Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
File: AS36530.roa (raw, json)
Hash identifier: SH3lnz64oiehfDdDn0XrHZ8xESNl2CqyTVvcEtZTsdY=
Subject key identifier: 19:8E:84:06:04:6E:50:7D:55:A7:BA:F4:8B:E9:10:9C:DF:78:59:EB
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 045D4E65DBBB94743214496248DBEE7C57D4E6AC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
Signing time: Tue 30 Sep 2025 00:05:44 +0000
ROA not before: Tue 30 Sep 2025 00:00:44 +0000
ROA not after: Tue 29 Sep 2026 00:05:44 +0000
asID: 36530
IP address blocks: 96.62.115.0/24 maxlen: 24
96.62.152.0/24 maxlen: 24
143.14.1.0/24 maxlen: 24
143.14.226.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.136.0/24 maxlen: 24
155.117.137.0/24 maxlen: 24
155.117.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:5d:4e:65:db:bb:94:74:32:14:49:62:48:db:ee:7c:57:d4:e6:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 30 00:00:44 2025 GMT
Not After : Sep 29 00:05:44 2026 GMT
Subject: CN=198E8406046E507D55A7BAF48BE9109CDF7859EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:00:2a:4e:73:cc:9d:d2:3c:50:e6:9a:0a:83:
6f:d5:64:76:74:12:41:ad:8c:8f:c2:ae:04:84:68:
06:25:9d:92:40:ea:12:a8:98:48:8e:80:7e:64:da:
18:92:ab:77:f7:7e:ea:f3:57:f7:93:b1:52:6d:6d:
98:f1:b1:4e:a9:71:9a:a5:a4:c1:ce:f6:20:bb:e5:
14:ce:9d:19:5d:bc:c6:89:6c:55:3a:60:c1:df:1d:
28:ef:16:fa:1e:13:f3:69:3a:19:41:92:45:5c:dc:
d1:24:e4:12:e7:16:0d:98:68:ba:c5:4c:7c:00:ea:
bb:c8:ef:2e:c3:12:61:9d:9e:05:5b:c3:09:c5:c8:
a0:78:ca:47:3a:0c:b9:bd:32:ad:f8:5e:13:74:01:
94:fa:04:74:70:8d:c9:34:d9:70:84:63:6c:e6:12:
22:48:66:c4:b5:2b:49:d0:b3:2f:5c:6f:44:10:2e:
67:8d:e6:1b:79:5a:72:ca:6e:d5:93:79:a1:94:40:
3a:dc:42:36:c3:98:cb:3e:a4:c2:09:7c:9e:8c:29:
48:99:14:5d:d8:12:43:42:07:47:3d:39:66:bb:ab:
a5:1e:d4:66:92:e9:62:d7:55:0d:3a:77:e9:b6:b3:
e3:e0:8a:4c:56:27:38:00:d8:e5:bb:5f:7c:20:05:
be:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8E:84:06:04:6E:50:7D:55:A7:BA:F4:8B:E9:10:9C:DF:78:59:EB
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.115.0/24
96.62.152.0/24
143.14.1.0/24
143.14.226.0/24
148.135.181.0/24
155.117.6.0/24
155.117.127.0/24
155.117.136.0/23
155.117.197.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:d3:4f:6c:3c:5f:5d:41:11:31:57:9e:ac:70:0f:20:ea:c5:
60:5c:10:7a:7c:2e:6e:45:28:72:c1:db:9e:4f:e4:02:10:af:
d1:6d:dd:0d:82:2b:dd:9a:06:1f:07:f9:48:94:0c:ce:40:fb:
2f:84:f2:2d:41:78:be:3d:f8:c8:6a:6b:ce:05:11:62:ab:25:
bf:9c:e3:0b:0c:7d:98:5a:ff:86:69:eb:fc:08:3b:7a:e9:70:
57:a2:b8:83:09:1c:a4:1c:98:dd:7f:6e:fe:6b:3b:e1:b1:c4:
3c:34:be:58:38:ff:7b:36:f4:9a:ff:6d:b8:02:13:c4:57:04:
e4:4d:27:33:ac:18:1a:14:64:72:8b:bf:f9:aa:60:28:ce:c6:
dd:3b:78:f5:6c:78:77:b1:db:fb:8f:dd:62:ff:f4:3c:83:41:
df:34:0e:8b:9c:f3:9b:a9:b7:e2:31:ce:d9:5f:98:15:45:7e:
db:32:8b:a0:c8:ea:97:bb:fb:ef:35:1e:df:ed:ae:78:ec:ef:
cf:07:12:ac:d0:60:ab:c6:4c:07:d3:00:55:58:6f:e5:6b:ef:
97:40:19:3b:08:24:32:a1:e0:20:3c:00:8e:97:55:82:8c:2a:
fc:88:b4:cb:9f:85:2c:68:63:47:ac:c4:a7:04:73:57:02:7b:
ae:23:db:45
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUBF1OZdu7lHQyFEliSNvufFfU5qwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MzAwMDAwNDRaFw0yNjA5MjkwMDA1NDRaMDMxMTAvBgNV
BAMTKDE5OEU4NDA2MDQ2RTUwN0Q1NUE3QkFGNDhCRTkxMDlDREY3ODU5RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVACpOc8yd0jxQ5poKg2/VZHZ0
EkGtjI/CrgSEaAYlnZJA6hKomEiOgH5k2hiSq3f3furzV/eTsVJtbZjxsU6pcZql
pMHO9iC75RTOnRldvMaJbFU6YMHfHSjvFvoeE/NpOhlBkkVc3NEk5BLnFg2YaLrF
THwA6rvI7y7DEmGdngVbwwnFyKB4ykc6DLm9Mq34XhN0AZT6BHRwjck02XCEY2zm
EiJIZsS1K0nQsy9cb0QQLmeN5ht5WnLKbtWTeaGUQDrcQjbDmMs+pMIJfJ6MKUiZ
FF3YEkNCB0c9OWa7q6Ue1GaS6WLXVQ06d+m2s+PgikxWJzgA2OW7X3wgBb5NAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUGY6EBgRuUH1Vp7r0i+kQnN94WeswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzY1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBABgPnMD
BABgPpgDBACPDgEDBACPDuIDBACUh7UDBACbdQYDBACbdX8DBAGbdYgDBACbdcUw
DQYJKoZIhvcNAQELBQADggEBAKfTT2w8X11BETFXnqxwDyDqxWBcEHp8Lm5FKHLB
255P5AIQr9Ft3Q2CK92aBh8H+UiUDM5A+y+E8i1BeL49+Mhqa84FEWKrJb+c4wsM
fZha/4Zp6/wIO3rpcFeiuIMJHKQcmN1/bv5rO+GxxDw0vlg4/3s29Jr/bbgCE8RX
BORNJzOsGBoUZHKLv/mqYCjOxt07ePVseHex2/uP3WL/9DyDQd80Douc85upt+Ix
ztlfmBVFftsyi6DI6pe7++81Ht/trnjs788HEqzQYKvGTAfTAFVYb+Vr75dAGTsI
JDKh4CA8AI6XVYKMKvyItMufhSxoY0esxKcEc1cCe64j20U=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:50:50 2025 by rpki-client