Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
File: AS36530.roa (raw, json)
Hash identifier: 9yHmMgb62xXuVX9wwgDfOAC9AU9JaVUa2jD4b6sJfPw=
Subject key identifier: C6:55:59:09:8C:54:0C:6B:1B:CC:3A:8D:56:CF:2C:97:FD:D8:37:18
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3E8FBAD8054DCA47B3A8FF661CD34C89B8D96B83
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
Signing time: Thu 17 Jul 2025 16:35:39 +0000
ROA not before: Thu 17 Jul 2025 16:30:39 +0000
ROA not after: Thu 16 Jul 2026 16:35:39 +0000
asID: 36530
IP address blocks: 96.62.115.0/24 maxlen: 24
96.62.152.0/24 maxlen: 24
143.14.1.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:8f:ba:d8:05:4d:ca:47:b3:a8:ff:66:1c:d3:4c:89:b8:d9:6b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 17 16:30:39 2025 GMT
Not After : Jul 16 16:35:39 2026 GMT
Subject: CN=C65559098C540C6B1BCC3A8D56CF2C97FDD83718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a9:25:e0:8f:f6:a8:fb:bc:5c:84:e2:6e:92:
88:5e:c9:11:66:47:4a:80:5a:fb:f7:83:4f:a8:21:
f4:97:f9:44:01:66:e3:84:a2:70:f1:ff:5d:e3:0c:
bb:71:b4:c0:49:97:90:fb:87:75:e5:d6:7d:37:7a:
16:62:db:e9:ee:10:45:ee:51:74:6b:c9:79:fc:78:
e1:47:c6:cb:54:04:a0:b5:4d:1b:6d:11:28:92:84:
15:20:db:06:6f:02:8b:7e:2d:52:eb:4d:98:0a:1c:
24:8b:e0:76:10:90:8c:38:09:d1:4d:14:67:5c:2a:
ab:13:4c:10:ec:49:83:03:58:26:83:7d:fd:a2:34:
a1:de:a7:61:21:85:d3:f5:04:aa:76:d7:9e:15:1f:
43:b8:7c:4c:7e:de:90:dd:23:f9:19:6b:97:e4:51:
48:b1:87:d6:e3:d6:ad:74:50:85:ec:f4:0b:95:ef:
d8:bb:02:54:12:9c:56:70:24:c1:df:e9:c4:e2:c8:
25:97:dd:62:c4:c4:fc:40:d6:9b:df:a0:f0:ce:83:
94:50:47:45:16:3e:7e:e4:e8:a7:12:a2:59:9a:8e:
e3:5e:d4:a4:14:7d:7f:7f:a1:00:ed:46:b7:97:b8:
bd:b1:bd:53:46:eb:4d:95:03:d5:b2:f9:a5:1c:5c:
ba:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:55:59:09:8C:54:0C:6B:1B:CC:3A:8D:56:CF:2C:97:FD:D8:37:18
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.115.0/24
96.62.152.0/24
143.14.1.0/24
148.135.181.0/24
Signature Algorithm: sha256WithRSAEncryption
16:65:1f:61:02:14:17:4c:e4:4d:b4:d4:a5:6f:8d:fb:d8:0c:
e1:7e:c2:8a:95:1f:08:12:aa:db:59:a5:e3:46:aa:74:f2:f3:
a2:ea:4b:2a:9b:80:e2:ac:6d:3a:1c:62:40:26:e4:fb:bf:af:
c0:34:a8:b4:2c:38:77:55:0d:04:03:56:f0:96:5a:98:46:4a:
b6:5a:47:0c:28:aa:25:50:28:7a:7f:b9:2f:57:c9:a5:6d:c1:
0e:c6:04:9e:a1:70:98:d2:d7:44:2c:bf:d0:40:4f:ef:be:54:
8f:b0:da:ae:c8:54:46:fc:6e:b2:44:8c:1a:46:9e:d6:4f:9e:
98:e0:7a:ed:af:bb:24:c6:88:5f:e7:74:f5:d4:e5:13:2c:55:
47:17:b7:8a:3d:e8:a9:09:7b:86:25:cd:3f:69:ac:d6:30:e2:
1d:f2:5a:32:92:72:03:53:3e:41:dc:e5:53:00:5b:b8:d7:86:
02:41:13:0e:73:70:af:62:72:d3:46:57:8f:3d:5a:75:13:27:
a9:46:c8:9d:d2:7e:39:ba:8b:7b:a0:a1:40:50:f7:fa:ac:20:
96:21:fd:d8:ee:ab:ff:b3:67:26:4b:41:76:84:bc:bd:0b:70:
b7:fc:25:61:d9:9d:b5:50:31:4d:81:63:cb:88:92:36:2c:27:
11:5d:43:4e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUPo+62AVNykezqP9mHNNMibjZa4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTcxNjMwMzlaFw0yNjA3MTYxNjM1MzlaMDMxMTAvBgNV
BAMTKEM2NTU1OTA5OEM1NDBDNkIxQkNDM0E4RDU2Q0YyQzk3RkREODM3MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGqSXgj/ao+7xchOJukoheyRFm
R0qAWvv3g0+oIfSX+UQBZuOEonDx/13jDLtxtMBJl5D7h3Xl1n03ehZi2+nuEEXu
UXRryXn8eOFHxstUBKC1TRttESiShBUg2wZvAot+LVLrTZgKHCSL4HYQkIw4CdFN
FGdcKqsTTBDsSYMDWCaDff2iNKHep2EhhdP1BKp2154VH0O4fEx+3pDdI/kZa5fk
UUixh9bj1q10UIXs9AuV79i7AlQSnFZwJMHf6cTiyCWX3WLExPxA1pvfoPDOg5RQ
R0UWPn7k6KcSolmajuNe1KQUfX9/oQDtRreXuL2xvVNG602VA9Wy+aUcXLo9AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUxlVZCYxUDGsbzDqNVs8sl/3YNxgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzY1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABgPnMD
BABgPpgDBACPDgEDBACUh7UwDQYJKoZIhvcNAQELBQADggEBABZlH2ECFBdM5E20
1KVvjfvYDOF+woqVHwgSqttZpeNGqnTy86LqSyqbgOKsbTocYkAm5Pu/r8A0qLQs
OHdVDQQDVvCWWphGSrZaRwwoqiVQKHp/uS9XyaVtwQ7GBJ6hcJjS10Qsv9BAT+++
VI+w2q7IVEb8brJEjBpGntZPnpjgeu2vuyTGiF/ndPXU5RMsVUcXt4o96KkJe4Yl
zT9prNYw4h3yWjKScgNTPkHc5VMAW7jXhgJBEw5zcK9ictNGV489WnUTJ6lGyJ3S
fjm6i3ugoUBQ9/qsIJYh/djuq/+zZyZLQXaEvL0LcLf8JWHZnbVQMU2BY8uIkjYs
JxFdQ04=
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:58:55 2025 by rpki-client