Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/33362e3235352e39342e302f32332d3234203d3e2039333034.roa
File: 33362e3235352e39342e302f32332d3234203d3e2039333034.roa (raw, json)
Hash identifier: 1cc4X9svp676iCE0S+Qv+GcmYLNtWmAraR6RoXQl0To=
Subject key identifier: 08:C0:81:0C:0E:1C:6E:4C:C7:96:A5:07:2A:31:34:97:2F:54:08:FF
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 79835CFF920B08503C84ABB435C721F3FF75F2D3
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/33362e3235352e39342e302f32332d3234203d3e2039333034.roa
Signing time: Tue 23 Sep 2025 05:42:25 +0000
ROA not before: Tue 23 Sep 2025 05:37:25 +0000
ROA not after: Tue 22 Sep 2026 05:42:25 +0000
asID: 9304
IP address blocks: 36.255.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:83:5c:ff:92:0b:08:50:3c:84:ab:b4:35:c7:21:f3:ff:75:f2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Sep 23 05:37:25 2025 GMT
Not After : Sep 22 05:42:25 2026 GMT
Subject: CN=08C0810C0E1C6E4CC796A5072A3134972F5408FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:03:35:91:46:61:6d:84:c5:69:1b:dc:fd:88:
cd:e6:9b:9d:d8:d0:c9:69:9b:0d:b7:ee:d4:b4:b3:
62:15:a6:17:0a:3a:ea:b7:78:76:0b:06:1c:98:48:
15:c5:ca:8c:41:28:37:c3:f1:f4:2a:d8:df:16:15:
9f:e7:a1:3d:a1:ba:56:5b:51:fd:c8:bb:7f:4d:c5:
ac:e2:db:0e:5c:63:fc:1e:4f:5c:16:f9:6e:52:7f:
27:4b:d3:d4:7e:8e:4e:18:ed:46:f0:8b:5e:ec:bc:
3c:ed:0c:13:1f:76:70:ce:cd:d7:d1:2b:c9:4c:5c:
5b:89:1a:eb:44:9f:32:e2:37:9f:39:27:a6:fd:29:
e8:13:c0:50:7c:41:5f:40:33:81:28:6e:38:a9:c3:
3d:a2:5f:69:3d:40:20:2b:0e:f2:2c:e2:14:cc:8d:
b3:e6:c1:cd:e8:2e:b4:6d:28:ae:a1:3a:ee:e2:26:
5f:75:e9:55:03:b5:0f:e8:2b:2b:61:ce:2b:9c:b4:
ef:f5:23:65:37:df:36:d8:74:1b:2a:9e:1c:a5:47:
69:d2:db:b8:12:d2:e5:fc:44:af:5e:07:61:42:46:
24:c9:c8:97:22:e1:58:74:5b:67:2a:63:5c:25:0b:
33:1e:7e:7e:da:4d:da:a6:22:57:f7:aa:78:52:c1:
8d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C0:81:0C:0E:1C:6E:4C:C7:96:A5:07:2A:31:34:97:2F:54:08:FF
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/33362e3235352e39342e302f32332d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.255.94.0/23
Signature Algorithm: sha256WithRSAEncryption
94:aa:a6:69:7c:ed:2f:15:e5:cc:15:e7:18:c6:57:87:e0:6f:
ba:13:0a:0c:c2:2f:63:80:a5:09:e1:4d:8d:24:06:78:6d:15:
b9:3a:13:78:cc:a5:35:18:12:8e:0b:93:d6:e9:6c:13:e8:83:
de:05:a6:04:50:46:77:e7:f5:c4:bc:09:12:4e:6d:6f:2f:70:
a6:3e:b0:4a:44:40:22:76:2e:34:d6:59:f9:69:5d:92:23:49:
de:d1:3a:12:ce:36:09:1f:3c:9d:4c:62:2b:a7:94:73:cf:74:
0c:17:c4:82:ee:08:90:2f:89:3a:96:2e:68:d6:c0:04:aa:85:
61:ad:83:ec:06:b3:bf:8d:8d:78:8e:32:04:de:58:ae:97:16:
34:f5:3d:59:9b:6d:7a:a2:aa:32:15:e5:c8:76:ac:13:a3:1c:
ef:f6:8c:59:fd:96:ea:09:bf:18:a1:fd:f3:00:c6:6f:7e:0e:
ae:95:c8:cb:ea:46:b6:7d:81:b9:0b:28:b3:19:e5:d6:92:de:
79:79:07:22:07:ba:20:60:ff:80:fd:e5:0d:95:ef:d1:3a:69:
18:ad:81:27:d3:a6:bf:6b:f7:2b:bd:6c:47:b3:b0:7f:85:96:
87:61:1f:7c:ef:44:14:96:5b:0d:6b:dc:ca:3d:78:95:ba:00:
6f:20:7f:68
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUeYNc/5ILCFA8hKu0Ncch8/918tMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTA5MjMwNTM3MjVaFw0yNjA5MjIwNTQyMjVaMDMxMTAvBgNV
BAMTKDA4QzA4MTBDMEUxQzZFNENDNzk2QTUwNzJBMzEzNDk3MkY1NDA4RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfAzWRRmFthMVpG9z9iM3mm53Y
0Mlpmw237tS0s2IVphcKOuq3eHYLBhyYSBXFyoxBKDfD8fQq2N8WFZ/noT2hulZb
Uf3Iu39Nxazi2w5cY/weT1wW+W5SfydL09R+jk4Y7Ubwi17svDztDBMfdnDOzdfR
K8lMXFuJGutEnzLiN585J6b9KegTwFB8QV9AM4Eobjipwz2iX2k9QCArDvIs4hTM
jbPmwc3oLrRtKK6hOu7iJl916VUDtQ/oKythziuctO/1I2U33zbYdBsqnhylR2nS
27gS0uX8RK9eB2FCRiTJyJci4Vh0W2cqY1wlCzMefn7aTdqmIlf3qnhSwY2bAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUCMCBDA4cbkzHlqUHKjE0ly9UCP8wHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzMzNjJlMzIzNTM1MmUzOTM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzkzMzMwMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEk/14w
DQYJKoZIhvcNAQELBQADggEBAJSqpml87S8V5cwV5xjGV4fgb7oTCgzCL2OApQnh
TY0kBnhtFbk6E3jMpTUYEo4Lk9bpbBPog94FpgRQRnfn9cS8CRJObW8vcKY+sEpE
QCJ2LjTWWflpXZIjSd7ROhLONgkfPJ1MYiunlHPPdAwXxILuCJAviTqWLmjWwASq
hWGtg+wGs7+NjXiOMgTeWK6XFjT1PVmbbXqiqjIV5ch2rBOjHO/2jFn9luoJvxih
/fMAxm9+Dq6VyMvqRrZ9gbkLKLMZ5daS3nl5ByIHuiBg/4D95Q2V79E6aRitgSfT
pr9r9yu9bEezsH+FlodhH3zvRBSWWw1r3Mo9eJW6AG8gf2g=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:33 2025 by rpki-client