Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3139382e302f32342d3234203d3e20313532313739.roa
File: 34362e3233362e3139382e302f32342d3234203d3e20313532313739.roa (raw, json)
Hash identifier: abRTU/RHThtL+tsby7h1AyY46NwaDLxUN4vK74PFHXM=
Subject key identifier: EC:38:38:6E:FE:93:32:36:D9:5E:87:74:78:71:B6:A8:1F:52:42:5E
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 73736421722A86A99131EB08EB66EF873604BDE8
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3139382e302f32342d3234203d3e20313532313739.roa
Signing time: Thu 04 Sep 2025 10:40:05 +0000
ROA not before: Thu 04 Sep 2025 10:35:05 +0000
ROA not after: Thu 03 Sep 2026 10:40:05 +0000
asID: 152179
IP address blocks: 46.236.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:73:64:21:72:2a:86:a9:91:31:eb:08:eb:66:ef:87:36:04:bd:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:05 2025 GMT
Not After : Sep 3 10:40:05 2026 GMT
Subject: CN=EC38386EFE933236D95E87747871B6A81F52425E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:53:5d:4b:cf:e5:08:46:b5:5d:8e:44:73:f1:
91:6b:3f:db:b2:15:a9:a6:4f:c6:bf:c7:ed:2b:84:
ea:ee:07:2c:43:95:67:63:57:66:af:cd:d5:69:5e:
9d:aa:32:50:44:1e:7e:38:53:93:51:db:86:28:a8:
16:c5:49:4b:36:3b:7b:f3:ba:eb:aa:4a:4d:0c:fb:
d0:0c:8b:e8:a7:27:50:0c:39:24:0b:16:1c:c7:ff:
cc:0c:c9:92:58:3e:e1:e9:dc:fb:33:f3:71:f2:8a:
87:99:96:22:58:46:70:4a:4c:d9:87:66:94:d1:3e:
b4:da:43:76:29:5f:85:3f:d6:77:ef:26:82:84:37:
f7:1c:d4:43:ea:0d:3d:c3:69:7a:60:6e:63:f9:4f:
e6:a8:90:38:9a:8d:34:36:f0:47:cd:68:83:8e:dd:
05:59:32:ae:f0:86:14:47:97:6a:53:27:ac:da:d6:
71:4a:d3:13:eb:a4:98:c7:43:8a:32:1c:e6:d2:33:
2e:2f:4f:7f:7e:c3:1e:61:eb:a4:de:d3:61:fa:1d:
27:d9:9d:41:ec:34:70:cf:ec:12:f7:77:1d:f4:b7:
33:8c:cc:b5:47:e4:83:80:a3:0a:16:b1:28:12:4a:
f6:9e:e5:d6:61:c1:47:6d:53:23:32:20:8c:40:9d:
30:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:38:38:6E:FE:93:32:36:D9:5E:87:74:78:71:B6:A8:1F:52:42:5E
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3139382e302f32342d3234203d3e20313532313739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.198.0/24
Signature Algorithm: sha256WithRSAEncryption
28:d8:58:f7:8f:0e:b9:1e:7d:c8:93:fa:53:92:eb:29:2d:15:
ab:0e:61:95:3f:02:0f:10:7e:bd:45:82:da:b9:73:ce:e9:8e:
db:9d:98:28:5d:dc:e1:d7:cf:fd:8a:16:cf:d6:25:49:99:36:
75:68:09:0b:03:25:11:02:bd:be:da:3e:8b:28:cb:17:09:29:
1c:d1:86:4c:b3:5a:55:1d:88:75:a5:aa:03:b1:85:52:dd:53:
a8:f2:e8:7e:a8:e2:bd:af:80:4a:0e:c7:a0:81:5a:fe:b3:11:
eb:15:66:57:40:10:37:b4:4f:1c:14:12:6b:4f:11:7a:a9:78:
e5:ff:22:21:0c:8b:1d:78:2d:77:07:21:97:ca:11:2f:4d:a6:
54:45:1e:1a:33:a9:5a:05:4f:d3:4d:b0:75:b9:d1:d3:15:75:
49:b4:a8:7a:85:8c:44:35:6b:b6:68:93:5c:4f:f5:83:7b:e4:
45:80:4b:a5:7c:d3:85:7c:86:ee:cd:ef:52:a9:38:c3:73:97:
54:fe:1d:7c:d7:fb:2f:be:d5:af:14:7d:bc:84:28:a2:f6:c8:
61:70:26:fe:4c:7f:cd:4f:cf:3d:3d:62:bc:9c:3a:96:9e:68:
2a:63:c5:80:90:32:7b:29:fd:34:de:f7:06:b6:18:2d:23:c4:
ca:43:dd:73
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUc3NkIXIqhqmRMesI62bvhzYEvegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDVaFw0yNjA5MDMxMDQwMDVaMDMxMTAvBgNV
BAMTKEVDMzgzODZFRkU5MzMyMzZEOTVFODc3NDc4NzFCNkE4MUY1MjQyNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwU11Lz+UIRrVdjkRz8ZFrP9uy
FammT8a/x+0rhOruByxDlWdjV2avzdVpXp2qMlBEHn44U5NR24YoqBbFSUs2O3vz
uuuqSk0M+9AMi+inJ1AMOSQLFhzH/8wMyZJYPuHp3Psz83HyioeZliJYRnBKTNmH
ZpTRPrTaQ3YpX4U/1nfvJoKEN/cc1EPqDT3DaXpgbmP5T+aokDiajTQ28EfNaIOO
3QVZMq7whhRHl2pTJ6za1nFK0xPrpJjHQ4oyHObSMy4vT39+wx5h66Te02H6HSfZ
nUHsNHDP7BL3dx30tzOMzLVH5IOAowoWsSgSSvae5dZhwUdtUyMyIIxAnTAXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7Dg4bv6TMjbZXod0eHG2qB9SQl4wHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMTM5
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzIzMTM3Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAu7MYwDQYJKoZIhvcNAQELBQADggEBACjYWPePDrkefciT+lOS6yktFasOYZU/
Ag8Qfr1Fgtq5c87pjtudmChd3OHXz/2KFs/WJUmZNnVoCQsDJRECvb7aPosoyxcJ
KRzRhkyzWlUdiHWlqgOxhVLdU6jy6H6o4r2vgEoOx6CBWv6zEesVZldAEDe0TxwU
EmtPEXqpeOX/IiEMix14LXcHIZfKES9NplRFHhozqVoFT9NNsHW50dMVdUm0qHqF
jEQ1a7Zok1xP9YN75EWAS6V804V8hu7N71KpOMNzl1T+HXzX+y++1a8UfbyEKKL2
yGFwJv5Mf81Pzz09YrycOpaeaCpjxYCQMnsp/TTe9wa2GC0jxMpD3XM=
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:23 2025 by rpki-client