Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
File: AS3356.roa (raw, json)
Hash identifier: Ha2L1W4Vy15yJl/seXXG26b6KAe1awrUubqVIGb0pwc=
Subject key identifier: 7C:A2:35:6E:44:CC:55:C1:22:63:57:A8:D3:72:9A:66:D1:F5:00:F5
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4C8A72582D343390217D2220E493DFB382FEA516
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
Signing time: Wed 16 Jul 2025 14:54:13 +0000
ROA not before: Wed 16 Jul 2025 14:49:13 +0000
ROA not after: Wed 15 Jul 2026 14:54:13 +0000
asID: 3356
IP address blocks: 5.252.72.0/24 maxlen: 24
45.89.248.0/24 maxlen: 24
45.89.255.0/24 maxlen: 24
45.133.169.0/24 maxlen: 24
45.133.171.0/24 maxlen: 24
89.19.47.0/24 maxlen: 24
92.118.161.0/24 maxlen: 24
130.185.126.0/24 maxlen: 24
141.98.91.0/24 maxlen: 24
179.61.128.0/24 maxlen: 24
179.61.135.0/24 maxlen: 24
179.61.139.0/24 maxlen: 24
179.61.160.0/24 maxlen: 24
179.61.162.0/24 maxlen: 24
179.61.172.0/24 maxlen: 24
181.214.12.0/24 maxlen: 24
181.214.13.0/24 maxlen: 24
181.214.16.0/24 maxlen: 24
181.215.38.0/24 maxlen: 24
181.215.133.0/24 maxlen: 24
181.215.171.0/24 maxlen: 24
185.158.150.0/24 maxlen: 24
191.96.41.0/24 maxlen: 24
191.101.60.0/24 maxlen: 24
191.101.208.0/24 maxlen: 24
213.109.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:8a:72:58:2d:34:33:90:21:7d:22:20:e4:93:df:b3:82:fe:a5:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 16 14:49:13 2025 GMT
Not After : Jul 15 14:54:13 2026 GMT
Subject: CN=7CA2356E44CC55C1226357A8D3729A66D1F500F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:00:c5:fa:4e:73:51:57:e4:0e:62:1d:93:86:
0f:4a:87:34:7c:54:48:8c:6a:c8:e9:37:7d:ea:f4:
14:e5:e0:68:c6:dd:5d:b1:fc:9a:35:c4:8b:04:8c:
0b:ff:6e:a7:35:0c:94:e6:f8:86:2d:dc:96:83:6c:
4e:3e:41:92:ab:b0:94:c4:10:60:08:b4:70:5c:6d:
0d:b8:dc:d2:3e:a3:7d:c6:39:9f:c2:3b:87:69:02:
eb:99:45:bf:f5:fe:a7:47:15:18:33:60:64:9d:3c:
13:ba:38:9c:fd:e1:06:d6:8e:24:e9:c3:ce:15:c4:
aa:c7:8a:7c:79:62:8e:b7:bc:05:68:7f:0e:c8:19:
b6:d6:98:c2:da:17:cc:5c:b9:70:5b:56:6a:a6:9b:
7d:8e:08:a6:72:39:b1:37:db:2d:bf:c7:c8:a7:aa:
a7:31:a4:89:34:37:7f:59:d2:4f:b2:bd:63:c4:de:
1e:ed:c6:78:76:85:79:0b:80:6a:19:0b:4e:ee:fb:
0b:56:42:70:da:b4:57:cb:53:eb:80:6b:b0:5a:36:
23:bd:aa:84:0d:2f:63:8a:99:02:4e:72:da:e5:7a:
44:9c:f6:7f:c6:01:15:f1:41:46:82:c3:a6:7b:d8:
16:6b:d7:13:e5:11:f6:57:8a:84:84:d7:e0:d4:71:
d8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A2:35:6E:44:CC:55:C1:22:63:57:A8:D3:72:9A:66:D1:F5:00:F5
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.72.0/24
45.89.248.0/24
45.89.255.0/24
45.133.169.0/24
45.133.171.0/24
89.19.47.0/24
92.118.161.0/24
