Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3231352e302f32342d3234203d3e20333937363330.roa
File: 34362e3233362e3231352e302f32342d3234203d3e20333937363330.roa (raw, json)
Hash identifier: ukv4YUaaq8uYvBCtNFe0lBvcE5G5s2BHWqn7G04Sx3c=
Subject key identifier: D8:73:E8:6D:D0:9A:30:66:BE:B4:CF:50:22:D3:B3:19:54:4A:6E:92
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 1AEE185C9E89A80F424D905B7FAA11028CA9A597
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3231352e302f32342d3234203d3e20333937363330.roa
Signing time: Fri 05 Sep 2025 17:14:52 +0000
ROA not before: Fri 05 Sep 2025 17:09:52 +0000
ROA not after: Fri 04 Sep 2026 17:14:52 +0000
asID: 397630
IP address blocks: 46.236.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:ee:18:5c:9e:89:a8:0f:42:4d:90:5b:7f:aa:11:02:8c:a9:a5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 5 17:09:52 2025 GMT
Not After : Sep 4 17:14:52 2026 GMT
Subject: CN=D873E86DD09A3066BEB4CF5022D3B319544A6E92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5c:db:02:c7:2b:37:79:b5:3c:d3:06:00:e8:
f0:83:c6:c3:42:3f:06:cf:34:6d:e9:51:5d:3a:dd:
af:f3:8c:8e:d6:b7:9d:22:b6:2c:3f:80:d9:15:36:
45:e8:00:c3:ea:d9:e2:df:7d:2f:7a:95:ae:e7:04:
e9:51:fd:18:d8:3e:46:5f:41:92:55:ff:f8:a2:51:
24:f8:7e:7f:11:9b:d9:ff:19:42:71:a0:30:05:4e:
c7:99:ef:de:6d:31:2a:5f:54:46:3a:0c:bf:07:7f:
a1:64:b7:b7:e4:ea:9e:c7:e8:19:9e:f2:9a:56:9b:
d9:f3:4d:41:84:7b:06:e6:60:b1:5b:cb:61:51:d8:
27:66:e2:ec:22:2a:e9:86:8e:cc:5f:e2:c9:5c:12:
30:d8:57:22:bf:54:fc:e0:2d:8e:4b:e3:d2:a6:4d:
5e:be:19:26:4e:69:57:29:f7:78:11:cd:fa:d5:7f:
55:53:a6:cd:e8:77:ed:a0:49:c2:d1:05:93:fa:30:
24:cc:ca:9c:fc:9f:13:ad:0c:43:c5:6e:4d:54:a8:
b4:bf:2f:e2:f0:d2:c8:b7:18:2d:5e:42:f5:98:c2:
82:45:66:20:8d:31:f4:3e:cc:80:82:1d:1c:e2:f4:
e3:b4:da:52:35:8b:a3:2a:d8:d6:68:50:18:ba:74:
a0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:73:E8:6D:D0:9A:30:66:BE:B4:CF:50:22:D3:B3:19:54:4A:6E:92
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3231352e302f32342d3234203d3e20333937363330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.215.0/24
Signature Algorithm: sha256WithRSAEncryption
36:71:ae:6f:96:e3:2c:28:99:68:a8:45:52:67:57:19:f2:f2:
50:bb:d8:b1:aa:d7:15:fd:8e:73:d0:75:8b:6e:52:15:03:41:
76:d7:d2:09:c2:f4:ae:ce:16:39:21:ee:a2:21:fc:51:11:11:
17:ff:15:51:6f:ef:24:cc:bb:25:e3:d6:42:65:e4:af:23:9c:
9d:51:4d:4a:cb:24:59:8b:9d:3e:9a:61:7d:40:81:41:2f:a4:
f8:5b:78:f4:fc:a6:8f:f1:a0:b6:be:3d:6d:d2:8b:ad:ad:7d:
7f:f7:35:31:20:27:f2:f2:0d:a2:ca:6a:c3:75:27:78:bd:09:
59:51:90:8c:7d:1b:b4:eb:ce:94:42:c6:18:c9:2f:88:71:84:
0c:6a:67:f4:17:9c:50:04:5f:87:5e:23:c7:a7:a4:7d:e1:37:
a1:44:ee:dc:6d:c2:76:75:e8:6c:94:52:d2:65:2e:20:0f:15:
83:87:b4:a6:4f:e2:1f:88:7c:06:2e:30:ce:bc:e5:a3:30:4a:
6c:45:03:66:2e:55:50:58:79:62:6f:49:35:7f:f4:13:7d:ef:
0c:48:78:f7:01:cd:9a:40:ae:05:c2:77:17:46:d5:7b:fe:7a:
5a:22:db:4a:4a:3b:f0:e8:a5:8b:bd:3c:31:1e:9e:7c:32:0f:
a2:e2:d0:2f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGu4YXJ6JqA9CTZBbf6oRAoyppZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDUxNzA5NTJaFw0yNjA5MDQxNzE0NTJaMDMxMTAvBgNV
BAMTKEQ4NzNFODZERDA5QTMwNjZCRUI0Q0Y1MDIyRDNCMzE5NTQ0QTZFOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEXNsCxys3ebU80wYA6PCDxsNC
PwbPNG3pUV063a/zjI7Wt50itiw/gNkVNkXoAMPq2eLffS96la7nBOlR/RjYPkZf
QZJV//iiUST4fn8Rm9n/GUJxoDAFTseZ795tMSpfVEY6DL8Hf6Fkt7fk6p7H6Bme
8ppWm9nzTUGEewbmYLFby2FR2Cdm4uwiKumGjsxf4slcEjDYVyK/VPzgLY5L49Km
TV6+GSZOaVcp93gRzfrVf1VTps3od+2gScLRBZP6MCTMypz8nxOtDEPFbk1UqLS/
L+Lw0si3GC1eQvWYwoJFZiCNMfQ+zICCHRzi9OO02lI1i6Mq2NZoUBi6dKCDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2HPobdCaMGa+tM9QItOzGVRKbpIwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMjMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNjMzMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAu7NcwDQYJKoZIhvcNAQELBQADggEBADZxrm+W4ywomWioRVJnVxny8lC72LGq
1xX9jnPQdYtuUhUDQXbX0gnC9K7OFjkh7qIh/FERERf/FVFv7yTMuyXj1kJl5K8j
nJ1RTUrLJFmLnT6aYX1AgUEvpPhbePT8po/xoLa+PW3Si62tfX/3NTEgJ/LyDaLK
asN1J3i9CVlRkIx9G7TrzpRCxhjJL4hxhAxqZ/QXnFAEX4deI8enpH3hN6FE7txt
wnZ16GyUUtJlLiAPFYOHtKZP4h+IfAYuMM685aMwSmxFA2YuVVBYeWJvSTV/9BN9
7wxIePcBzZpArgXCdxdG1Xv+eloi20pKO/DopYu9PDEennwyD6Li0C8=
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:23 2025 by rpki-client