Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
File: AS3356.roa (raw, json)
Hash identifier: 9JYgbYT4mQeJomtx2M0UzMydBG5NakskPlQ+kgmpLss=
Subject key identifier: 47:29:5F:06:E5:CF:12:13:3D:79:16:CC:C7:A5:AA:2A:FD:0F:DF:09
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 147E53743E70004BC18F6F421462FAD3333B483D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
Signing time: Wed 17 Jun 2026 15:47:40 +0000
ROA not before: Wed 17 Jun 2026 15:42:40 +0000
ROA not after: Wed 16 Jun 2027 15:47:40 +0000
asID: 3356
IP address blocks: 5.252.72.0/24 maxlen: 24
45.89.248.0/24 maxlen: 24
45.89.255.0/24 maxlen: 24
45.133.169.0/24 maxlen: 24
45.133.171.0/24 maxlen: 24
89.19.47.0/24 maxlen: 24
92.118.161.0/24 maxlen: 24
130.185.126.0/24 maxlen: 24
141.98.91.0/24 maxlen: 24
179.61.128.0/24 maxlen: 24
179.61.135.0/24 maxlen: 24
179.61.139.0/24 maxlen: 24
179.61.160.0/24 maxlen: 24
179.61.162.0/24 maxlen: 24
179.61.172.0/24 maxlen: 24
181.214.12.0/24 maxlen: 24
181.214.13.0/24 maxlen: 24
181.214.16.0/24 maxlen: 24
181.215.38.0/24 maxlen: 24
181.215.133.0/24 maxlen: 24
181.215.171.0/24 maxlen: 24
185.158.150.0/24 maxlen: 24
191.96.41.0/24 maxlen: 24
191.101.60.0/24 maxlen: 24
191.101.208.0/24 maxlen: 24
213.109.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 05:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:7e:53:74:3e:70:00:4b:c1:8f:6f:42:14:62:fa:d3:33:3b:48:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 17 15:42:40 2026 GMT
Not After : Jun 16 15:47:40 2027 GMT
Subject: CN=47295F06E5CF12133D7916CCC7A5AA2AFD0FDF09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0c:5a:ad:09:79:34:bf:1c:ae:09:33:c6:ce:
dc:a2:1a:43:df:b4:01:81:7e:88:8a:52:1c:1b:af:
5b:0a:d3:c3:75:ee:68:d5:1a:e3:45:f2:bb:0c:93:
18:7b:b8:bf:91:99:19:34:a4:38:47:dc:05:05:10:
5d:8f:c5:2f:ae:12:3c:af:50:f5:34:7c:d1:ee:99:
25:9f:33:6c:03:e5:ee:e1:6c:8a:93:86:23:d9:3c:
2f:5f:18:e6:72:3a:cf:97:47:68:12:32:13:39:4d:
b0:a3:24:7a:01:59:01:8d:4a:0b:8d:91:5c:a4:d8:
c6:40:6b:80:85:33:d1:9b:30:95:b1:89:9e:80:bf:
77:56:b3:20:58:19:ac:54:f4:5d:77:df:aa:1e:81:
e0:c0:5a:de:4e:2b:f8:d0:b0:79:37:7d:d9:a8:b5:
65:cf:3a:4c:d9:10:f8:95:ae:b3:6a:99:6b:be:68:
4a:50:ff:06:43:bc:c3:da:7f:6e:53:e4:f8:08:8f:
00:63:42:b3:1c:43:c7:36:0c:0b:d0:75:f2:1c:22:
43:1e:83:16:e9:da:ec:9c:7d:bf:69:08:0b:af:06:
b0:3e:ec:53:1b:c7:f4:0f:d0:b9:71:00:14:14:f5:
43:a2:f5:3b:81:b9:54:88:72:ed:91:cb:88:19:3e:
24:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:29:5F:06:E5:CF:12:13:3D:79:16:CC:C7:A5:AA:2A:FD:0F:DF:09
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.72.0/24
45.89.248.0/24
45.89.255.0/24
45.133.169.0/24
45.133.171.0/24
