Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
File: AS3257.roa (raw, json)
Hash identifier: 8Q7d2UtwURIfJt4WQVwEMPrva64nh6dsno806Acng1U=
Subject key identifier: E9:41:5F:66:9D:6E:80:DD:17:0F:03:DD:82:A7:41:73:F2:16:4D:C5
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 29C048BA312A0D81762EA3B5361E53998B0C1F97
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
Signing time: Wed 11 Jun 2025 12:55:38 +0000
ROA not before: Wed 11 Jun 2025 12:50:38 +0000
ROA not after: Wed 10 Jun 2026 12:55:38 +0000
asID: 3257
IP address blocks: 5.252.77.0/24 maxlen: 24
5.253.202.0/24 maxlen: 24
45.93.45.0/24 maxlen: 24
45.93.47.0/24 maxlen: 24
45.95.13.0/24 maxlen: 24
45.95.23.0/24 maxlen: 24
45.137.30.0/24 maxlen: 24
149.62.42.0/24 maxlen: 24
149.62.43.0/24 maxlen: 24
179.61.163.0/24 maxlen: 24
179.61.180.0/24 maxlen: 24
181.214.6.0/24 maxlen: 24
181.214.8.0/24 maxlen: 24
181.214.37.0/24 maxlen: 24
181.214.186.0/24 maxlen: 24
181.214.206.0/24 maxlen: 24
191.96.48.0/24 maxlen: 24
191.101.209.0/24 maxlen: 24
2a06:2b81::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:c0:48:ba:31:2a:0d:81:76:2e:a3:b5:36:1e:53:99:8b:0c:1f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 11 12:50:38 2025 GMT
Not After : Jun 10 12:55:38 2026 GMT
Subject: CN=E9415F669D6E80DD170F03DD82A74173F2164DC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4a:bd:d4:08:e8:b1:75:29:3f:0e:09:0f:4c:
ed:79:0a:a1:e2:4d:27:7c:03:e1:32:4b:06:bb:70:
d3:ca:d0:af:c7:85:8e:72:f4:cb:2a:23:91:31:ae:
1d:56:d7:96:40:b9:09:83:3b:ef:85:a4:0e:a1:a8:
8d:47:43:84:68:89:6a:46:ed:fe:35:d2:d7:d0:bb:
69:03:46:d8:41:60:a2:53:65:89:b6:fc:71:72:5a:
4c:ec:9a:22:dd:ce:41:76:0b:41:7a:1c:91:7a:e3:
e6:50:1e:08:0e:bb:e4:47:35:a1:98:af:02:eb:83:
48:c2:d0:cd:79:be:28:f0:ef:a4:33:17:cb:2a:07:
5b:7b:95:34:87:8d:10:e7:80:72:04:3c:3e:22:f7:
03:b6:da:50:91:e3:ec:6f:e3:f5:9b:05:b8:81:bc:
2b:b0:cf:0b:da:7f:6b:a6:a0:50:77:43:8b:f3:c6:
a2:84:76:4b:58:78:08:ea:03:72:e0:a6:6b:ea:a1:
d7:f8:b9:de:1f:e6:17:87:f8:96:6e:5a:79:48:11:
65:93:27:36:00:38:db:63:d4:d4:eb:e0:8d:8b:56:
24:42:df:74:19:2c:3c:6d:c9:17:db:c2:51:90:3e:
f6:95:4b:9d:4b:95:e4:10:61:8f:fb:4f:50:05:90:
53:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:41:5F:66:9D:6E:80:DD:17:0F:03:DD:82:A7:41:73:F2:16:4D:C5
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.77.0/24
5.253.202.0/24
45.93.45.0/24
45.93.47.0/24
45.95.13.0/24
45.95.23.0/24
45.137.30.0/24