130.185.126.0/24
141.98.91.0/24
179.61.128.0/24
179.61.135.0/24
179.61.139.0/24
179.61.160.0/24
179.61.162.0/24
179.61.172.0/24
181.214.12.0/23
181.214.16.0/24
181.215.38.0/24
181.215.133.0/24
181.215.171.0/24
185.158.150.0/24
191.96.41.0/24
191.101.60.0/24
191.101.208.0/24
213.109.170.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:29:eb:04:2d:b0:7d:89:ab:b7:a5:58:ad:2c:aa:90:fa:bf:
97:bd:b2:4a:7a:a6:38:6e:23:77:07:ed:6b:8d:18:0f:f8:a7:
ad:11:6c:a2:64:6e:5c:68:78:ca:52:6a:76:af:48:67:1e:f7:
9f:50:35:36:2b:9d:1d:bf:d5:a9:c5:e5:c3:d2:b3:da:b5:27:
36:a9:57:8c:30:dd:78:7b:50:98:06:d2:73:f7:71:9b:18:64:
1e:a8:15:5d:e3:54:76:c5:1d:76:64:55:e5:66:d1:fd:e0:db:
53:7d:6c:c8:32:36:63:f0:24:33:f2:21:41:53:98:8a:d7:4b:
81:87:98:98:ce:ac:9a:ea:79:78:d4:fa:82:f0:20:4f:66:88:
12:e1:26:f6:4f:4c:fb:57:b8:f6:60:dd:ea:29:2d:f8:4b:83:
03:85:b8:ba:bd:27:ca:99:8c:04:bb:8e:88:e9:de:d9:f1:0b:
92:67:21:f2:c2:53:3c:59:f8:9d:fd:0c:07:6c:21:76:ba:c6:
58:f3:cd:c3:dd:df:86:ae:a2:17:15:08:c2:49:3a:00:36:89:
38:51:c6:31:81:1a:04:98:78:28:9a:f8:22:38:76:7c:d7:7f:
c5:ed:19:e1:ba:a2:c6:89:db:2d:30:05:1b:39:d8:62:1b:08:
e5:2c:74:0c
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIUTIpyWC00M5AhfSIg5JPfs4L+pRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MTYxNDQ5MTNaFw0yNjA3MTUxNDU0MTNaMDMxMTAvBgNV
BAMTKDdDQTIzNTZFNDRDQzU1QzEyMjYzNTdBOEQzNzI5QTY2RDFGNTAwRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZAMX6TnNRV+QOYh2Thg9KhzR8
VEiMasjpN33q9BTl4GjG3V2x/Jo1xIsEjAv/bqc1DJTm+IYt3JaDbE4+QZKrsJTE
EGAItHBcbQ243NI+o33GOZ/CO4dpAuuZRb/1/qdHFRgzYGSdPBO6OJz94QbWjiTp
w84VxKrHinx5Yo63vAVofw7IGbbWmMLaF8xcuXBbVmqmm32OCKZyObE32y2/x8in
qqcxpIk0N39Z0k+yvWPE3h7txnh2hXkLgGoZC07u+wtWQnDatFfLU+uAa7BaNiO9
qoQNL2OKmQJOctrlekSc9n/GARXxQUaCw6Z72BZr1xPlEfZXioSE1+DUcdi/AgMB
AAGjggKdMIICmTAdBgNVHQ4EFgQUfKI1bkTMVcEiY1eo03KaZtH1APUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBswYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQA
BfxIAwQALVn4AwQALVn/AwQALYWpAwQALYWrAwQAWRMvAwQAXHahAwQAgrl+AwQA
jWJbAwQAsz2AAwQAsz2HAwQAsz2LAwQAsz2gAwQAsz2iAwQAsz2sAwQBtdYMAwQA
tdYQAwQAtdcmAwQAtdeFAwQAtderAwQAuZ6WAwQAv2ApAwQAv2U8AwQAv2XQAwQA
1W2qMA0GCSqGSIb3DQEBCwUAA4IBAQC2KesELbB9iau3pVitLKqQ+r+XvbJKeqY4
biN3B+1rjRgP+KetEWyiZG5caHjKUmp2r0hnHvefUDU2K50dv9WpxeXD0rPatSc2
qVeMMN14e1CYBtJz93GbGGQeqBVd41R2xR12ZFXlZtH94NtTfWzIMjZj8CQz8iFB
U5iK10uBh5iYzqya6nl41PqC8CBPZogS4Sb2T0z7V7j2YN3qKS34S4MDhbi6vSfK
mYwEu46I6d7Z8QuSZyHywlM8Wfid/QwHbCF2usZY883D3d+GrqIXFQjCSToANok4
UcYxgRoEmHgomvgiOHZ813/F7RnhuqLGidstMAUbOdhiGwjlLHQM
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:08:45 2025 by rpki-client