Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234332e302f32342d3234203d3e203237343633.roa
File: 34362e3233362e3234332e302f32342d3234203d3e203237343633.roa (raw, json)
Hash identifier: a5r6yFSEsGnFO9W3Q4dLBfnPRhu3Y5Jho/qBO0C/IjU=
Subject key identifier: E4:8A:A3:A7:09:51:C2:32:18:3B:5B:45:52:65:6D:C5:FE:D9:21:CF
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 720C9C7DA6E1791FDACFC9FC76B96C027F8EEC1A
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234332e302f32342d3234203d3e203237343633.roa
Signing time: Thu 04 Sep 2025 10:40:07 +0000
ROA not before: Thu 04 Sep 2025 10:35:07 +0000
ROA not after: Thu 03 Sep 2026 10:40:07 +0000
asID: 27463
IP address blocks: 46.236.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:0c:9c:7d:a6:e1:79:1f:da:cf:c9:fc:76:b9:6c:02:7f:8e:ec:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:07 2025 GMT
Not After : Sep 3 10:40:07 2026 GMT
Subject: CN=E48AA3A70951C232183B5B4552656DC5FED921CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:27:23:ba:15:0a:00:51:7b:78:21:d2:10:8c:
b7:fc:38:ed:d9:b9:69:5f:00:7a:a7:2b:b5:9a:0e:
88:76:58:bf:1d:f2:ef:2f:c3:f9:51:c8:19:4d:e4:
21:70:c0:a3:cd:02:81:a9:1e:8d:78:39:63:47:ab:
9b:d0:63:b6:e7:97:90:63:7d:2e:ef:fd:45:3e:91:
0a:01:48:26:21:99:be:18:69:99:2e:99:39:07:e0:
16:e7:8e:83:96:4d:f9:77:db:9c:16:d6:fe:a3:12:
67:7b:68:0b:e8:dc:86:48:c3:2b:fb:a4:48:11:cd:
04:ce:7e:bc:6c:70:eb:dc:6e:68:6b:da:96:2b:02:
b5:86:e8:fa:3f:eb:b9:db:5c:f9:e2:20:51:30:f4:
0c:36:8f:58:ea:c2:e8:26:fe:3f:cc:38:a6:fa:5b:
01:c9:ed:c6:42:72:ce:75:22:aa:b2:29:aa:51:51:
ab:79:f4:ea:88:33:9e:21:15:ca:b6:2f:a5:5e:07:
a8:12:92:ab:94:98:45:2e:26:67:4e:c9:aa:1e:6f:
7c:2e:30:04:f5:b0:52:33:64:d3:5e:ed:64:00:6a:
50:d6:c2:15:23:fe:57:c7:cc:e5:e1:e7:36:96:a8:
f6:30:ba:8f:e6:09:f0:7f:39:30:62:32:0b:86:e6:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:8A:A3:A7:09:51:C2:32:18:3B:5B:45:52:65:6D:C5:FE:D9:21:CF
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234332e302f32342d3234203d3e203237343633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.243.0/24
Signature Algorithm: sha256WithRSAEncryption
06:bd:1e:32:11:f2:4d:3e:50:4d:13:4f:1d:5e:6b:9a:7c:51:
79:5c:a6:ce:1b:43:5f:40:cf:0d:c0:2d:a3:89:b2:4e:b4:23:
be:ab:f1:b7:41:f3:26:b3:8a:e6:df:1d:b6:cf:41:cc:af:ca:
40:95:2f:10:66:ca:46:1e:50:d1:db:85:cc:a4:45:e3:3b:d2:
d7:fc:77:2d:b3:f2:b9:f6:5e:95:1d:9d:77:cb:b4:19:d6:7d:
1b:67:d8:25:06:44:5d:b8:f0:99:57:c8:4b:e7:c6:93:0b:13:
96:4d:50:37:2f:92:49:d8:4e:a0:70:bc:94:67:5c:0f:4f:67:
26:3a:08:fa:f1:cc:f2:d8:72:86:d6:8c:b0:a7:5a:f9:f0:be:
82:d9:2a:f9:3a:d3:8c:4b:50:bb:10:35:a9:af:bc:65:2f:ea:
24:53:c0:a2:04:73:75:92:4c:09:44:75:b6:e8:7a:37:db:34:
e8:53:21:05:0e:18:93:d7:28:53:ef:52:4c:9e:66:c3:78:90:
8e:78:97:fc:b9:66:c3:2b:76:b1:95:53:f6:2e:15:5f:c7:7d:
cb:63:b8:b2:fe:3c:90:39:5f:96:0f:39:81:7a:05:a9:d0:0e:
ad:9b:fe:52:8a:50:e7:6e:40:ee:c7:f7:02:d4:ab:b7:37:cf:
ec:a4:b6:31
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcgycfabheR/az8n8drlsAn+O7BowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDdaFw0yNjA5MDMxMDQwMDdaMDMxMTAvBgNV
BAMTKEU0OEFBM0E3MDk1MUMyMzIxODNCNUI0NTUyNjU2REM1RkVEOTIxQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJJyO6FQoAUXt4IdIQjLf8OO3Z
uWlfAHqnK7WaDoh2WL8d8u8vw/lRyBlN5CFwwKPNAoGpHo14OWNHq5vQY7bnl5Bj
fS7v/UU+kQoBSCYhmb4YaZkumTkH4BbnjoOWTfl325wW1v6jEmd7aAvo3IZIwyv7
pEgRzQTOfrxscOvcbmhr2pYrArWG6Po/67nbXPniIFEw9Aw2j1jqwugm/j/MOKb6
WwHJ7cZCcs51IqqyKapRUat59OqIM54hFcq2L6VeB6gSkquUmEUuJmdOyaoeb3wu
MAT1sFIzZNNe7WQAalDWwhUj/lfHzOXh5zaWqPYwuo/mCfB/OTBiMguG5lZbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU5IqjpwlRwjIYO1tFUmVtxf7ZIc8wHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMjM0
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzQzNjMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LuzzMA0GCSqGSIb3DQEBCwUAA4IBAQAGvR4yEfJNPlBNE08dXmuafFF5XKbOG0Nf
QM8NwC2jibJOtCO+q/G3QfMms4rm3x22z0HMr8pAlS8QZspGHlDR24XMpEXjO9LX
/Hcts/K59l6VHZ13y7QZ1n0bZ9glBkRduPCZV8hL58aTCxOWTVA3L5JJ2E6gcLyU
Z1wPT2cmOgj68czy2HKG1oywp1r58L6C2Sr5OtOMS1C7EDWpr7xlL+okU8CiBHN1
kkwJRHW26Ho32zToUyEFDhiT1yhT71JMnmbDeJCOeJf8uWbDK3axlVP2LhVfx33L
Y7iy/jyQOV+WDzmBegWp0A6tm/5SilDnbkDux/cC1Ku3N8/spLYx
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:23 2025 by rpki-client