Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3356.roa
File: AS3356.roa (raw, json)
Hash identifier: 6YGz/9B+sfI+dPJS4Y2SCIh8uuBWHxiq54ZsZbZCr7o=
Subject key identifier: E6:CE:7A:5F:59:CA:AB:44:80:DB:59:6C:8D:C1:36:BF:26:41:E7:FE
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 611C4C077BEA6CDB8F23A1D74BA9DBFEB2F4679D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3356.roa
Signing time: Thu 20 Mar 2025 00:04:25 +0000
ROA not before: Wed 19 Mar 2025 23:59:25 +0000
ROA not after: Thu 19 Mar 2026 00:04:25 +0000
asID: 3356
IP address blocks: 46.202.16.0/22 maxlen: 24
46.202.24.0/22 maxlen: 24
46.202.104.0/22 maxlen: 24
46.202.112.0/22 maxlen: 24
46.202.120.0/22 maxlen: 24
46.203.24.0/22 maxlen: 24
46.203.48.0/22 maxlen: 24
46.203.68.0/22 maxlen: 24
46.203.153.0/24 maxlen: 24
92.112.1.0/24 maxlen: 24
92.112.4.0/24 maxlen: 24
92.112.14.0/24 maxlen: 24
92.113.156.0/24 maxlen: 24
92.113.157.0/24 maxlen: 24
92.113.163.0/24 maxlen: 24
92.113.164.0/24 maxlen: 24
92.113.165.0/24 maxlen: 24
92.113.168.0/24 maxlen: 24
92.113.225.0/24 maxlen: 24
92.113.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:24:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:1c:4c:07:7b:ea:6c:db:8f:23:a1:d7:4b:a9:db:fe:b2:f4:67:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 19 23:59:25 2025 GMT
Not After : Mar 19 00:04:25 2026 GMT
Subject: CN=E6CE7A5F59CAAB4480DB596C8DC136BF2641E7FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:f4:13:c5:78:66:89:37:6f:2a:cc:b3:9f:
08:4b:fd:55:42:82:aa:ec:2a:bc:61:74:94:15:a8:
f5:c3:1c:9c:23:cb:fa:b3:d1:05:66:e9:fd:77:f5:
20:fb:c5:fc:c8:f7:16:4e:ea:0c:40:92:4a:ff:48:
49:f9:c4:c6:b6:76:7c:0b:cc:19:5c:db:82:a5:6e:
49:c4:8e:c5:b3:aa:a9:84:cf:2c:ea:1b:4e:50:f8:
12:21:31:f2:44:dc:f7:ba:6c:93:81:df:07:3f:3e:
46:0f:e4:16:38:29:7f:2c:3a:08:64:72:b5:d0:20:
c2:ad:85:d7:3d:60:6b:e6:ff:f1:17:bd:03:ac:d5:
bf:92:26:a6:02:33:80:62:e5:98:f5:06:d9:1b:96:
97:bd:42:d3:c7:f3:1e:d2:bc:c8:8b:c9:29:2a:f3:
fb:74:6f:e9:4f:bf:e0:cd:0a:35:02:b7:d4:f1:52:
18:dd:f1:34:93:39:f9:31:a0:a6:c9:5a:e8:09:81:
0c:bc:5f:ec:de:29:83:74:a5:72:de:c8:38:2e:ae:
5a:18:90:0c:23:3a:f8:52:b9:0c:13:bd:5d:9c:52:
5f:9f:29:48:43:f3:af:9b:ee:1f:ef:00:93:11:b0:
75:fc:65:ba:77:fa:39:c2:fd:aa:b6:3f:cf:ae:2b:
68:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:CE:7A:5F:59:CA:AB:44:80:DB:59:6C:8D:C1:36:BF:26:41:E7:FE
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.16.0/22
46.202.24.0/22
46.202.104.0/22
