZkhA+tWtc7d+BgZtWTAb6j
dciapXWtMpMH60hYIR3ItryTwS11T9pMWD6UPwio7vqHj0KgnvNi5w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:46:47 2025 by rpki-client