149.62.42.0/23
179.61.163.0/24
179.61.180.0/24
181.214.6.0/24
181.214.8.0/24
181.214.37.0/24
181.214.186.0/24
181.214.206.0/24
191.96.48.0/24
191.101.209.0/24
IPv6:
2a06:2b81::/32
Signature Algorithm: sha256WithRSAEncryption
07:94:86:64:16:ae:ff:4c:8f:07:85:5c:16:74:5c:da:e7:a8:
e2:80:63:8d:db:1d:d0:65:8f:ad:1c:cd:43:5a:0f:a0:c5:15:
8a:f1:7d:93:0e:af:67:6f:85:62:3c:c6:f6:fe:32:ee:bd:a6:
a9:9f:13:e9:ea:cc:f2:3e:33:d1:9f:f2:07:a4:70:55:20:20:
85:ea:65:65:59:21:13:c1:49:a5:31:9f:94:12:54:24:90:c7:
2d:9e:e3:ce:44:af:7f:bb:73:b3:c9:b2:37:b6:66:7e:3a:2b:
e0:7e:07:56:fc:04:e1:d8:29:51:cf:e1:f0:cd:f1:aa:6d:0e:
05:3f:18:32:59:8a:b7:06:7f:09:f7:fa:40:a2:80:18:66:d1:
a6:5a:9c:86:cc:f3:cf:ba:17:aa:0b:f3:20:2e:54:7f:e2:0b:
fd:6a:8a:2f:52:f5:24:6c:f8:a8:67:79:c4:b6:61:fe:0c:4c:
9c:5c:99:a1:69:d2:f7:f4:bb:f1:f5:9b:eb:78:f0:ed:3e:f0:
b9:26:f6:41:0d:7b:a6:6c:9a:39:c0:45:30:29:ef:9a:e1:fb:
5c:cf:44:d9:a1:e7:14:a5:04:e8:0b:ca:9a:23:a0:54:de:87:
a7:9c:08:fe:e8:6d:38:35:00:15:48:1d:fb:42:0b:b9:2f:ee:
17:9f:67:0f
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUKcBIujEqDYF2LqO1Nh5TmYsMH5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MTExMjUwMzhaFw0yNjA2MTAxMjU1MzhaMDMxMTAvBgNV
BAMTKEU5NDE1RjY2OUQ2RTgwREQxNzBGMDNERDgyQTc0MTczRjIxNjREQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzSr3UCOixdSk/DgkPTO15CqHi
TSd8A+EySwa7cNPK0K/HhY5y9MsqI5Exrh1W15ZAuQmDO++FpA6hqI1HQ4RoiWpG
7f410tfQu2kDRthBYKJTZYm2/HFyWkzsmiLdzkF2C0F6HJF64+ZQHggOu+RHNaGY
rwLrg0jC0M15vijw76QzF8sqB1t7lTSHjRDngHIEPD4i9wO22lCR4+xv4/WbBbiB
vCuwzwvaf2umoFB3Q4vzxqKEdktYeAjqA3Lgpmvqodf4ud4f5heH+JZuWnlIEWWT
JzYAONtj1NTr4I2LViRC33QZLDxtyRfbwlGQPvaVS51LleQQYY/7T1AFkFOfAgMB
AAGjggJ4MIICdDAdBgNVHQ4EFgQU6UFfZp1ugN0XDwPdgqdBc/IWTcUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBjgYIKwYBBQUHAQcBAf8EfzB9MGwEAgABMGYDBAAF/E0D
BAAF/coDBAAtXS0DBAAtXS8DBAAtXw0DBAAtXxcDBAAtiR4DBAGVPioDBACzPaMD
BACzPbQDBAC11gYDBAC11ggDBAC11iUDBAC11roDBAC11s4DBAC/YDADBAC/ZdEw
DQQCAAIwBwMFACoGK4EwDQYJKoZIhvcNAQELBQADggEBAAeUhmQWrv9MjweFXBZ0
XNrnqOKAY43bHdBlj60czUNaD6DFFYrxfZMOr2dvhWI8xvb+Mu69pqmfE+nqzPI+
M9Gf8gekcFUgIIXqZWVZIRPBSaUxn5QSVCSQxy2e485Er3+7c7PJsje2Zn46K+B+
B1b8BOHYKVHP4fDN8aptDgU/GDJZircGfwn3+kCigBhm0aZanIbM88+6F6oL8yAu
VH/iC/1qii9S9SRs+KhnecS2Yf4MTJxcmaFp0vf0u/H1m+t48O0+8Lkm9kENe6Zs
mjnARTAp75rh+1zPRNmh5xSlBOgLypojoFTeh6ecCP7obTg1ABVIHftCC7kv7hef
Zw8=
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:05:17 2025 by rpki-client