Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3139362e302f32332d3234203d3e20323134343833.roa
File: 34362e3233362e3139362e302f32332d3234203d3e20323134343833.roa (raw, json)
Hash identifier: +tQI7VFr1RmWkV9BcbFjAv9rjhnjv/LajhLU21XoVT0=
Subject key identifier: A4:4E:C6:05:01:E8:6D:17:ED:40:05:66:D4:7F:29:05:0D:ED:CA:90
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 055A14B21AD0FE72E89B2CD72576ACF610BB17A8
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3139362e302f32332d3234203d3e20323134343833.roa
Signing time: Thu 04 Sep 2025 10:40:07 +0000
ROA not before: Thu 04 Sep 2025 10:35:07 +0000
ROA not after: Thu 03 Sep 2026 10:40:07 +0000
asID: 214483
IP address blocks: 46.236.196.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:5a:14:b2:1a:d0:fe:72:e8:9b:2c:d7:25:76:ac:f6:10:bb:17:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:07 2025 GMT
Not After : Sep 3 10:40:07 2026 GMT
Subject: CN=A44EC60501E86D17ED400566D47F29050DEDCA90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:da:43:b3:47:82:f3:8c:cc:f8:29:10:59:b6:
fc:4b:36:59:d4:28:dc:55:6a:7e:7f:df:5a:4a:70:
17:79:12:1d:36:a6:a0:d2:86:2b:b2:be:c1:3e:4e:
93:b2:e2:17:1b:d1:41:be:14:7a:af:9f:82:29:c4:
4a:7d:69:ea:a1:fc:1b:6d:dc:85:de:38:b0:db:39:
79:dd:63:84:28:19:65:cf:93:f2:13:17:84:c1:9b:
e8:1f:5e:15:2d:fd:a5:b9:79:6a:b8:45:d9:3c:46:
3f:f3:62:2e:09:31:16:28:a4:6c:56:14:93:bc:3c:
71:d6:88:2d:8d:fa:b1:44:d6:e1:2b:2c:3b:57:31:
f6:06:40:d3:f2:1b:22:ce:2b:cf:56:b0:04:a6:13:
d7:53:08:cc:d5:f0:f9:f5:5a:9c:d5:fd:8f:07:3e:
f0:55:6b:4a:68:f3:2c:2e:70:82:69:6f:b7:ff:67:
43:02:5d:9f:dc:d6:1e:5b:f4:05:96:85:84:9d:1c:
10:d2:88:ce:29:2f:ef:a7:a4:b3:82:ad:f0:aa:19:
06:13:a1:66:c9:41:67:67:70:29:28:1d:bc:e0:7f:
15:33:e9:36:9f:f7:2c:4b:fa:83:0a:ad:82:ef:70:
5e:b3:f6:fe:33:1d:fe:8b:64:11:cc:e5:cd:d8:ce:
cd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:4E:C6:05:01:E8:6D:17:ED:40:05:66:D4:7F:29:05:0D:ED:CA:90
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3139362e302f32332d3234203d3e20323134343833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.196.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:54:d1:7c:e3:a8:ec:1f:90:ac:a8:a5:29:3a:c8:27:12:0e:
99:30:09:48:d6:4d:0f:93:99:8a:3b:48:b0:2c:48:d7:6a:6f:
1b:4b:4c:66:4d:b8:d1:08:e8:73:7a:3e:4c:31:77:1d:dc:26:
d3:4b:25:f5:a0:e5:66:6d:39:fd:3a:21:8b:d5:3a:c1:64:1d:
60:62:4d:4b:d3:92:33:ed:33:72:34:07:56:53:bb:ec:5a:00:
db:93:37:10:09:19:2b:2f:46:c3:62:be:a6:d5:76:9e:42:08:
14:c0:16:a1:c2:70:4d:e9:31:0c:e3:72:c0:c6:84:19:5d:01:
03:a5:d4:a7:e4:b2:f1:fa:14:0b:8d:b0:a0:90:6f:59:cb:39:
1d:70:4e:d5:19:16:18:ec:80:38:99:f2:60:4e:d8:8d:aa:c1:
c7:f3:11:5e:ad:88:bf:19:dd:22:e6:13:7b:e1:24:48:45:19:
02:c3:d4:12:66:9c:5c:50:01:4a:03:7e:8d:54:10:1e:15:15:
54:89:32:71:50:85:0d:ca:b6:c6:0c:a8:fe:85:77:4d:f5:c8:
7a:d0:fc:1a:22:78:c4:80:a8:43:2c:32:a8:48:5e:29:b8:c2:
0f:d2:2b:d2:e1:b8:c8:b9:5f:79:48:ce:37:21:5b:db:9b:de:
a7:bc:78:e7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBVoUshrQ/nLomyzXJXas9hC7F6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDdaFw0yNjA5MDMxMDQwMDdaMDMxMTAvBgNV
BAMTKEE0NEVDNjA1MDFFODZEMTdFRDQwMDU2NkQ0N0YyOTA1MERFRENBOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr2kOzR4LzjMz4KRBZtvxLNlnU
KNxVan5/31pKcBd5Eh02pqDShiuyvsE+TpOy4hcb0UG+FHqvn4IpxEp9aeqh/Btt
3IXeOLDbOXndY4QoGWXPk/ITF4TBm+gfXhUt/aW5eWq4Rdk8Rj/zYi4JMRYopGxW
FJO8PHHWiC2N+rFE1uErLDtXMfYGQNPyGyLOK89WsASmE9dTCMzV8Pn1WpzV/Y8H
PvBVa0po8ywucIJpb7f/Z0MCXZ/c1h5b9AWWhYSdHBDSiM4pL++npLOCrfCqGQYT
oWbJQWdncCkoHbzgfxUz6Taf9yxL+oMKrYLvcF6z9v4zHf6LZBHM5c3Yzs3ZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpE7GBQHobRftQAVm1H8pBQ3typAwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMTM5
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMxMzQzNDM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAEu7MQwDQYJKoZIhvcNAQELBQADggEBAJpU0XzjqOwfkKyopSk6yCcSDpkwCUjW
TQ+TmYo7SLAsSNdqbxtLTGZNuNEI6HN6Pkwxdx3cJtNLJfWg5WZtOf06IYvVOsFk
HWBiTUvTkjPtM3I0B1ZTu+xaANuTNxAJGSsvRsNivqbVdp5CCBTAFqHCcE3pMQzj
csDGhBldAQOl1KfksvH6FAuNsKCQb1nLOR1wTtUZFhjsgDiZ8mBO2I2qwcfzEV6t
iL8Z3SLmE3vhJEhFGQLD1BJmnFxQAUoDfo1UEB4VFVSJMnFQhQ3KtsYMqP6Fd031
yHrQ/BoieMSAqEMsMqhIXim4wg/SK9LhuMi5X3lIzjchW9ub3qe8eOc=
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:55:31 2025 by rpki-client