Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234302e302f32342d3234203d3e20313937353337.roa
File: 34362e3233362e3234302e302f32342d3234203d3e20313937353337.roa (raw, json)
Hash identifier: f7ZtOGkBZZDIourOS6TNUCBTzWs1hbD23NF8pNRB25s=
Subject key identifier: C4:F8:3E:FF:6A:84:B6:40:69:C1:2C:1E:15:52:CD:C2:64:BD:AB:60
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 23E98BEBC432520AD52204ADFCCAC5319464CFD7
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234302e302f32342d3234203d3e20313937353337.roa
Signing time: Thu 04 Sep 2025 10:40:04 +0000
ROA not before: Thu 04 Sep 2025 10:35:04 +0000
ROA not after: Thu 03 Sep 2026 10:40:04 +0000
asID: 197537
IP address blocks: 46.236.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:e9:8b:eb:c4:32:52:0a:d5:22:04:ad:fc:ca:c5:31:94:64:cf:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:04 2025 GMT
Not After : Sep 3 10:40:04 2026 GMT
Subject: CN=C4F83EFF6A84B64069C12C1E1552CDC264BDAB60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fa:08:64:8a:5e:3e:98:66:44:7f:ab:78:05:
95:30:ab:ac:89:ac:6a:ab:42:48:e4:4b:79:a6:1d:
37:6b:1d:23:12:bc:39:af:dd:6e:1a:3f:ba:b1:fb:
e6:f3:e8:09:bd:c0:db:83:52:52:01:7b:b2:bc:68:
dd:fb:51:5b:f6:09:46:cb:6c:71:4e:63:6a:0b:be:
58:7f:b7:81:a1:65:68:8f:ce:c8:73:d6:51:25:22:
ca:d1:43:3d:1e:da:6f:b7:5c:a0:4f:93:94:19:37:
12:56:58:7c:e6:dd:1e:3f:86:9b:00:e7:0e:98:b8:
6e:10:6d:b4:e7:4d:51:a8:fe:7d:95:b2:d4:f8:10:
0a:3e:18:9f:73:c7:ec:06:f3:d5:fb:56:8d:a1:7b:
b8:1a:01:40:03:5f:12:da:43:08:cd:af:26:e7:00:
31:76:84:9d:8e:4e:40:2c:44:a7:aa:52:4b:45:a9:
c7:0f:8d:e9:18:46:90:6b:91:71:fb:fa:d4:90:63:
e3:41:e4:3f:7c:a3:98:5e:e2:e4:02:fb:45:8b:be:
02:0f:0d:d7:49:b4:68:76:5a:83:01:3a:5d:0c:df:
cb:e2:69:de:f9:7c:84:44:3b:6b:23:cc:d3:98:e8:
75:9c:cd:e9:d0:07:4b:57:a0:2b:5e:3f:00:2e:04:
01:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F8:3E:FF:6A:84:B6:40:69:C1:2C:1E:15:52:CD:C2:64:BD:AB:60
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234302e302f32342d3234203d3e20313937353337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.240.0/24
Signature Algorithm: sha256WithRSAEncryption
11:0f:94:3f:99:3f:01:a0:bb:c2:ef:e6:af:7d:44:ec:e9:09:
7a:33:f8:77:6f:0d:f2:5f:5c:61:7e:62:89:15:bd:8f:f8:b8:
4c:02:79:ec:f6:c5:28:bd:19:b9:75:26:09:50:c3:66:58:b0:
52:c8:af:1e:70:c2:5c:c6:93:2f:ba:18:7e:72:3f:e2:e5:45:
b0:43:7b:e5:fc:25:41:60:7d:d0:45:b2:c0:d1:ab:b1:b5:cc:
47:34:bf:17:72:95:22:ec:ea:5c:92:ac:42:70:26:7f:59:12:
01:f6:8d:17:9d:7c:d0:9a:0f:5f:9b:1b:a4:2d:13:5a:85:88:
81:b5:c1:b9:82:9e:94:a7:f4:2f:ca:12:b0:89:48:a0:ef:d6:
59:5a:d6:88:37:fc:93:4e:f6:0b:ac:8f:6c:44:f2:4a:9f:be:
b0:6c:08:40:08:63:95:a3:f9:fc:06:7f:45:95:38:a9:c3:7c:
f4:87:6b:4e:cb:bf:de:01:9d:39:3e:6d:06:99:ee:ee:49:81:
2f:37:a0:c1:9c:1b:a2:41:03:a9:71:e5:4a:67:89:2b:50:9a:
cb:53:97:a9:5b:b5:a1:b1:23:e2:94:c1:f2:3b:2c:d1:dd:39:
e2:9c:9f:0a:cb:0f:a5:2c:28:a8:84:33:3f:43:15:17:1e:a2:
aa:32:66:b5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUI+mL68QyUgrVIgSt/MrFMZRkz9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDRaFw0yNjA5MDMxMDQwMDRaMDMxMTAvBgNV
BAMTKEM0RjgzRUZGNkE4NEI2NDA2OUMxMkMxRTE1NTJDREMyNjRCREFCNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2+ghkil4+mGZEf6t4BZUwq6yJ
rGqrQkjkS3mmHTdrHSMSvDmv3W4aP7qx++bz6Am9wNuDUlIBe7K8aN37UVv2CUbL
bHFOY2oLvlh/t4GhZWiPzshz1lElIsrRQz0e2m+3XKBPk5QZNxJWWHzm3R4/hpsA
5w6YuG4QbbTnTVGo/n2VstT4EAo+GJ9zx+wG89X7Vo2he7gaAUADXxLaQwjNrybn
ADF2hJ2OTkAsRKeqUktFqccPjekYRpBrkXH7+tSQY+NB5D98o5he4uQC+0WLvgIP
DddJtGh2WoMBOl0M38viad75fIREO2sjzNOY6HWczenQB0tXoCtePwAuBAE5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxPg+/2qEtkBpwSweFVLNwmS9q2AwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMjM0
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzczNTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAu7PAwDQYJKoZIhvcNAQELBQADggEBABEPlD+ZPwGgu8Lv5q99ROzpCXoz+Hdv
DfJfXGF+YokVvY/4uEwCeez2xSi9Gbl1JglQw2ZYsFLIrx5wwlzGky+6GH5yP+Ll
RbBDe+X8JUFgfdBFssDRq7G1zEc0vxdylSLs6lySrEJwJn9ZEgH2jRedfNCaD1+b
G6QtE1qFiIG1wbmCnpSn9C/KErCJSKDv1lla1og3/JNO9gusj2xE8kqfvrBsCEAI
Y5Wj+fwGf0WVOKnDfPSHa07Lv94BnTk+bQaZ7u5JgS83oMGcG6JBA6lx5UpniStQ
mstTl6lbtaGxI+KUwfI7LNHdOeKcnwrLD6UsKKiEMz9DFRceoqoyZrU=
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:26 2025 by rpki-client