Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234322e302f32342d3234203d3e20333939303733.roa
File: 34362e3233362e3234322e302f32342d3234203d3e20333939303733.roa (raw, json)
Hash identifier: 0aZsab7JCU3/t8wNmsBeZaAKPjuvbYnBDShZHFNW3G8=
Subject key identifier: BE:DC:67:04:63:DA:1F:99:92:56:44:23:87:36:DB:B3:E9:25:85:E8
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 07E88FFCEEE171DEFF235A88C4834B3C2C212B18
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234322e302f32342d3234203d3e20333939303733.roa
Signing time: Thu 04 Sep 2025 10:40:03 +0000
ROA not before: Thu 04 Sep 2025 10:35:03 +0000
ROA not after: Thu 03 Sep 2026 10:40:03 +0000
asID: 399073
IP address blocks: 46.236.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:e8:8f:fc:ee:e1:71:de:ff:23:5a:88:c4:83:4b:3c:2c:21:2b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:03 2025 GMT
Not After : Sep 3 10:40:03 2026 GMT
Subject: CN=BEDC670463DA1F99925644238736DBB3E92585E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:28:7c:99:38:89:6f:e4:dd:c5:ca:a8:d0:
b1:e8:1e:c3:39:80:b7:2e:98:06:f2:ab:49:ce:95:
fc:66:48:5c:3e:f3:6b:32:1d:c2:3d:64:cf:7d:1f:
dc:a5:fb:6c:94:1b:24:0d:dc:d8:83:46:09:04:85:
34:6b:ae:ef:f3:77:c1:42:8e:3d:61:7b:2e:06:10:
b0:91:24:e9:4f:24:70:b3:a4:89:10:dd:30:9c:95:
fa:9d:5c:80:6f:a6:6c:35:91:44:ab:cd:7a:a9:01:
af:38:f9:47:ab:cd:7a:41:a6:1d:21:c5:e1:8e:d3:
28:99:29:9c:27:19:9c:81:bb:9e:c5:b3:3e:c2:5b:
bb:c7:c5:c2:79:79:1a:aa:2e:a1:79:ca:ed:0b:3f:
c3:7f:50:a8:bd:a9:98:99:3c:5c:63:7f:0f:53:2a:
2d:a1:16:f5:ad:63:db:93:9d:8a:bb:e5:49:3b:05:
14:2d:d3:1b:af:15:20:5f:38:33:63:70:22:85:60:
f0:a8:13:51:df:6c:e5:b2:56:1d:67:69:1c:ff:cb:
64:5c:a1:8b:6a:73:c2:a3:fa:c5:61:02:fb:f0:42:
33:29:56:cb:28:ea:c7:18:58:fb:97:b9:aa:f4:96:
b6:ab:98:55:92:ed:0e:6c:e3:06:bb:13:a7:1b:f4:
ac:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DC:67:04:63:DA:1F:99:92:56:44:23:87:36:DB:B3:E9:25:85:E8
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234322e302f32342d3234203d3e20333939303733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.242.0/24
Signature Algorithm: sha256WithRSAEncryption
63:89:21:60:c1:1a:d2:5e:4a:e4:e3:0b:60:8f:21:1f:c5:c9:
db:fc:96:df:a3:c0:54:98:60:38:94:06:0f:47:50:25:7d:ff:
48:25:ba:89:45:d4:9b:f5:06:e1:b7:63:54:02:b8:88:c3:17:
13:48:bb:0b:fe:1c:69:6e:57:a4:fc:f6:0a:62:47:ad:41:b3:
dc:21:cf:d7:8a:cc:1b:3a:c4:48:a0:7d:94:10:80:f7:ef:3b:
ab:96:92:ff:8a:49:b0:42:69:94:c4:cf:77:8f:06:1e:08:92:
19:5e:f2:c5:85:dc:51:7d:aa:35:2f:56:6c:1d:08:6a:21:c3:
6e:8b:9a:dd:cc:3f:90:97:d8:dc:a2:ae:75:3f:cc:02:29:82:
a8:e8:c6:b3:1a:ab:a6:e4:88:9b:e3:de:6e:46:eb:50:5c:5a:
fa:b3:2f:d3:d6:5a:ba:c2:a2:38:09:d2:08:14:54:bd:9a:c2:
fe:16:d2:29:0c:97:b3:fc:e5:1d:9c:50:ad:d6:16:53:7c:36:
32:71:06:63:72:44:2e:fc:7f:85:30:de:7d:d4:3a:89:fa:7d:
89:b7:dc:cb:e2:cf:75:73:8f:dd:b3:f7:2e:90:40:84:ed:16:
97:4e:0e:19:60:54:66:f9:c4:09:55:3e:c6:65:53:b7:d7:66:
a8:c5:2d:28
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUB+iP/O7hcd7/I1qIxINLPCwhKxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDNaFw0yNjA5MDMxMDQwMDNaMDMxMTAvBgNV
BAMTKEJFREM2NzA0NjNEQTFGOTk5MjU2NDQyMzg3MzZEQkIzRTkyNTg1RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwLih8mTiJb+Tdxcqo0LHoHsM5
gLcumAbyq0nOlfxmSFw+82syHcI9ZM99H9yl+2yUGyQN3NiDRgkEhTRrru/zd8FC
jj1hey4GELCRJOlPJHCzpIkQ3TCclfqdXIBvpmw1kUSrzXqpAa84+UerzXpBph0h
xeGO0yiZKZwnGZyBu57Fsz7CW7vHxcJ5eRqqLqF5yu0LP8N/UKi9qZiZPFxjfw9T
Ki2hFvWtY9uTnYq75Uk7BRQt0xuvFSBfODNjcCKFYPCoE1HfbOWyVh1naRz/y2Rc
oYtqc8Kj+sVhAvvwQjMpVsso6scYWPuXuar0lrarmFWS7Q5s4wa7E6cb9KxHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvtxnBGPaH5mSVkQjhzbbs+klhegwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMjM0
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzkzMDM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAu7PIwDQYJKoZIhvcNAQELBQADggEBAGOJIWDBGtJeSuTjC2CPIR/Fydv8lt+j
wFSYYDiUBg9HUCV9/0gluolF1Jv1BuG3Y1QCuIjDFxNIuwv+HGluV6T89gpiR61B
s9whz9eKzBs6xEigfZQQgPfvO6uWkv+KSbBCaZTEz3ePBh4Ikhle8sWF3FF9qjUv
VmwdCGohw26Lmt3MP5CX2NyirnU/zAIpgqjoxrMaq6bkiJvj3m5G61BcWvqzL9PW
WrrCojgJ0ggUVL2awv4W0ikMl7P85R2cUK3WFlN8NjJxBmNyRC78f4Uw3n3UOon6
fYm33Mviz3Vzj92z9y6QQITtFpdODhlgVGb5xAlVPsZlU7fXZqjFLSg=
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:54:44 2025 by rpki-client