89.19.47.0/24
92.118.161.0/24
130.185.126.0/24
141.98.91.0/24
179.61.128.0/24
179.61.135.0/24
179.61.139.0/24
179.61.160.0/24
179.61.162.0/24
179.61.172.0/24
181.214.12.0/23
181.214.16.0/24
181.215.38.0/24
181.215.133.0/24
181.215.171.0/24
185.158.150.0/24
191.96.41.0/24
191.101.60.0/24
191.101.208.0/24
213.109.170.0/24
Signature Algorithm: sha256WithRSAEncryption
37:e9:b8:6a:fd:27:e0:6d:a7:a3:c0:09:9b:f3:3a:42:db:2d:
87:57:8f:fd:7b:c8:bd:34:82:bb:e6:47:f0:12:49:ab:dd:b9:
94:ef:cd:52:bd:a4:02:9a:47:34:27:50:e8:2a:2e:45:f5:19:
0b:6c:1d:44:62:aa:63:30:a4:88:d4:e0:02:b4:7a:cb:c5:67:
3b:a3:55:14:f5:6a:35:24:ea:31:50:13:c7:7e:3b:5b:1c:d7:
f7:d2:4f:2b:43:79:fe:8c:14:a5:83:01:07:49:6e:f0:4a:38:
5b:d1:63:03:22:12:5d:ff:bf:5a:b9:35:98:5e:5e:96:c5:e6:
8a:a3:f0:2c:05:47:92:4a:d9:be:7f:7d:af:c2:d3:53:64:e2:
90:1f:6c:7c:fe:7f:a6:de:4b:d9:99:54:30:d0:b2:ad:9a:28:
fe:b3:5c:74:42:1b:73:3a:85:8b:42:5e:de:30:17:a0:ac:b0:
c9:c5:21:64:11:a8:99:6f:f0:5e:08:0a:6f:d7:74:b1:dc:7f:
98:83:88:57:a0:fe:05:fd:36:bc:ff:9b:1a:61:a8:e8:a0:ce:
b3:6b:d9:72:0d:57:dc:63:5e:3c:d1:2c:df:b8:3b:ec:75:96:
34:aa:5c:8e:9c:fe:30:6c:1d:50:65:e0:7c:d7:56:68:1d:91:
24:90:86:2e
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIUFH5TdD5wAEvBj29CFGL60zM7SD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA2MTcxNTQyNDBaFw0yNzA2MTYxNTQ3NDBaMDMxMTAvBgNV
BAMTKDQ3Mjk1RjA2RTVDRjEyMTMzRDc5MTZDQ0M3QTVBQTJBRkQwRkRGMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCDFqtCXk0vxyuCTPGztyiGkPf
tAGBfoiKUhwbr1sK08N17mjVGuNF8rsMkxh7uL+RmRk0pDhH3AUFEF2PxS+uEjyv
UPU0fNHumSWfM2wD5e7hbIqThiPZPC9fGOZyOs+XR2gSMhM5TbCjJHoBWQGNSguN
kVyk2MZAa4CFM9GbMJWxiZ6Av3dWsyBYGaxU9F1336oegeDAWt5OK/jQsHk3fdmo
tWXPOkzZEPiVrrNqmWu+aEpQ/wZDvMPaf25T5PgIjwBjQrMcQ8c2DAvQdfIcIkMe
gxbp2uycfb9pCAuvBrA+7FMbx/QP0LlxABQU9UOi9TuBuVSIcu2Ry4gZPiS/AgMB
AAGjggKdMIICmTAdBgNVHQ4EFgQURylfBuXPEhM9eRbMx6WqKv0P3wkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBswYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQA
BfxIAwQALVn4AwQALVn/AwQALYWpAwQALYWrAwQAWRMvAwQAXHahAwQAgrl+AwQA
jWJbAwQAsz2AAwQAsz2HAwQAsz2LAwQAsz2gAwQAsz2iAwQAsz2sAwQBtdYMAwQA
tdYQAwQAtdcmAwQAtdeFAwQAtderAwQAuZ6WAwQAv2ApAwQAv2U8AwQAv2XQAwQA
1W2qMA0GCSqGSIb3DQEBCwUAA4IBAQA36bhq/SfgbaejwAmb8zpC2y2HV4/9e8i9
NIK75kfwEkmr3bmU781SvaQCmkc0J1DoKi5F9RkLbB1EYqpjMKSI1OACtHrLxWc7
o1UU9Wo1JOoxUBPHfjtbHNf30k8rQ3n+jBSlgwEHSW7wSjhb0WMDIhJd/79auTWY
Xl6WxeaKo/AsBUeSStm+f32vwtNTZOKQH2x8/n+m3kvZmVQw0LKtmij+s1x0Qhtz
OoWLQl7eMBegrLDJxSFkEaiZb/BeCApv13Sx3H+Yg4hXoP4F/Ta8/5saYajooM6z
a9lyDVfcY1480SzfuDvsdZY0qlyOnP4wbB1QZeB811ZoHZEkkIYu
-----END CERTIFICATE-----
Generated at Sat Jun 27 14:12:51 2026 by rpki-client