Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/33362e3235352e39322e302f32332d3234203d3e203230343733.roa
File: 33362e3235352e39322e302f32332d3234203d3e203230343733.roa (raw, json)
Hash identifier: n+NW7CIboSad7G7qrJiCYcaG5y4V5KnwqXZRxtAjPBQ=
Subject key identifier: CF:01:55:DE:66:5C:06:DB:D2:85:7A:33:FA:89:BF:D3:8D:1A:70:01
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 08F4FE5533B6F54542F1605AEAD5365D8F9D4A59
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/33362e3235352e39322e302f32332d3234203d3e203230343733.roa
Signing time: Wed 21 May 2025 07:50:21 +0000
ROA not before: Wed 21 May 2025 07:45:21 +0000
ROA not after: Wed 20 May 2026 07:50:21 +0000
asID: 20473
IP address blocks: 36.255.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:f4:fe:55:33:b6:f5:45:42:f1:60:5a:ea:d5:36:5d:8f:9d:4a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: May 21 07:45:21 2025 GMT
Not After : May 20 07:50:21 2026 GMT
Subject: CN=CF0155DE665C06DBD2857A33FA89BFD38D1A7001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e3:dd:4c:d8:60:bc:16:21:6e:9f:70:4e:ed:
60:11:1f:84:dc:b3:10:61:85:a5:7a:b4:8f:38:90:
14:a7:d2:ef:25:29:2d:2d:b6:8f:51:e1:a0:49:5a:
6c:09:67:7c:bd:f2:9c:82:76:ba:e3:3d:2c:3e:01:
b6:b3:30:48:bd:53:2e:19:18:34:bc:90:d1:aa:b4:
60:8a:09:1a:8e:ec:96:5a:14:f7:6c:40:79:75:be:
d3:06:cb:fd:97:06:0f:7d:ff:de:66:15:00:e1:4b:
05:ed:bf:54:ae:08:c3:50:54:38:a0:2e:93:be:dc:
b3:81:84:1b:40:8e:82:2b:72:e0:6f:c3:ce:9b:d0:
7d:b0:18:99:6e:00:3b:87:9d:f3:c8:0d:7d:ab:1b:
71:f7:8b:68:9a:a3:5c:fa:e7:6d:43:b2:0e:93:bd:
e7:e2:e9:93:6f:8c:c5:da:83:30:67:c1:14:2d:56:
f6:b5:5c:e1:76:87:89:fa:41:4a:b6:0a:3c:6a:fc:
a9:34:8b:49:9d:75:ec:ac:2e:81:39:fc:30:c2:01:
a7:1a:be:4c:db:fd:35:e5:f6:fd:94:a0:d0:38:4e:
06:e1:eb:e1:b2:13:a1:75:7f:a7:b0:c4:48:23:46:
fd:50:7d:6c:8a:fb:ad:c2:87:bf:17:ae:e9:7e:fc:
81:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:01:55:DE:66:5C:06:DB:D2:85:7A:33:FA:89:BF:D3:8D:1A:70:01
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/33362e3235352e39322e302f32332d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.255.92.0/23
Signature Algorithm: sha256WithRSAEncryption
03:af:2b:07:8b:08:b2:04:25:06:73:93:34:00:e3:59:ab:27:
e7:3e:fe:ed:c2:7f:19:e8:aa:04:55:61:56:b3:c0:64:b6:94:
2b:38:39:27:70:2c:e3:3b:44:05:38:24:db:3a:42:23:38:02:
10:4b:81:39:77:e0:28:98:93:f3:79:df:ea:31:06:6b:a2:c4:
e4:5a:5c:7d:9f:65:1f:27:c9:28:9e:8b:96:0c:bb:7f:95:52:
7b:e6:14:6a:2c:18:98:68:da:d3:2c:9c:d4:9e:b6:2a:80:1b:
8d:8a:ee:d3:4f:16:3c:cf:9a:b8:81:e1:33:12:55:3e:49:b7:
5c:d8:22:8f:19:6c:3d:f1:4b:61:38:f8:7b:b8:85:c2:22:66:
9b:f8:33:14:17:02:94:53:58:44:26:b0:86:dc:df:43:f5:60:
cb:5e:92:05:ce:0a:0b:24:99:dd:b8:d4:b2:dc:3d:c9:dc:44:
5b:05:48:17:88:16:ec:53:62:38:85:5a:8c:6a:28:da:88:e8:
33:03:6b:23:c4:6c:42:38:11:9f:c9:f9:20:4b:5e:ce:75:57:
8c:c4:65:3c:80:e7:6e:23:26:80:1f:9b:c0:9b:13:fc:cb:09:
d1:f0:87:3f:4b:44:fc:f8:d7:95:72:7f:c2:29:ca:f8:8f:6f:
ef:b6:8b:4a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCPT+VTO29UVC8WBa6tU2XY+dSlkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTA1MjEwNzQ1MjFaFw0yNjA1MjAwNzUwMjFaMDMxMTAvBgNV
BAMTKENGMDE1NURFNjY1QzA2REJEMjg1N0EzM0ZBODlCRkQzOEQxQTcwMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg491M2GC8FiFun3BO7WARH4Tc
sxBhhaV6tI84kBSn0u8lKS0tto9R4aBJWmwJZ3y98pyCdrrjPSw+AbazMEi9Uy4Z
GDS8kNGqtGCKCRqO7JZaFPdsQHl1vtMGy/2XBg99/95mFQDhSwXtv1SuCMNQVDig
LpO+3LOBhBtAjoIrcuBvw86b0H2wGJluADuHnfPIDX2rG3H3i2iao1z6521Dsg6T
vefi6ZNvjMXagzBnwRQtVva1XOF2h4n6QUq2Cjxq/Kk0i0mddeysLoE5/DDCAaca
vkzb/TXl9v2UoNA4Tgbh6+GyE6F1f6ewxEgjRv1QfWyK+63Ch78Xrul+/IHZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUzwFV3mZcBtvShXoz+om/040acAEwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzMzNjJlMzIzNTM1MmUzOTMy
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzMDM0MzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAST/
XDANBgkqhkiG9w0BAQsFAAOCAQEAA68rB4sIsgQlBnOTNADjWasn5z7+7cJ/Geiq
BFVhVrPAZLaUKzg5J3As4ztEBTgk2zpCIzgCEEuBOXfgKJiT83nf6jEGa6LE5Fpc
fZ9lHyfJKJ6Llgy7f5VSe+YUaiwYmGja0yyc1J62KoAbjYru008WPM+auIHhMxJV
Pkm3XNgijxlsPfFLYTj4e7iFwiJmm/gzFBcClFNYRCawhtzfQ/Vgy16SBc4KCySZ
3bjUstw9ydxEWwVIF4gW7FNiOIVajGoo2ojoMwNrI8RsQjgRn8n5IEteznVXjMRl
PIDnbiMmgB+bwJsT/MsJ0fCHP0tE/PjXlXJ/winK+I9v77aLSg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 22:38:59 2025 by rpki-client