Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS36530.roa
File: AS36530.roa (raw, json)
Hash identifier: Wf6YSckhcFxU6HWA0dkWfsquYSGL4vb3Iv8A+vVhixA=
Subject key identifier: 49:AB:41:72:83:5C:DF:CC:64:1E:77:12:62:B4:8E:8B:F5:4F:34:DB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 249C31E23EA9CAC3173BCE5F30CFC2271A561D19
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS36530.roa
Signing time: Mon 20 Apr 2026 16:05:37 +0000
ROA not before: Mon 20 Apr 2026 16:00:37 +0000
ROA not after: Mon 19 Apr 2027 16:05:37 +0000
asID: 36530
IP address blocks: 82.25.37.0/24 maxlen: 24
82.25.46.0/23 maxlen: 24
82.26.72.0/23 maxlen: 24
82.26.78.0/23 maxlen: 24
82.47.60.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 14:21:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:9c:31:e2:3e:a9:ca:c3:17:3b:ce:5f:30:cf:c2:27:1a:56:1d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 20 16:00:37 2026 GMT
Not After : Apr 19 16:05:37 2027 GMT
Subject: CN=49AB4172835CDFCC641E771262B48E8BF54F34DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e6:81:e8:6a:de:7c:f5:e1:c5:42:09:92:d5:
0b:33:46:38:19:34:27:21:31:2d:7b:79:e3:53:f9:
02:42:7f:0d:8e:a5:12:15:64:e9:a2:39:b3:cd:db:
6b:e5:4a:55:29:67:4d:54:c5:b8:a7:9a:3a:96:3e:
0a:6d:cc:0c:1f:1c:5c:3e:bb:61:d8:f2:37:b0:45:
46:b3:63:bf:57:ef:8f:3e:50:a6:cd:0e:0e:63:cf:
37:5e:cd:3c:4d:38:16:c5:38:19:70:35:a7:c5:68:
51:c9:20:d8:82:cf:e7:9f:2d:36:d8:af:67:b2:10:
ef:da:10:fd:55:93:3e:fb:6b:c4:79:a5:15:12:49:
a7:df:83:0b:dc:de:3e:56:e8:ec:64:e2:af:f7:27:
88:17:9f:b9:1f:4a:e9:f3:2f:72:9a:30:10:96:6c:
fa:e4:e7:7d:ac:f3:ea:15:8c:26:cb:fd:07:5d:87:
68:89:95:0b:90:4e:58:97:5f:9d:b3:c5:5f:18:ee:
bf:13:5d:82:93:2e:ce:04:b3:fb:54:c7:0d:9f:f3:
1c:a0:40:e1:9f:62:8f:ba:a4:46:ee:5c:66:3f:fc:
1d:5f:20:8d:8e:a9:06:64:b2:38:e7:2d:be:ca:0a:
e8:15:db:41:30:cd:48:1e:aa:37:86:b3:8a:9c:6f:
71:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:AB:41:72:83:5C:DF:CC:64:1E:77:12:62:B4:8E:8B:F5:4F:34:DB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS36530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.37.0/24
82.25.46.0/23
82.26.72.0/23
82.26.78.0/23
82.47.60.0/23
Signature Algorithm: sha256WithRSAEncryption
85:5d:23:a2:c3:91:29:29:d7:d6:f4:ab:8c:b8:4f:98:07:bc:
bb:17:e0:4a:6b:c1:44:de:8f:d7:fb:6c:c4:38:22:97:64:f2:
a1:ca:90:e6:2b:5b:ff:7d:30:8c:a3:ac:49:dc:cb:33:fd:e5:
40:9f:87:94:f2:a7:6d:38:4e:e0:75:86:7d:65:69:dc:96:65:
00:65:b6:bb:3c:a2:d3:2f:88:bd:9a:e2:f3:11:d7:61:69:e9:
87:9b:51:cd:ef:41:36:25:8a:93:a4:b2:98:47:ec:01:76:fe:
46:17:a0:ec:a9:6f:b0:2a:b2:4d:31:b5:02:24:5b:6b:89:68:
0a:5a:88:d7:77:ea:66:43:e7:89:51:75:ed:c9:4f:d5:11:f5:
3b:72:8b:16:ac:30:c7:0b:ed:15:8b:7d:65:b6:d0:50:0e:84:
3e:81:59:24:aa:d7:c7:b3:5f:8a:e4:06:25:85:a6:94:70:b0:
ab:b7:7e:0f:40:ce:82:75:0f:72:0c:6a:69:24:7b:9f:b0:b1:
e6:b6:68:35:1a:6a:0e:c1:02:a8:1e:22:8c:02:19:69:9f:c8:
a7:5d:32:cb:2a:dd:4f:d5:29:e5:75:5f:53:09:62:00:be:a7:
ff:ee:47:58:a6:7c:90:48:0e:66:2e:bb:b9:ed:1c:d4:5b:6c:
0b:85:82:4f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUJJwx4j6pysMXO85fMM/CJxpWHRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjAxNjAwMzdaFw0yNzA0MTkxNjA1MzdaMDMxMTAvBgNV
BAMTKDQ5QUI0MTcyODM1Q0RGQ0M2NDFFNzcxMjYyQjQ4RThCRjU0RjM0REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/5oHoat589eHFQgmS1QszRjgZ
NCchMS17eeNT+QJCfw2OpRIVZOmiObPN22vlSlUpZ01UxbinmjqWPgptzAwfHFw+
u2HY8jewRUazY79X748+UKbNDg5jzzdezTxNOBbFOBlwNafFaFHJINiCz+efLTbY
r2eyEO/aEP1Vkz77a8R5pRUSSaffgwvc3j5W6Oxk4q/3J4gXn7kfSunzL3KaMBCW
bPrk532s8+oVjCbL/Qddh2iJlQuQTliXX52zxV8Y7r8TXYKTLs4Es/tUxw2f8xyg
QOGfYo+6pEbuXGY//B1fII2OqQZksjjnLb7KCugV20EwzUgeqjeGs4qcb3HTAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUSatBcoNc38xkHncSYrSOi/VPNNswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzY1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBABSGSUD
BAFSGS4DBAFSGkgDBAFSGk4DBAFSLzwwDQYJKoZIhvcNAQELBQADggEBAIVdI6LD
kSkp19b0q4y4T5gHvLsX4EprwUTej9f7bMQ4Ipdk8qHKkOYrW/99MIyjrEncyzP9
5UCfh5Typ204TuB1hn1ladyWZQBltrs8otMviL2a4vMR12Fp6YebUc3vQTYlipOk
sphH7AF2/kYXoOypb7Aqsk0xtQIkW2uJaApaiNd36mZD54lRde3JT9UR9Ttyixas
MMcL7RWLfWW20FAOhD6BWSSq18ezX4rkBiWFppRwsKu3fg9AzoJ1D3IMamkke5+w
sea2aDUaag7BAqgeIowCGWmfyKddMssq3U/VKeV1X1MJYgC+p//uR1imfJBIDmYu
u7ntHNRbbAuFgk8=
-----END CERTIFICATE-----
Generated at Tue Apr 21 16:51:40 2026 by rpki-client