Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136302e302f32342d3234203d3e203633313939.roa
File: 36322e38342e3136302e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: 8zq4Cb361a2tGm5lT1ZN6x0FfbpNSHMOodr8i0fDRN0=
Subject key identifier: 0B:A6:35:EE:0A:AF:59:2C:06:44:1D:D3:33:E5:7D:6D:4B:AE:D2:16
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 54851A22FD182DCF90D2822D6D17B630FD3FD91A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136302e302f32342d3234203d3e203633313939.roa
Signing time: Mon 02 Feb 2026 14:00:12 +0000
ROA not before: Mon 02 Feb 2026 13:55:12 +0000
ROA not after: Mon 01 Feb 2027 14:00:12 +0000
asID: 63199
IP address blocks: 62.84.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:85:1a:22:fd:18:2d:cf:90:d2:82:2d:6d:17:b6:30:fd:3f:d9:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 2 13:55:12 2026 GMT
Not After : Feb 1 14:00:12 2027 GMT
Subject: CN=0BA635EE0AAF592C06441DD333E57D6D4BAED216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b3:d1:db:48:64:3e:40:87:fd:69:af:91:10:
05:f5:4e:21:89:32:a6:ef:97:fe:7a:e9:d2:16:94:
fe:fd:81:94:c4:1f:9d:ca:0c:99:18:69:20:20:e8:
29:b4:58:10:2e:e7:ce:4b:e9:aa:6a:f3:b3:aa:72:
29:a4:1d:f7:97:b0:21:a1:02:28:59:06:6e:a3:8b:
d2:9e:b8:35:7b:a3:18:69:3d:29:56:33:66:f5:4a:
8f:0a:25:ca:7e:ae:9a:bf:63:a0:9e:57:f6:cc:58:
bd:3e:ff:57:f7:93:03:e2:2d:7a:6d:d8:8f:b7:5c:
fe:78:d7:c4:2c:b1:2b:8c:ad:2d:28:04:44:86:69:
13:4d:a1:76:5d:3d:a8:f4:b0:4a:72:ef:50:65:c5:
95:f2:5f:43:af:b3:5a:75:7c:ac:10:3b:be:4c:0f:
8a:24:a6:8e:48:04:bd:d9:4b:d9:1b:f1:e7:d5:9c:
da:8b:f2:a9:43:f4:19:62:91:ad:d8:9b:1d:65:d0:
85:71:37:54:09:6d:ce:3a:c9:4f:2a:ce:fe:07:5b:
cf:71:a9:9f:ea:06:34:c0:ca:cf:98:0a:df:ee:c2:
bb:d1:6f:10:6c:17:26:72:29:ec:a4:17:c9:a3:eb:
e6:0a:79:dc:8d:e3:18:8b:1c:93:7b:ee:df:65:48:
3f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A6:35:EE:0A:AF:59:2C:06:44:1D:D3:33:E5:7D:6D:4B:AE:D2:16
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e38342e3136302e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.160.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:ca:90:c8:0e:28:0a:61:92:e0:82:17:4a:d6:b0:cd:d1:4a:
50:74:f4:7b:b7:25:28:c5:18:66:68:cf:b6:cb:76:31:05:7e:
be:01:57:d2:26:c0:b1:40:52:47:7f:26:f7:c2:94:2b:96:49:
79:93:67:2f:3a:83:aa:99:b1:57:de:07:33:fc:32:53:47:e6:
aa:db:c3:cc:16:96:da:05:5b:b9:ab:8f:c9:6c:ff:4b:74:cb:
53:13:bd:19:b9:23:6c:ea:c7:63:3f:20:be:47:e3:9f:f1:a7:
4f:b4:73:5f:ec:ce:ae:79:70:c2:c8:99:a2:7a:34:ac:55:06:
1c:c8:3a:bc:1e:b7:09:c0:fb:76:11:0d:2a:43:d3:b5:01:0d:
1e:bd:89:0f:85:39:0a:a2:84:c2:f0:52:d7:77:dd:8d:20:83:
17:5e:fe:60:e9:cf:86:e9:b0:c9:21:ae:d7:38:b4:4e:94:89:
ae:59:6e:06:75:92:aa:cf:86:8a:e8:c9:e2:5c:98:a8:1a:3e:
f3:db:ab:ec:2b:8c:e0:d5:8d:22:6d:2c:c9:cc:45:ad:04:a1:
37:03:7e:59:43:4c:37:bc:f9:ee:a7:39:b5:1d:51:8e:e0:59:
02:94:36:6d:07:5c:53:ea:47:fe:ea:ba:a2:3d:43:1d:ae:81:
e8:3b:75:7b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUVIUaIv0YLc+Q0oItbRe2MP0/2RowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAyMDIxMzU1MTJaFw0yNzAyMDExNDAwMTJaMDMxMTAvBgNV
BAMTKDBCQTYzNUVFMEFBRjU5MkMwNjQ0MUREMzMzRTU3RDZENEJBRUQyMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+s9HbSGQ+QIf9aa+REAX1TiGJ
Mqbvl/566dIWlP79gZTEH53KDJkYaSAg6Cm0WBAu585L6apq87OqcimkHfeXsCGh
AihZBm6ji9KeuDV7oxhpPSlWM2b1So8KJcp+rpq/Y6CeV/bMWL0+/1f3kwPiLXpt
2I+3XP5418QssSuMrS0oBESGaRNNoXZdPaj0sEpy71BlxZXyX0Ovs1p1fKwQO75M
D4okpo5IBL3ZS9kb8efVnNqL8qlD9Blika3Ymx1l0IVxN1QJbc46yU8qzv4HW89x
qZ/qBjTAys+YCt/uwrvRbxBsFyZyKeykF8mj6+YKedyN4xiLHJN77t9lSD8ZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUC6Y17gqvWSwGRB3TM+V9bUuu0hYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzgzNDJlMzEzNjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMzMxMzkzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD5U
oDANBgkqhkiG9w0BAQsFAAOCAQEAX8qQyA4oCmGS4IIXStawzdFKUHT0e7clKMUY
ZmjPtst2MQV+vgFX0ibAsUBSR38m98KUK5ZJeZNnLzqDqpmxV94HM/wyU0fmqtvD
zBaW2gVbuauPyWz/S3TLUxO9GbkjbOrHYz8gvkfjn/GnT7RzX+zOrnlwwsiZono0
rFUGHMg6vB63CcD7dhENKkPTtQENHr2JD4U5CqKEwvBS13fdjSCDF17+YOnPhumw
ySGu1zi0TpSJrlluBnWSqs+GiujJ4lyYqBo+89ur7CuM4NWNIm0sycxFrQShNwN+
WUNMN7z57qc5tR1RjuBZApQ2bQdcU+pH/uq6oj1DHa6B6Dt1ew==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:16:22 2026 by rpki-client