Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3231302e302f32342d3234203d3e20333936393832.roa
File: 34362e3233362e3231302e302f32342d3234203d3e20333936393832.roa (raw, json)
Hash identifier: ov1aGRlko6tTGR3FvzUqX6q2fi+1nj5+rZaL4WzM4Co=
Subject key identifier: BE:3E:F1:16:9B:4F:08:92:66:60:05:5B:DA:41:C7:B5:8C:09:B3:9E
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 0DAACBC4EE3034B30B61BC112AD783ADF6EC312C
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3231302e302f32342d3234203d3e20333936393832.roa
Signing time: Mon 08 Sep 2025 05:50:10 +0000
ROA not before: Mon 08 Sep 2025 05:45:10 +0000
ROA not after: Mon 07 Sep 2026 05:50:10 +0000
asID: 396982
IP address blocks: 46.236.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 17:25:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:aa:cb:c4:ee:30:34:b3:0b:61:bc:11:2a:d7:83:ad:f6:ec:31:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 8 05:45:10 2025 GMT
Not After : Sep 7 05:50:10 2026 GMT
Subject: CN=BE3EF1169B4F08926660055BDA41C7B58C09B39E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fe:13:89:2a:43:23:b1:91:8b:03:34:5d:42:
ea:f4:9e:ec:5a:f0:a7:9d:ae:4f:04:fc:7b:29:d2:
de:99:62:c4:38:2f:a4:47:74:0c:bb:bb:62:d0:57:
51:b5:a8:0c:84:9c:8e:3c:3e:f6:c0:ae:52:bf:63:
9c:de:77:1e:b4:bd:30:4a:48:5c:da:d0:31:8e:00:
9e:c0:68:92:78:a7:43:44:c3:5b:28:e1:27:cd:66:
83:1f:0a:2d:31:d1:db:4f:1a:e2:4c:f4:f0:f9:2a:
08:0a:12:44:c3:75:b4:a8:b1:57:2e:b2:9b:4b:33:
1e:00:bf:3d:9b:6f:c5:ea:d4:a2:03:19:0f:7e:6b:
4b:d2:5c:b2:99:92:13:ae:e2:d2:b5:31:7f:7e:4b:
62:c9:08:8a:33:c8:88:63:cb:50:26:2f:af:d8:9b:
ba:25:c2:6c:39:7b:c6:f3:d6:2a:09:5f:1f:6d:e9:
64:04:b7:47:d0:51:2c:7c:30:16:f5:83:8c:cf:db:
8a:bb:3d:10:12:03:d7:21:45:c5:e8:d4:3a:0b:62:
58:bf:cd:d3:72:15:e3:90:10:c8:3a:32:1d:07:0b:
73:0e:8f:ee:ab:0c:dd:e0:67:6f:78:ab:34:d7:14:
86:c1:96:13:51:7b:9f:41:8c:d1:c6:79:e9:67:bb:
79:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:3E:F1:16:9B:4F:08:92:66:60:05:5B:DA:41:C7:B5:8C:09:B3:9E
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3231302e302f32342d3234203d3e20333936393832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.210.0/24
Signature Algorithm: sha256WithRSAEncryption
03:44:1a:1e:71:8b:31:93:68:21:da:64:7e:98:01:eb:71:96:
e0:a6:7e:00:c9:1e:ea:a4:fa:2a:48:70:ce:24:71:5a:7f:c0:
eb:9a:c5:24:df:d8:d9:1f:25:da:78:70:cd:94:14:10:5b:8f:
94:da:95:ad:f9:f7:6c:e0:5b:3f:42:e6:9f:f6:72:ae:83:d4:
9b:b5:a3:cc:aa:c1:8f:80:e2:20:77:ce:fe:1b:ea:d9:ac:c4:
e6:49:af:64:5c:9a:9f:20:1b:7e:7a:0e:e6:e5:fd:18:e2:eb:
62:3d:1e:f8:38:d5:22:5c:ef:8d:3e:b3:e3:41:4d:37:67:bc:
a7:cc:ac:0f:71:9d:87:7b:62:c3:5e:4d:6c:7e:2a:19:cb:b5:
c8:52:ed:52:9b:c6:9d:ba:4c:97:b3:a0:59:a4:a7:53:50:01:
89:4b:55:0b:a3:ae:ee:79:6e:d6:d6:65:98:61:3b:85:ac:b6:
82:fb:48:53:3f:0e:51:be:31:64:46:f8:8c:0f:cb:3f:bb:f0:
76:7b:81:cc:cd:80:51:68:d4:b3:f1:77:e1:2a:f9:e6:60:d6:
fa:6f:aa:1e:f8:15:8c:08:f3:a5:35:32:50:bb:f5:72:d4:ed:
08:d1:97:8f:8b:95:f4:af:7e:0a:f3:99:12:e3:56:ce:fe:11:
3d:d1:12:2c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDarLxO4wNLMLYbwRKteDrfbsMSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDgwNTQ1MTBaFw0yNjA5MDcwNTUwMTBaMDMxMTAvBgNV
BAMTKEJFM0VGMTE2OUI0RjA4OTI2NjYwMDU1QkRBNDFDN0I1OEMwOUIzOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt/hOJKkMjsZGLAzRdQur0nuxa
8Kedrk8E/Hsp0t6ZYsQ4L6RHdAy7u2LQV1G1qAyEnI48PvbArlK/Y5zedx60vTBK
SFza0DGOAJ7AaJJ4p0NEw1so4SfNZoMfCi0x0dtPGuJM9PD5KggKEkTDdbSosVcu
sptLMx4Avz2bb8Xq1KIDGQ9+a0vSXLKZkhOu4tK1MX9+S2LJCIozyIhjy1AmL6/Y
m7olwmw5e8bz1ioJXx9t6WQEt0fQUSx8MBb1g4zP24q7PRASA9chRcXo1DoLYli/
zdNyFeOQEMg6Mh0HC3MOj+6rDN3gZ294qzTXFIbBlhNRe59BjNHGeelnu3mtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvj7xFptPCJJmYAVb2kHHtYwJs54wHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMjMx
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzYzOTM4MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAu7NIwDQYJKoZIhvcNAQELBQADggEBAANEGh5xizGTaCHaZH6YAetxluCmfgDJ
Huqk+ipIcM4kcVp/wOuaxSTf2NkfJdp4cM2UFBBbj5Tala3592zgWz9C5p/2cq6D
1Ju1o8yqwY+A4iB3zv4b6tmsxOZJr2Rcmp8gG356Dubl/Rji62I9Hvg41SJc740+
s+NBTTdnvKfMrA9xnYd7YsNeTWx+KhnLtchS7VKbxp26TJezoFmkp1NQAYlLVQuj
ru55btbWZZhhO4WstoL7SFM/DlG+MWRG+IwPyz+78HZ7gczNgFFo1LPxd+Eq+eZg
1vpvqh74FYwI86U1MlC79XLU7QjRl4+LlfSvfgrzmRLjVs7+ET3REiw=
-----END CERTIFICATE-----
Generated at Fri Sep 19 05:47:47 2025 by rpki-client