46.202.112.0/22
46.202.120.0/22
46.203.24.0/22
46.203.48.0/22
46.203.68.0/22
46.203.153.0/24
92.112.1.0/24
92.112.4.0/24
92.112.14.0/24
92.113.156.0/23
92.113.163.0-92.113.165.255
92.113.168.0/24
92.113.225.0-92.113.226.255
Signature Algorithm: sha256WithRSAEncryption
35:c2:49:56:a0:cf:f9:f8:09:18:6c:c0:67:cb:4d:1c:df:ad:
35:6c:44:65:0c:e8:db:71:f2:fd:ea:e6:f8:8f:d4:a3:66:86:
43:68:60:e2:0e:0a:e5:8c:ec:cc:56:54:68:14:61:a9:cc:d6:
ea:f6:6f:f9:18:9b:57:52:43:59:1f:78:2b:0f:60:fd:bf:08:
74:1f:c1:74:b0:d5:f6:16:0b:ac:97:2a:11:b1:21:80:4e:3f:
0a:e7:25:63:8f:48:f3:56:46:4d:d0:e8:fc:37:a3:60:cc:73:
50:8d:9b:bc:38:ff:24:47:1e:e8:f1:1b:8b:93:5b:8b:5b:84:
2d:96:30:b7:f9:68:e0:55:ea:7a:60:68:36:5d:38:25:29:08:
36:e7:61:58:5a:cd:5f:70:67:2c:55:1c:b1:35:08:c1:f8:c8:
4e:5b:81:28:fc:6f:9f:cb:37:ce:d3:48:d5:72:96:d7:db:f5:
cc:a1:db:18:00:58:b9:f3:9b:fb:62:bf:57:b7:76:dc:28:55:
8a:08:a8:50:f6:25:fb:92:67:06:ef:5d:f7:e8:40:f6:2e:84:
50:86:07:e1:a6:17:b2:49:b1:b6:a5:b1:76:dd:50:b8:9e:21:
db:2f:9a:91:f3:94:14:2a:da:7a:74:2f:94:30:9a:2a:ef:dd:
33:96:03:0f
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIUYRxMB3vqbNuPI6HXS6nb/rL0Z50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAzMTkyMzU5MjVaFw0yNjAzMTkwMDA0MjVaMDMxMTAvBgNV
BAMTKEU2Q0U3QTVGNTlDQUFCNDQ4MERCNTk2QzhEQzEzNkJGMjY0MUU3RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClM/QTxXhmiTdvKsyznwhL/VVC
gqrsKrxhdJQVqPXDHJwjy/qz0QVm6f139SD7xfzI9xZO6gxAkkr/SEn5xMa2dnwL
zBlc24KlbknEjsWzqqmEzyzqG05Q+BIhMfJE3Pe6bJOB3wc/PkYP5BY4KX8sOghk
crXQIMKthdc9YGvm//EXvQOs1b+SJqYCM4Bi5Zj1Btkblpe9QtPH8x7SvMiLySkq
8/t0b+lPv+DNCjUCt9TxUhjd8TSTOfkxoKbJWugJgQy8X+zeKYN0pXLeyDgurloY
kAwjOvhSuQwTvV2cUl+fKUhD86+b7h/vAJMRsHX8Zbp3+jnC/aq2P8+uK2jHAgMB
AAGjggJzMIICbzAdBgNVHQ4EFgQU5s56X1nKq0SA21lsjcE2vyZB5/4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBiQYIKwYBBQUHAQcBAf8EejB4MHYEAgABMHADBAIuyhAD
BAIuyhgDBAIuymgDBAIuynADBAIuyngDBAIuyxgDBAIuyzADBAIuy0QDBAAuy5kD
BABccAEDBABccAQDBABccA4DBAFccZwwDAMEAFxxowMEAVxxpAMEAFxxqDAMAwQA
XHHhAwQAXHHiMA0GCSqGSIb3DQEBCwUAA4IBAQA1wklWoM/5+AkYbMBny00c3601
bERlDOjbcfL96ub4j9SjZoZDaGDiDgrljOzMVlRoFGGpzNbq9m/5GJtXUkNZH3gr
D2D9vwh0H8F0sNX2FguslyoRsSGATj8K5yVjj0jzVkZN0Oj8N6NgzHNQjZu8OP8k
Rx7o8RuLk1uLW4QtljC3+WjgVep6YGg2XTglKQg252FYWs1fcGcsVRyxNQjB+MhO
W4Eo/G+fyzfO00jVcpbX2/XModsYAFi585v7Yr9Xt3bcKFWKCKhQ9iX7kmcG7133
6ED2LoRQhgfhpheySbG2pbF23VC4niHbL5qR85QUKtp6dC+UMJoq790zlgMP
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:49:57 2025 by rpki-client