Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3232342e302f32312d3231203d3e203631323434.roa
File: 34362e3233362e3232342e302f32312d3231203d3e203631323434.roa (raw, json)
Hash identifier: jBCCDcvlBKSVDXVHI5+C+NFIM3PMQALJ6lK07ZB8NWc=
Subject key identifier: 55:B3:E7:61:FE:F2:1C:6C:55:1B:F5:E5:EA:FF:51:EC:55:23:3B:FB
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 43D26673EF5FC93D0545FA32B5F361939262BFD1
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3232342e302f32312d3231203d3e203631323434.roa
Signing time: Thu 04 Sep 2025 10:40:04 +0000
ROA not before: Thu 04 Sep 2025 10:35:04 +0000
ROA not after: Thu 03 Sep 2026 10:40:04 +0000
asID: 61244
IP address blocks: 46.236.224.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:d2:66:73:ef:5f:c9:3d:05:45:fa:32:b5:f3:61:93:92:62:bf:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:04 2025 GMT
Not After : Sep 3 10:40:04 2026 GMT
Subject: CN=55B3E761FEF21C6C551BF5E5EAFF51EC55233BFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a4:ed:fb:8e:3e:54:5d:61:d3:d5:5b:b5:53:
ab:4d:e0:b3:c6:2a:d8:30:3e:32:03:d1:85:d7:1e:
66:1d:4b:21:4f:c1:34:b3:eb:ef:9b:bd:98:72:a8:
ee:ba:c9:91:eb:52:b8:28:8a:d7:0c:85:b8:00:53:
fc:74:3f:0e:7e:b3:9a:8c:f2:8b:5b:b2:c7:23:49:
c7:be:6a:3b:7a:49:38:59:c4:70:7a:1d:3d:af:67:
79:55:cc:fc:89:6a:7e:84:c0:67:41:75:1b:b9:89:
04:4b:fb:39:f3:a0:6c:4c:91:b6:f4:84:ba:6f:aa:
4c:bf:f4:77:e0:7e:d9:65:79:d2:fa:b3:e3:ad:c0:
d4:80:06:ff:3b:bf:74:ba:90:13:4a:92:33:e7:59:
77:1f:9f:77:39:54:4b:fb:b7:d3:e4:cc:ab:43:75:
a9:91:b5:f7:99:72:f4:12:4d:8a:2f:27:00:2c:21:
e0:c3:be:2b:e6:0d:a0:09:15:0b:13:a2:64:19:fe:
6b:42:0f:ae:f4:39:32:f7:14:70:87:47:4d:1e:b0:
8d:c7:a9:71:9f:f6:9e:cd:6e:a4:8f:fb:11:9a:0e:
ed:ed:dc:f0:dd:d7:84:41:9f:31:37:52:3e:37:59:
c6:ad:f8:77:03:65:a6:33:d5:51:7a:09:4d:3a:f7:
83:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B3:E7:61:FE:F2:1C:6C:55:1B:F5:E5:EA:FF:51:EC:55:23:3B:FB
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3232342e302f32312d3231203d3e203631323434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.224.0/21
Signature Algorithm: sha256WithRSAEncryption
32:cf:64:98:3b:08:20:f0:c9:49:d6:da:92:b0:d6:e7:78:04:
bf:39:19:7c:ad:3a:00:75:91:11:37:b5:ca:95:e4:73:f6:0a:
68:80:ad:56:64:6a:21:d0:61:d1:c3:8f:99:63:cc:c0:e3:5f:
ea:ec:de:9b:15:53:8d:2c:6b:b9:82:33:1a:b5:5e:bd:43:c3:
1b:8c:11:ba:b3:00:e1:02:8a:01:b6:1c:c3:ee:f7:61:95:e8:
4c:6e:cb:d5:bb:32:30:10:47:bb:26:fe:8a:47:88:92:f6:7e:
47:d4:0a:65:32:77:9a:3e:03:f7:46:c2:b8:b5:8c:ec:b7:41:
ce:f7:c3:36:bb:1a:e3:c0:a6:c5:a7:07:0e:90:41:6b:6b:54:
1e:29:0e:f2:9e:b1:90:07:7c:d6:7e:0f:8a:6f:e5:53:c5:85:
17:50:59:23:82:ec:90:85:29:ee:9d:a7:98:24:7e:a6:4b:77:
ee:2b:c3:18:cf:ea:0d:a1:fd:56:d4:5d:63:5c:3e:99:c4:2d:
58:34:56:36:ee:00:56:d2:38:06:a9:8e:cd:d4:65:16:77:84:
66:ad:21:69:8c:f3:d8:1d:69:d3:39:2e:7e:34:ea:d1:ef:b3:
27:2d:4d:f4:d4:71:d9:84:36:7f:95:47:0b:4f:40:57:ba:fe:
8b:d2:16:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQ9Jmc+9fyT0FRfoytfNhk5Jiv9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDRaFw0yNjA5MDMxMDQwMDRaMDMxMTAvBgNV
BAMTKDU1QjNFNzYxRkVGMjFDNkM1NTFCRjVFNUVBRkY1MUVDNTUyMzNCRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/pO37jj5UXWHT1Vu1U6tN4LPG
KtgwPjID0YXXHmYdSyFPwTSz6++bvZhyqO66yZHrUrgoitcMhbgAU/x0Pw5+s5qM
8otbsscjSce+ajt6SThZxHB6HT2vZ3lVzPyJan6EwGdBdRu5iQRL+znzoGxMkbb0
hLpvqky/9HfgftlledL6s+OtwNSABv87v3S6kBNKkjPnWXcfn3c5VEv7t9PkzKtD
damRtfeZcvQSTYovJwAsIeDDvivmDaAJFQsTomQZ/mtCD670OTL3FHCHR00esI3H
qXGf9p7NbqSP+xGaDu3t3PDd14RBnzE3Uj43Wcat+HcDZaYz1VF6CU0694NFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVbPnYf7yHGxVG/Xl6v9R7FUjO/swHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMjMy
MzQyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNjMxMzIzNDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
LuzgMA0GCSqGSIb3DQEBCwUAA4IBAQAyz2SYOwgg8MlJ1tqSsNbneAS/ORl8rToA
dZERN7XKleRz9gpogK1WZGoh0GHRw4+ZY8zA41/q7N6bFVONLGu5gjMatV69Q8Mb
jBG6swDhAooBthzD7vdhlehMbsvVuzIwEEe7Jv6KR4iS9n5H1AplMneaPgP3RsK4
tYzst0HO98M2uxrjwKbFpwcOkEFra1QeKQ7ynrGQB3zWfg+Kb+VTxYUXUFkjguyQ
hSnunaeYJH6mS3fuK8MYz+oNof1W1F1jXD6ZxC1YNFY27gBW0jgGqY7N1GUWd4Rm
rSFpjPPYHWnTOS5+NOrR77MnLU301HHZhDZ/lUcLT0BXuv6L0haw
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:54:45 2025 by rpki-client