Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS36530.roa
File: AS36530.roa (raw, json)
Hash identifier: Oysn3s/Ea3yTXinhfnj01oH3Qy3g3RXAKPXtZq2SE5c=
Subject key identifier: 57:87:8C:06:AD:24:3E:5F:E7:F8:99:23:A0:EE:52:B6:5F:56:B8:56
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6E68BD9BE0ED6A68C436C222084D66BBA8340833
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS36530.roa
Signing time: Tue 21 Oct 2025 16:20:20 +0000
ROA not before: Tue 21 Oct 2025 16:15:20 +0000
ROA not after: Tue 20 Oct 2026 16:20:20 +0000
asID: 36530
IP address blocks: 82.21.200.0/23 maxlen: 24
82.22.8.0/24 maxlen: 24
82.24.127.0/24 maxlen: 24
82.24.189.0/24 maxlen: 24
82.25.37.0/24 maxlen: 24
82.25.46.0/23 maxlen: 24
82.26.72.0/23 maxlen: 24
82.26.78.0/23 maxlen: 24
82.26.91.0/24 maxlen: 24
82.26.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:68:bd:9b:e0:ed:6a:68:c4:36:c2:22:08:4d:66:bb:a8:34:08:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 21 16:15:20 2025 GMT
Not After : Oct 20 16:20:20 2026 GMT
Subject: CN=57878C06AD243E5FE7F89923A0EE52B65F56B856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:63:38:25:3f:15:8c:18:de:91:5d:7e:58:27:
ab:48:cf:a4:05:a2:d8:84:7f:0a:83:ab:ef:85:8c:
8c:15:12:82:4d:d4:ec:22:e2:af:fe:36:78:2b:56:
9e:ab:4e:4b:b6:60:cd:88:e0:8c:0d:6a:85:d0:30:
23:13:f5:a1:0d:29:f9:61:80:d2:1e:80:f3:4d:de:
45:58:2c:c1:91:fa:80:41:af:d3:40:a5:7c:a9:22:
08:74:a1:ed:cc:be:06:5c:8a:4c:86:e2:95:04:de:
a8:c2:1a:40:2b:b6:72:c2:ef:96:de:20:81:64:8b:
d7:d4:73:23:51:24:bc:09:7b:05:2b:41:2c:91:d4:
e1:56:f0:a5:7f:3a:94:13:05:82:6f:08:a3:f7:03:
e7:40:f2:d1:ac:80:67:7d:0b:85:67:2a:03:87:35:
e0:a8:38:3a:65:3c:3b:3a:ff:49:10:ce:8f:eb:1b:
c5:86:33:29:2f:ed:b7:94:b8:b8:6b:91:c7:15:85:
11:15:73:95:72:52:dd:88:8a:b8:35:cb:9f:53:f9:
fb:d5:34:91:f4:be:ef:a8:67:a0:c4:d6:3c:91:54:
f0:7d:7d:83:3a:c8:aa:10:f4:e8:d0:0e:44:12:d5:
19:c0:10:4b:66:50:5a:14:b2:5c:57:70:a2:46:d1:
4d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:87:8C:06:AD:24:3E:5F:E7:F8:99:23:A0:EE:52:B6:5F:56:B8:56
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS36530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.200.0/23
82.22.8.0/24
82.24.127.0/24
82.24.189.0/24
82.25.37.0/24
82.25.46.0/23
82.26.72.0/23
82.26.78.0/23
82.26.91.0/24
82.26.93.0/24
Signature Algorithm: sha256WithRSAEncryption
37:b4:66:42:55:d8:8d:00:72:b6:06:2a:a7:27:9e:1f:fd:8a:
e8:25:99:93:d5:ed:3a:78:c3:67:3a:c1:29:87:24:79:08:37:
78:32:02:2d:02:06:4c:8c:fd:b5:46:de:a2:e3:ad:39:dd:34:
96:36:5e:b0:42:3e:e9:6b:70:10:4a:92:2c:07:ac:bc:e3:e7:
7d:2e:ad:6b:4e:99:7e:8b:c9:bb:11:08:34:af:6e:4a:4d:d6:
95:4b:c6:a1:1d:9b:c6:43:48:d9:85:57:61:ba:8d:3b:ce:c6:
f0:14:57:01:f4:3b:5b:32:1a:af:60:91:d5:d1:d1:bd:92:9e:
61:70:4c:a8:28:5e:ed:1e:0f:d1:a7:f1:e6:1a:99:29:b9:42:
86:4f:63:79:18:87:b8:5f:7b:04:7d:fe:f4:4e:f4:ca:90:c4:
82:c5:e5:86:fc:d5:97:5e:dd:54:8d:1b:f5:ef:d3:36:a8:3a:
8d:41:24:0b:26:19:ce:cc:a2:4f:33:ea:65:ab:50:f2:d6:bf:
13:29:36:d8:ee:7c:eb:f7:b1:7f:27:67:7f:6d:c3:d1:8d:11:
47:b4:16:27:e1:00:c2:e8:9c:4c:d8:72:9b:7c:43:03:f4:da:
d3:6d:4f:d4:cb:da:71:51:8f:72:35:b9:50:20:3e:bd:05:5c:
95:eb:e9:5f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbmi9m+DtamjENsIiCE1mu6g0CDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMjExNjE1MjBaFw0yNjEwMjAxNjIwMjBaMDMxMTAvBgNV
BAMTKDU3ODc4QzA2QUQyNDNFNUZFN0Y4OTkyM0EwRUU1MkI2NUY1NkI4NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyYzglPxWMGN6RXX5YJ6tIz6QF
otiEfwqDq++FjIwVEoJN1Owi4q/+NngrVp6rTku2YM2I4IwNaoXQMCMT9aENKflh
gNIegPNN3kVYLMGR+oBBr9NApXypIgh0oe3MvgZcikyG4pUE3qjCGkArtnLC75be
IIFki9fUcyNRJLwJewUrQSyR1OFW8KV/OpQTBYJvCKP3A+dA8tGsgGd9C4VnKgOH
NeCoODplPDs6/0kQzo/rG8WGMykv7beUuLhrkccVhREVc5VyUt2Iirg1y59T+fvV
NJH0vu+oZ6DE1jyRVPB9fYM6yKoQ9OjQDkQS1RnAEEtmUFoUslxXcKJG0U17AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUV4eMBq0kPl/n+JkjoO5Stl9WuFYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzY1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAFSFcgD
BABSFggDBABSGH8DBABSGL0DBABSGSUDBAFSGS4DBAFSGkgDBAFSGk4DBABSGlsD
BABSGl0wDQYJKoZIhvcNAQELBQADggEBADe0ZkJV2I0AcrYGKqcnnh/9iuglmZPV
7Tp4w2c6wSmHJHkIN3gyAi0CBkyM/bVG3qLjrTndNJY2XrBCPulrcBBKkiwHrLzj
530urWtOmX6LybsRCDSvbkpN1pVLxqEdm8ZDSNmFV2G6jTvOxvAUVwH0O1syGq9g
kdXR0b2SnmFwTKgoXu0eD9Gn8eYamSm5QoZPY3kYh7hfewR9/vRO9MqQxILF5Yb8
1Zde3VSNG/Xv0zaoOo1BJAsmGc7Mok8z6mWrUPLWvxMpNtjufOv3sX8nZ39tw9GN
EUe0FifhAMLonEzYcpt8QwP02tNtT9TL2nFRj3I1uVAgPr0FXJXr6V8=
-----END CERTIFICATE-----
Generated at Wed Oct 22 00:55:53 2025 by rpki-client