Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36352.roa
File: AS36352.roa (raw, json)
Hash identifier: uMWyb1Emx5JeCqBthyHJRG0ptKWFqYWzppPf6cmm1b8=
Subject key identifier: FB:C6:E5:22:2F:25:46:E2:F2:EE:6B:22:CA:7E:FB:BC:B6:0D:03:04
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 365A58C3F98823E0B7463F2E6ACBAA120E528E42
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36352.roa
Signing time: Thu 14 Aug 2025 06:57:03 +0000
ROA not before: Thu 14 Aug 2025 06:52:03 +0000
ROA not after: Thu 13 Aug 2026 06:57:03 +0000
asID: 36352
IP address blocks: 143.14.71.0/24 maxlen: 24
155.117.15.0/24 maxlen: 24
162.141.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:5a:58:c3:f9:88:23:e0:b7:46:3f:2e:6a:cb:aa:12:0e:52:8e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 14 06:52:03 2025 GMT
Not After : Aug 13 06:57:03 2026 GMT
Subject: CN=FBC6E5222F2546E2F2EE6B22CA7EFBBCB60D0304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6c:a0:93:60:89:84:19:5f:bb:c9:e2:7a:aa:
b0:c4:00:02:ef:95:bb:52:56:0d:3a:ec:c2:7a:f7:
57:45:94:1c:4d:13:81:c5:13:ad:91:4b:86:a6:a3:
7b:29:0c:d7:d5:a9:5f:02:80:b2:38:6e:24:d1:f8:
e2:96:b0:c8:6f:7f:49:fe:7a:b4:84:20:63:b2:9f:
c3:eb:24:af:f0:5c:07:a7:67:b2:25:d3:eb:bd:fc:
99:5b:a4:60:7f:9b:aa:72:fd:86:5c:77:a1:6b:44:
06:a3:de:5c:27:d9:e6:7a:77:c2:d8:24:2e:52:0c:
da:a3:6f:bf:1c:2f:0f:77:49:26:13:86:8d:7e:1a:
4c:f2:6f:2e:0a:5c:e6:41:06:3d:2a:27:f3:3b:c1:
ac:a3:10:c7:9e:ae:e3:f5:17:a9:81:29:cb:47:b4:
39:84:72:29:80:0e:ca:51:65:10:d7:10:e2:42:86:
f5:77:11:42:2e:23:f6:e8:9d:7d:6b:28:62:d7:04:
09:c0:8f:a1:56:75:98:73:69:2d:7d:60:ed:20:be:
80:1f:d4:43:a5:6b:39:4d:94:3f:ff:61:af:ad:8c:
13:3d:94:b2:c8:6a:86:c0:fb:fc:91:f5:65:47:60:
e7:29:78:17:da:a5:13:6d:d5:b4:b0:23:79:85:83:
a6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C6:E5:22:2F:25:46:E2:F2:EE:6B:22:CA:7E:FB:BC:B6:0D:03:04
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36352.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.71.0/24
155.117.15.0/24
162.141.48.0/24
Signature Algorithm: sha256WithRSAEncryption
80:f6:52:ca:4c:ec:60:51:0e:1a:dc:b4:bf:3a:ad:81:14:cb:
ac:9e:69:d0:7e:c9:44:21:53:b4:89:a4:af:a6:0c:20:7e:4f:
38:8a:87:64:46:d8:84:6b:2c:24:14:8c:d4:07:ff:64:46:31:
c9:c9:38:1a:17:c5:17:45:61:75:d6:cc:45:76:da:09:c1:91:
99:5a:95:19:ed:25:88:e2:d5:21:ec:42:45:0c:29:b0:92:46:
f3:ce:d7:47:41:05:54:7d:10:e6:21:5b:97:c0:7b:f5:7c:09:
60:72:b7:05:1d:81:7e:4c:73:25:0d:e1:28:0a:60:29:5f:52:
5a:3d:1a:5b:23:05:81:fd:e0:cf:1f:00:a3:0c:ae:ed:69:01:
4e:b4:48:6b:54:99:a9:1e:7f:9b:9d:30:88:e2:f2:20:89:47:
16:f5:3b:b8:9f:15:75:eb:28:e3:3a:03:bd:d5:41:1c:c5:e8:
5c:2a:6d:55:19:26:a3:f1:e8:3d:7f:54:9b:e3:00:22:d2:82:
04:c1:0d:4e:e0:4a:7a:1d:32:69:d5:55:15:2d:a5:ab:52:b2:
c4:00:a6:d8:fe:86:77:62:b3:2a:80:24:36:36:e0:03:22:24:
a1:3a:0e:f3:29:dd:aa:4d:59:71:e0:1b:ae:88:c5:e8:ad:b9:
56:78:92:6b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUNlpYw/mII+C3Rj8uasuqEg5SjkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTQwNjUyMDNaFw0yNjA4MTMwNjU3MDNaMDMxMTAvBgNV
BAMTKEZCQzZFNTIyMkYyNTQ2RTJGMkVFNkIyMkNBN0VGQkJDQjYwRDAzMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAbKCTYImEGV+7yeJ6qrDEAALv
lbtSVg067MJ691dFlBxNE4HFE62RS4amo3spDNfVqV8CgLI4biTR+OKWsMhvf0n+
erSEIGOyn8PrJK/wXAenZ7Il0+u9/JlbpGB/m6py/YZcd6FrRAaj3lwn2eZ6d8LY
JC5SDNqjb78cLw93SSYTho1+Gkzyby4KXOZBBj0qJ/M7wayjEMeeruP1F6mBKctH
tDmEcimADspRZRDXEOJChvV3EUIuI/bonX1rKGLXBAnAj6FWdZhzaS19YO0gvoAf
1EOlazlNlD//Ya+tjBM9lLLIaobA+/yR9WVHYOcpeBfapRNt1bSwI3mFg6a7AgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU+8blIi8lRuLy7msiyn77vLYNAwQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzYzNTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACPDkcD
BACbdQ8DBACijTAwDQYJKoZIhvcNAQELBQADggEBAID2UspM7GBRDhrctL86rYEU
y6yeadB+yUQhU7SJpK+mDCB+TziKh2RG2IRrLCQUjNQH/2RGMcnJOBoXxRdFYXXW
zEV22gnBkZlalRntJYji1SHsQkUMKbCSRvPO10dBBVR9EOYhW5fAe/V8CWBytwUd
gX5McyUN4SgKYClfUlo9GlsjBYH94M8fAKMMru1pAU60SGtUmakef5udMIji8iCJ
Rxb1O7ifFXXrKOM6A73VQRzF6FwqbVUZJqPx6D1/VJvjACLSggTBDU7gSnodMmnV
VRUtpatSssQAptj+hndisyqAJDY24AMiJKE6DvMp3apNWXHgG66IxeituVZ4kms=
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:53:18 2025 by rpki-client