Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3230342e302f32332d3234203d3e20323134343833.roa
File: 34362e3233362e3230342e302f32332d3234203d3e20323134343833.roa (raw, json)
Hash identifier: IaOpD5tdeWk1JWYm2gcmXjIC/pjm4HebmBvH7GJvQDE=
Subject key identifier: FB:A5:67:3B:1A:0E:67:45:51:C5:87:BC:8D:B8:B1:AA:69:A1:E9:C9
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 5338264392EFBF12E1F284B206E2162F01181DC4
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3230342e302f32332d3234203d3e20323134343833.roa
Signing time: Thu 04 Sep 2025 10:40:06 +0000
ROA not before: Thu 04 Sep 2025 10:35:06 +0000
ROA not after: Thu 03 Sep 2026 10:40:06 +0000
asID: 214483
IP address blocks: 46.236.204.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:38:26:43:92:ef:bf:12:e1:f2:84:b2:06:e2:16:2f:01:18:1d:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:06 2025 GMT
Not After : Sep 3 10:40:06 2026 GMT
Subject: CN=FBA5673B1A0E674551C587BC8DB8B1AA69A1E9C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:95:53:b0:14:e2:9c:7a:67:8b:2a:03:08:76:
66:c9:13:d5:b3:a1:b5:10:1d:84:0d:99:80:15:49:
6a:c1:d8:9b:c4:93:4e:b8:b3:84:e0:d5:ba:5d:f5:
57:00:dc:8d:1a:83:9d:85:84:89:2c:c7:2d:d8:51:
43:bb:be:d9:f8:76:9d:ba:29:d9:45:2b:6a:f9:43:
57:69:46:c1:48:25:87:4a:e7:d3:a6:5b:8a:17:af:
50:42:f3:bb:94:11:db:64:66:7a:e8:d3:2a:0f:30:
ee:64:f1:1f:67:88:4a:72:b2:8d:05:0e:01:6c:04:
aa:5f:d1:d7:c6:49:15:8a:32:46:88:dc:33:19:c5:
98:77:67:40:70:56:06:13:17:38:8f:0b:31:e9:2d:
cd:c3:57:71:fb:a2:45:d4:93:4a:3f:00:ec:da:8b:
99:da:86:81:99:01:c5:97:b3:6a:40:4e:6a:1d:38:
1b:34:8a:57:c4:86:ec:00:f5:a9:74:1c:f8:e2:a0:
de:65:dd:2b:2f:05:20:58:17:8b:e7:76:15:9f:c9:
39:02:35:d6:83:45:0d:bd:7e:cd:9b:81:fb:4f:1a:
02:7d:32:2d:0a:88:14:c0:db:a2:5c:a4:bd:d7:19:
c6:9d:92:d4:b2:eb:f4:86:8b:97:9a:d4:eb:f2:3d:
13:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A5:67:3B:1A:0E:67:45:51:C5:87:BC:8D:B8:B1:AA:69:A1:E9:C9
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3230342e302f32332d3234203d3e20323134343833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.204.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:12:ae:7e:d4:30:38:4a:62:51:61:29:71:b7:a9:07:4d:2c:
d1:34:ba:5e:bc:91:6e:ce:e5:bf:16:aa:9f:2f:4e:e4:37:c5:
e9:15:31:b3:7a:b6:39:71:b8:fa:65:3d:3b:93:c2:c7:5f:b3:
3e:90:83:58:ef:ca:81:17:b9:40:c5:33:87:97:e4:dd:bb:f8:
f6:84:e6:28:0a:bb:b5:3e:dc:8d:6f:f2:b1:33:96:98:27:d4:
8f:8f:03:71:35:22:8a:76:e2:15:ae:1b:a3:ef:4d:83:ad:7d:
e5:5d:49:50:d4:b2:10:7d:2a:25:d6:6e:03:5a:a4:da:92:65:
32:24:38:b7:6c:6d:83:71:72:16:f1:b0:91:6b:46:b4:58:28:
3c:34:8a:5a:55:7c:f1:d4:02:ab:bf:a1:cf:dc:f8:cf:8d:05:
4d:fd:e5:d0:cc:6d:55:66:97:dc:1f:e8:ae:b9:f5:ac:cf:37:
f7:16:87:8e:b1:ff:ca:5e:84:e7:82:31:8c:24:b9:f0:15:6b:
60:0e:2d:1e:41:99:37:cd:bd:a0:63:74:e3:06:dd:5e:60:ff:
35:3e:e2:ef:7b:42:24:71:92:82:02:cf:5c:e7:b2:41:fa:ed:
79:af:54:11:02:61:f6:6f:36:08:cc:0d:50:0b:c7:f9:22:7f:
b3:78:26:9f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUzgmQ5LvvxLh8oSyBuIWLwEYHcQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDZaFw0yNjA5MDMxMDQwMDZaMDMxMTAvBgNV
BAMTKEZCQTU2NzNCMUEwRTY3NDU1MUM1ODdCQzhEQjhCMUFBNjlBMUU5QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGlVOwFOKcemeLKgMIdmbJE9Wz
obUQHYQNmYAVSWrB2JvEk064s4Tg1bpd9VcA3I0ag52FhIksxy3YUUO7vtn4dp26
KdlFK2r5Q1dpRsFIJYdK59OmW4oXr1BC87uUEdtkZnro0yoPMO5k8R9niEpyso0F
DgFsBKpf0dfGSRWKMkaI3DMZxZh3Z0BwVgYTFziPCzHpLc3DV3H7okXUk0o/AOza
i5nahoGZAcWXs2pATmodOBs0ilfEhuwA9al0HPjioN5l3SsvBSBYF4vndhWfyTkC
NdaDRQ29fs2bgftPGgJ9Mi0KiBTA26JcpL3XGcadktSy6/SGi5ea1OvyPRObAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+6VnOxoOZ0VRxYe8jbixqmmh6ckwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMjMw
MzQyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMxMzQzNDM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAEu7MwwDQYJKoZIhvcNAQELBQADggEBAKcSrn7UMDhKYlFhKXG3qQdNLNE0ul68
kW7O5b8Wqp8vTuQ3xekVMbN6tjlxuPplPTuTwsdfsz6Qg1jvyoEXuUDFM4eX5N27
+PaE5igKu7U+3I1v8rEzlpgn1I+PA3E1Iop24hWuG6PvTYOtfeVdSVDUshB9KiXW
bgNapNqSZTIkOLdsbYNxchbxsJFrRrRYKDw0ilpVfPHUAqu/oc/c+M+NBU395dDM
bVVml9wf6K659azPN/cWh46x/8pehOeCMYwkufAVa2AOLR5BmTfNvaBjdOMG3V5g
/zU+4u97QiRxkoICz1znskH67XmvVBECYfZvNgjMDVALx/kif7N4Jp8=
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:55:32 2025 by rpki-client