Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234342e302f32322d3234203d3e203133333437.roa
File: 34362e3233362e3234342e302f32322d3234203d3e203133333437.roa (raw, json)
Hash identifier: iTS67/YrA5240bQ2IAO/OyJt36n/9a27BKvYENASw8U=
Subject key identifier: AB:6B:32:35:67:B1:1E:8D:F2:EA:9D:47:CF:35:E1:FD:A2:F8:06:CC
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 189B277F6B5B79A8AA8EF584DEC5488DEF6E42F6
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234342e302f32322d3234203d3e203133333437.roa
Signing time: Thu 04 Sep 2025 10:40:05 +0000
ROA not before: Thu 04 Sep 2025 10:35:05 +0000
ROA not after: Thu 03 Sep 2026 10:40:05 +0000
asID: 13347
IP address blocks: 46.236.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:9b:27:7f:6b:5b:79:a8:aa:8e:f5:84:de:c5:48:8d:ef:6e:42:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:05 2025 GMT
Not After : Sep 3 10:40:05 2026 GMT
Subject: CN=AB6B323567B11E8DF2EA9D47CF35E1FDA2F806CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f5:73:d0:71:98:23:88:f7:3b:3c:3d:b7:84:
90:6a:a3:b1:96:b5:dd:86:2b:63:61:5d:d7:c0:62:
01:5b:ff:b4:95:88:c2:fe:3a:02:73:9d:7b:50:00:
2d:2a:1a:8b:93:4b:fc:b7:4c:e5:d2:75:0b:db:b5:
b9:0c:9a:5e:b1:8b:13:e9:de:b2:4d:a8:bf:d7:38:
9b:c0:aa:1c:24:cb:ab:96:dc:bd:c6:da:0c:b0:7f:
a1:96:cd:04:0e:21:f3:3d:f5:db:ea:c8:3e:87:0e:
ee:32:09:c9:c6:72:51:e5:83:db:3a:06:b1:f1:92:
23:c4:06:48:d3:99:a3:d3:61:be:6e:b1:42:3c:0e:
1d:28:ab:2f:f1:81:20:6c:76:ee:cd:d2:79:28:b0:
54:00:cb:ee:32:74:11:98:db:91:a6:b1:54:3b:e5:
fe:3c:56:b9:b4:ae:fe:a7:84:64:cf:70:e7:b9:59:
fd:43:ba:13:d7:58:a5:d5:92:4e:4e:00:93:40:43:
64:0e:af:d7:99:f3:94:54:dd:02:e8:c3:fe:cc:43:
96:2a:89:a8:f3:bd:fa:d8:e1:86:a2:89:bf:a8:a3:
b5:ad:ec:1b:4f:30:7c:03:85:07:28:a1:15:2c:fe:
be:56:48:d7:4a:c1:64:4a:77:6d:38:bd:cf:c4:10:
d7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6B:32:35:67:B1:1E:8D:F2:EA:9D:47:CF:35:E1:FD:A2:F8:06:CC
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/34362e3233362e3234342e302f32322d3234203d3e203133333437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.244.0/22
Signature Algorithm: sha256WithRSAEncryption
94:e9:83:a2:4f:96:30:67:c1:95:6f:94:15:65:28:8c:d9:00:
9d:13:a5:7e:0b:c3:b9:3b:59:9a:56:85:50:17:30:66:af:ef:
47:4e:0e:9c:19:dd:ef:a6:64:e4:09:a0:ce:31:c5:fe:55:ac:
c9:ff:0c:9d:32:72:98:18:db:4f:a8:eb:c7:1b:d6:6f:2e:56:
56:1e:0c:d7:db:74:65:ad:f9:3c:63:55:df:98:1d:a4:0d:6d:
c4:3a:7f:be:6a:ad:1d:59:90:32:ac:44:cc:c4:77:b8:0a:eb:
31:41:d8:0b:70:3a:58:0b:81:94:95:13:a4:b7:4d:2c:13:12:
e7:1c:2a:a3:5d:66:3f:ff:33:b8:c3:38:e7:9c:77:09:17:a3:
df:c2:89:da:3a:4a:4e:0d:c2:de:b1:fc:f0:dc:73:0c:74:d4:
4f:91:e0:b3:3d:c8:b7:01:c9:34:76:11:87:df:2b:74:08:a4:
33:3f:a4:77:a2:de:d9:e9:c9:de:11:14:c8:ba:c4:df:0a:e2:
79:9d:23:55:a1:ea:d9:74:fc:c7:6e:c5:50:e3:32:d3:de:39:
5a:9d:76:21:f4:f9:46:4f:77:1c:00:c2:0a:7f:d2:cc:52:4d:
f9:d6:56:99:11:c7:2b:61:d1:6a:e5:a4:64:3a:4a:c3:64:82:
42:af:24:92
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGJsnf2tbeaiqjvWE3sVIje9uQvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDVaFw0yNjA5MDMxMDQwMDVaMDMxMTAvBgNV
BAMTKEFCNkIzMjM1NjdCMTFFOERGMkVBOUQ0N0NGMzVFMUZEQTJGODA2Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj9XPQcZgjiPc7PD23hJBqo7GW
td2GK2NhXdfAYgFb/7SViML+OgJznXtQAC0qGouTS/y3TOXSdQvbtbkMml6xixPp
3rJNqL/XOJvAqhwky6uW3L3G2gywf6GWzQQOIfM99dvqyD6HDu4yCcnGclHlg9s6
BrHxkiPEBkjTmaPTYb5usUI8Dh0oqy/xgSBsdu7N0nkosFQAy+4ydBGY25GmsVQ7
5f48Vrm0rv6nhGTPcOe5Wf1DuhPXWKXVkk5OAJNAQ2QOr9eZ85RU3QLow/7MQ5Yq
iajzvfrY4Yaiib+oo7Wt7BtPMHwDhQcooRUs/r5WSNdKwWRKd204vc/EENf1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUq2syNWexHo3y6p1HzzXh/aL4BswwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzQzNjJlMzIzMzM2MmUzMjM0
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMTMzMzMzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
Luz0MA0GCSqGSIb3DQEBCwUAA4IBAQCU6YOiT5YwZ8GVb5QVZSiM2QCdE6V+C8O5
O1maVoVQFzBmr+9HTg6cGd3vpmTkCaDOMcX+VazJ/wydMnKYGNtPqOvHG9ZvLlZW
HgzX23Rlrfk8Y1XfmB2kDW3EOn++aq0dWZAyrETMxHe4CusxQdgLcDpYC4GUlROk
t00sExLnHCqjXWY//zO4wzjnnHcJF6PfwonaOkpODcLesfzw3HMMdNRPkeCzPci3
Ack0dhGH3yt0CKQzP6R3ot7Z6cneERTIusTfCuJ5nSNVoerZdPzHbsVQ4zLT3jla
nXYh9PlGT3ccAMIKf9LMUk351laZEccrYdFq5aRkOkrDZIJCrySS
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:19:53 2025 by rpki-client