Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
File: AS36530.roa (raw, json)
Hash identifier: fKdWyol1JEf4qSVuq5NLpJjSxmAmr2+RKI4Wp34VHBM=
Subject key identifier: 57:97:7E:23:A1:1B:1A:50:B0:5B:73:3B:F8:09:60:56:56:9F:78:BA
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1240AC98EE21C8DF325CC5A1289D1345745B730F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
Signing time: Fri 08 Aug 2025 16:34:10 +0000
ROA not before: Fri 08 Aug 2025 16:29:10 +0000
ROA not after: Fri 07 Aug 2026 16:34:10 +0000
asID: 36530
IP address blocks: 96.62.115.0/24 maxlen: 24
96.62.152.0/24 maxlen: 24
143.14.1.0/24 maxlen: 24
143.14.226.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.136.0/24 maxlen: 24
155.117.137.0/24 maxlen: 24
155.117.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:40:ac:98:ee:21:c8:df:32:5c:c5:a1:28:9d:13:45:74:5b:73:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 8 16:29:10 2025 GMT
Not After : Aug 7 16:34:10 2026 GMT
Subject: CN=57977E23A11B1A50B05B733BF8096056569F78BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:89:0a:d6:13:45:ba:52:04:8b:29:f7:1e:d0:
5c:53:37:cd:5e:33:c4:60:d6:19:eb:1b:67:b9:ac:
3d:b0:03:4b:43:40:6c:08:d1:3b:b0:6f:f0:72:b6:
dd:ec:62:c8:1f:cf:b0:fb:58:00:ac:d0:c5:11:4b:
50:65:cc:4f:79:02:a1:fb:a7:79:b7:23:68:ca:1e:
e4:e3:fa:a2:0e:4c:6e:43:c9:48:7a:33:a9:38:20:
14:e6:d9:32:f4:92:87:6d:92:5e:5b:6c:a9:62:0c:
a4:00:b1:e2:00:64:59:7c:31:d9:4f:f6:24:71:9b:
70:a8:bf:e9:99:66:6f:61:6a:6f:38:51:06:44:40:
7f:23:6d:12:2c:1f:9d:5a:ee:0a:0a:48:46:b8:b1:
4d:fa:a3:64:5c:7c:2d:9a:36:e4:75:8a:38:be:5b:
e7:5b:03:8b:58:96:4c:18:97:8a:16:1a:87:ef:a8:
03:52:60:a3:77:2c:dc:cd:44:a8:17:33:6b:3b:2d:
4c:fe:e1:7d:7e:f6:b3:7b:40:56:0f:c0:bf:c2:ef:
bb:4a:cd:a7:fd:19:a3:28:12:72:48:b8:56:d2:b3:
42:08:f8:26:0f:52:26:33:82:83:4b:50:5a:9f:d1:
07:63:93:f0:d5:dd:92:6f:58:d7:cf:80:c5:fc:44:
50:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:97:7E:23:A1:1B:1A:50:B0:5B:73:3B:F8:09:60:56:56:9F:78:BA
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.115.0/24
96.62.152.0/24
143.14.1.0/24
143.14.226.0/24
148.135.181.0/24
155.117.127.0/24
155.117.136.0/23
155.117.201.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:35:63:68:5a:35:0f:d3:fa:4a:c6:f9:d2:4f:50:b4:13:ab:
46:ae:70:87:a8:7c:4c:8e:61:1e:05:1b:d5:c4:29:b7:31:a3:
b3:a1:69:85:2c:ba:35:4b:17:bf:da:05:88:16:dc:6e:e3:72:
06:26:97:72:74:ee:3d:b5:18:60:55:69:db:9d:6d:60:64:a8:
79:ad:c6:72:cb:66:9e:61:d7:e4:a7:7c:37:00:90:53:85:45:
23:78:a8:ad:ac:36:15:00:23:a8:1f:52:3e:6b:37:ae:66:f7:
69:68:10:bd:d9:39:a9:f1:db:a7:9d:79:a4:9d:2b:77:98:ac:
17:d8:cb:79:bf:d4:0c:c1:11:04:db:02:3d:52:1a:1e:60:6f:
3a:9c:cc:70:6c:3a:fb:c7:bb:d6:44:27:e7:19:13:8a:9d:d9:
18:be:0e:0b:e2:7e:95:3d:6d:32:64:b0:0e:8c:91:29:55:c2:
91:72:36:8a:f9:9b:34:16:0b:ce:d6:f5:b9:27:fa:1c:01:24:
5e:d8:e7:c6:3b:c5:5d:05:6b:53:6c:36:5e:58:d2:47:5b:f6:
3d:19:77:80:57:1a:2f:d4:e5:91:49:ca:59:01:5d:01:f8:fb:
44:0d:98:de:2d:10:d8:32:14:32:f2:b3:7e:1b:ea:43:a2:ea:
a6:60:bc:aa
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUEkCsmO4hyN8yXMWhKJ0TRXRbcw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDgxNjI5MTBaFw0yNjA4MDcxNjM0MTBaMDMxMTAvBgNV
BAMTKDU3OTc3RTIzQTExQjFBNTBCMDVCNzMzQkY4MDk2MDU2NTY5Rjc4QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCriQrWE0W6UgSLKfce0FxTN81e
M8Rg1hnrG2e5rD2wA0tDQGwI0Tuwb/Bytt3sYsgfz7D7WACs0MURS1BlzE95AqH7
p3m3I2jKHuTj+qIOTG5DyUh6M6k4IBTm2TL0kodtkl5bbKliDKQAseIAZFl8MdlP
9iRxm3Cov+mZZm9ham84UQZEQH8jbRIsH51a7goKSEa4sU36o2RcfC2aNuR1iji+
W+dbA4tYlkwYl4oWGofvqANSYKN3LNzNRKgXM2s7LUz+4X1+9rN7QFYPwL/C77tK
zaf9GaMoEnJIuFbSs0II+CYPUiYzgoNLUFqf0Qdjk/DV3ZJvWNfPgMX8RFDPAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUV5d+I6EbGlCwW3M7+AlgVlafeLowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzY1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABgPnMD
BABgPpgDBACPDgEDBACPDuIDBACUh7UDBACbdX8DBAGbdYgDBACbdckwDQYJKoZI
hvcNAQELBQADggEBAFw1Y2haNQ/T+krG+dJPULQTq0aucIeofEyOYR4FG9XEKbcx
o7OhaYUsujVLF7/aBYgW3G7jcgYml3J07j21GGBVadudbWBkqHmtxnLLZp5h1+Sn
fDcAkFOFRSN4qK2sNhUAI6gfUj5rN65m92loEL3ZOanx26edeaSdK3eYrBfYy3m/
1AzBEQTbAj1SGh5gbzqczHBsOvvHu9ZEJ+cZE4qd2Ri+DgvifpU9bTJksA6MkSlV
wpFyNor5mzQWC87W9bkn+hwBJF7Y58Y7xV0Fa1NsNl5Y0kdb9j0Zd4BXGi/U5ZFJ
ylkBXQH4+0QNmN4tENgyFDLys34b6kOi6qZgvKo=
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:53:35 2025 by rpki-client