Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3231382e302f32342d3234203d3e203630313238.roa
File: 34362e3233362e3231382e302f32342d3234203d3e203630313238.roa (raw, json)
Hash identifier: 1hQCt4l85CMZ9Dsa57rDqD0wDM4aw0rkk5hjfAQ5clo=
Subject key identifier: B1:B1:F6:1B:7D:69:3D:B3:05:BC:71:31:4D:9D:8B:4C:56:4B:60:4B
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 6B4BBB596A249E30A83F0E6F6C21716EE90E92AB
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3231382e302f32342d3234203d3e203630313238.roa
Signing time: Thu 04 Sep 2025 10:40:05 +0000
ROA not before: Thu 04 Sep 2025 10:35:05 +0000
ROA not after: Thu 03 Sep 2026 10:40:05 +0000
asID: 60128
IP address blocks: 46.236.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:4b:bb:59:6a:24:9e:30:a8:3f:0e:6f:6c:21:71:6e:e9:0e:92:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:05 2025 GMT
Not After : Sep 3 10:40:05 2026 GMT
Subject: CN=B1B1F61B7D693DB305BC71314D9D8B4C564B604B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:44:5b:37:7b:de:55:60:ca:6a:0b:ab:78:fb:
4c:e0:8c:ac:c3:5a:84:55:d1:e3:2f:56:d7:ad:10:
70:93:cd:e8:8f:af:82:c4:52:15:6e:f2:b1:43:71:
88:e1:fc:d6:ed:08:8b:e7:d9:30:98:38:54:cf:02:
95:d6:e6:70:b2:de:2c:3f:81:9c:12:59:05:d2:7d:
1d:97:31:cb:bd:09:08:64:0d:c9:a6:ba:62:06:57:
6f:fa:44:d8:a4:5b:ef:4c:da:05:05:53:24:9d:3d:
2f:c8:78:63:cb:5e:92:c4:6a:48:26:96:f3:8c:a7:
10:70:fe:d1:e8:f4:71:6f:c8:c8:dc:86:70:4d:46:
a1:eb:44:36:7d:d4:72:4b:0e:43:9c:eb:c3:31:27:
01:43:df:e3:2e:5e:a2:b2:5c:e8:d6:3f:62:61:2b:
e8:50:49:c7:83:32:22:16:19:28:ba:cd:62:0f:80:
3d:42:81:ee:de:22:bd:2a:01:b6:9f:d0:d1:63:a8:
e5:1f:a7:3f:3b:37:4d:b9:05:f2:6a:d0:39:ad:58:
fa:e9:c3:63:6a:df:1f:66:68:fb:fd:70:b1:a4:04:
66:c7:26:e1:ce:02:8c:51:f9:2b:5f:36:58:f4:2a:
07:39:e9:10:f7:e4:ae:09:f7:5a:5e:8a:78:c7:ab:
25:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B1:F6:1B:7D:69:3D:B3:05:BC:71:31:4D:9D:8B:4C:56:4B:60:4B
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3231382e302f32342d3234203d3e203630313238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.218.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:dd:72:ee:18:b2:49:bc:e2:b5:76:c9:54:f3:49:c2:75:16:
84:ea:a6:e8:b4:ab:d8:49:41:07:80:b4:1c:54:4e:2e:c5:e7:
ec:2f:8d:da:20:f3:6d:f0:53:43:6e:20:5f:ad:47:60:bc:df:
b6:d3:15:90:6f:b7:2e:70:84:3f:a2:f0:eb:63:3a:fb:3d:b9:
bc:69:ee:a7:5d:a1:14:11:d0:a6:ed:60:c1:a2:84:92:70:ce:
a2:44:ee:e8:7e:71:96:68:e4:9f:5f:3f:43:23:63:49:59:7f:
3f:b4:c5:99:34:7e:71:94:a3:5a:a8:16:28:43:68:c1:8f:1f:
a8:92:4a:cb:7b:f0:cc:73:8a:2e:42:b7:70:9e:77:13:6c:50:
6d:41:c3:88:0f:fe:10:e1:b8:ac:77:e8:35:8a:1d:55:4f:02:
18:b8:4f:23:1e:72:b8:ea:98:f2:e4:d6:66:eb:16:18:22:2e:
a4:35:b3:cc:a3:35:38:bf:8f:cb:8c:88:9e:8a:45:d8:03:3c:
98:38:67:4f:2f:ea:c5:e6:a7:37:54:86:1b:8a:f9:a4:18:2b:
1a:22:b2:03:8e:71:bf:35:e3:c4:72:54:eb:bd:69:2f:1e:dc:
58:18:ec:e4:af:31:e8:9c:64:3a:e5:4a:96:b4:1e:be:45:e5:
63:fc:e3:0d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUa0u7WWoknjCoPw5vbCFxbukOkqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDVaFw0yNjA5MDMxMDQwMDVaMDMxMTAvBgNV
BAMTKEIxQjFGNjFCN0Q2OTNEQjMwNUJDNzEzMTREOUQ4QjRDNTY0QjYwNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7RFs3e95VYMpqC6t4+0zgjKzD
WoRV0eMvVtetEHCTzeiPr4LEUhVu8rFDcYjh/NbtCIvn2TCYOFTPApXW5nCy3iw/
gZwSWQXSfR2XMcu9CQhkDcmmumIGV2/6RNikW+9M2gUFUySdPS/IeGPLXpLEakgm
lvOMpxBw/tHo9HFvyMjchnBNRqHrRDZ91HJLDkOc68MxJwFD3+MuXqKyXOjWP2Jh
K+hQSceDMiIWGSi6zWIPgD1Cge7eIr0qAbaf0NFjqOUfpz87N025BfJq0DmtWPrp
w2Nq3x9maPv9cLGkBGbHJuHOAoxR+StfNlj0Kgc56RD35K4J91peinjHqyVxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsbH2G31pPbMFvHExTZ2LTFZLYEswHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMjMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzEzMjM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LuzaMA0GCSqGSIb3DQEBCwUAA4IBAQCb3XLuGLJJvOK1dslU80nCdRaE6qbotKvY
SUEHgLQcVE4uxefsL43aIPNt8FNDbiBfrUdgvN+20xWQb7cucIQ/ovDrYzr7Pbm8
ae6nXaEUEdCm7WDBooSScM6iRO7ofnGWaOSfXz9DI2NJWX8/tMWZNH5xlKNaqBYo
Q2jBjx+okkrLe/DMc4ouQrdwnncTbFBtQcOID/4Q4bisd+g1ih1VTwIYuE8jHnK4
6pjy5NZm6xYYIi6kNbPMozU4v4/LjIieikXYAzyYOGdPL+rF5qc3VIYbivmkGCsa
IrIDjnG/NePEclTrvWkvHtxYGOzkrzHonGQ65UqWtB6+ReVj/OMN
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:55:32 2025 by rpki-client