Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS36231.roa
File: AS36231.roa (raw, json)
Hash identifier: Yd09NHzIM7dd+o3j+AVjbp2Qg69oE2yRXMzXZHVPZ0c=
Subject key identifier: 08:CB:E2:F3:A4:31:61:0E:6E:EF:F9:CF:FD:17:A8:75:60:70:BA:A3
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 069550516AAAE09497263E2322B6FF5A3375152E
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS36231.roa
Signing time: Tue 21 Oct 2025 21:58:24 +0000
ROA not before: Tue 21 Oct 2025 21:53:24 +0000
ROA not after: Tue 20 Oct 2026 21:58:24 +0000
asID: 36231
IP address blocks: 85.155.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:95:50:51:6a:aa:e0:94:97:26:3e:23:22:b6:ff:5a:33:75:15:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Oct 21 21:53:24 2025 GMT
Not After : Oct 20 21:58:24 2026 GMT
Subject: CN=08CBE2F3A431610E6EEFF9CFFD17A8756070BAA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ce:4e:e4:dc:bf:7c:af:67:cb:71:9a:8d:60:
b9:c6:a7:b9:94:82:13:33:0f:7c:e1:c4:12:44:67:
05:7a:69:a3:9f:7a:76:a2:8f:24:1d:63:19:09:a6:
9a:59:cf:5e:93:16:71:fd:6a:22:6e:1e:e8:b3:8b:
70:47:3a:fa:53:c7:54:18:05:9f:a1:ea:f8:d4:d1:
aa:c9:07:87:81:3e:92:ec:5d:3e:50:62:f2:91:2a:
6e:41:31:89:ed:0c:81:a8:10:c3:03:0e:7f:05:74:
87:13:d8:6f:70:68:5e:6b:47:31:96:2e:de:d9:da:
23:ac:7e:99:5a:ae:b3:b6:bd:83:9f:03:b0:3d:ac:
38:ea:7e:44:4a:e5:e7:0c:83:fc:8a:da:ee:64:d7:
a6:05:58:d5:fc:f1:b9:23:77:c4:c0:92:b1:77:b2:
d9:d5:be:c8:b3:25:71:5d:6b:42:b7:c7:3b:90:ae:
f9:5b:93:74:6f:e9:61:78:e2:6c:70:47:03:b2:13:
33:8c:f7:ee:e2:ad:41:4c:fb:fd:88:3f:36:f4:ab:
af:46:7e:ba:39:ba:be:77:5a:57:a1:87:95:2f:16:
50:41:ec:4d:d6:cc:6d:8d:29:37:db:2e:4b:4e:50:
73:8b:fd:fd:7c:00:3f:37:b4:f8:f5:07:31:7b:4c:
e7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CB:E2:F3:A4:31:61:0E:6E:EF:F9:CF:FD:17:A8:75:60:70:BA:A3
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS36231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.155.226.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:62:4f:44:df:4d:4c:58:6e:1e:57:85:5e:b5:af:ab:db:89:
83:9d:89:3a:03:6e:f7:40:7d:22:b3:4c:20:4f:d1:94:37:9f:
70:b3:b1:5c:e6:86:50:fb:2e:57:10:03:7c:d2:f2:ff:37:75:
41:13:ed:71:31:0d:36:ae:7a:cc:62:73:f6:56:c7:96:0d:5b:
e0:3d:3f:e6:60:b4:df:f9:02:c1:43:03:eb:f4:2f:ac:6e:c5:
87:c7:21:d0:06:41:68:df:69:f7:cd:29:c7:8c:ea:d7:33:57:
8a:2a:85:9f:41:45:91:86:8b:ae:c2:c1:b2:7b:0a:f7:cc:2c:
2f:1b:a9:d5:22:ec:3a:25:7d:f8:14:b4:e9:58:aa:85:8f:49:
a4:b3:34:bc:20:e0:89:11:62:97:38:05:59:39:0b:c1:b6:da:
29:7c:8a:bf:f0:c2:14:6e:90:31:8f:da:45:c7:9d:84:49:86:
4b:b5:e7:e9:07:98:67:f6:4c:0e:bc:7c:5a:48:cb:b1:a8:66:
81:89:53:d1:f1:b2:1d:3f:64:9d:bb:7b:d8:04:35:03:74:6e:
be:7f:0d:b0:3c:4b:f5:77:12:3a:a1:0f:a6:ed:de:57:3c:f9:
d4:b3:2c:e6:75:9e:e2:1f:29:3c:16:3c:f9:cb:2c:28:3c:12:
3b:5e:35:cb
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUBpVQUWqq4JSXJj4jIrb/WjN1FS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTEwMjEyMTUzMjRaFw0yNjEwMjAyMTU4MjRaMDMxMTAvBgNV
BAMTKDA4Q0JFMkYzQTQzMTYxMEU2RUVGRjlDRkZEMTdBODc1NjA3MEJBQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKzk7k3L98r2fLcZqNYLnGp7mU
ghMzD3zhxBJEZwV6aaOfenaijyQdYxkJpppZz16TFnH9aiJuHuizi3BHOvpTx1QY
BZ+h6vjU0arJB4eBPpLsXT5QYvKRKm5BMYntDIGoEMMDDn8FdIcT2G9waF5rRzGW
Lt7Z2iOsfplarrO2vYOfA7A9rDjqfkRK5ecMg/yK2u5k16YFWNX88bkjd8TAkrF3
stnVvsizJXFda0K3xzuQrvlbk3Rv6WF44mxwRwOyEzOM9+7irUFM+/2IPzb0q69G
fro5ur53Wlehh5UvFlBB7E3WzG2NKTfbLktOUHOL/f18AD83tPj1BzF7TOfrAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUCMvi86QxYQ5u7/nP/ReodWBwuqMwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MzYyMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABVm+IwDQYJKoZIhvcNAQELBQADggEBALliT0TfTUxY
bh5XhV61r6vbiYOdiToDbvdAfSKzTCBP0ZQ3n3CzsVzmhlD7LlcQA3zS8v83dUET
7XExDTauesxic/ZWx5YNW+A9P+ZgtN/5AsFDA+v0L6xuxYfHIdAGQWjfaffNKceM
6tczV4oqhZ9BRZGGi67CwbJ7CvfMLC8bqdUi7DolffgUtOlYqoWPSaSzNLwg4IkR
Ypc4BVk5C8G22il8ir/wwhRukDGP2kXHnYRJhku15+kHmGf2TA68fFpIy7GoZoGJ
U9Hxsh0/ZJ27e9gENQN0br5/DbA8S/V3EjqhD6bt3lc8+dSzLOZ1nuIfKTwWPPnL
LCg8EjteNcs=
-----END CERTIFICATE-----
Generated at Wed Oct 29 08:49:23 2025 by rpki-client