Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
File: AS3257.roa (raw, json)
Hash identifier: KZiAN2ATUWlswtGFvABjzmPq8Vi+h6qxK6XuVJ0smBU=
Subject key identifier: 65:E6:1E:46:DD:2A:24:ED:C3:D3:2F:E8:5B:9A:ED:B3:B1:49:C0:79
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 229EF1F31F518AD9C2131CBE570AB33355BB3BCA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
Signing time: Mon 04 Aug 2025 14:54:54 +0000
ROA not before: Mon 04 Aug 2025 14:49:54 +0000
ROA not after: Mon 03 Aug 2026 14:54:54 +0000
asID: 3257
IP address blocks: 5.252.77.0/24 maxlen: 24
5.253.202.0/24 maxlen: 24
45.93.45.0/24 maxlen: 24
45.93.47.0/24 maxlen: 24
45.95.13.0/24 maxlen: 24
45.95.23.0/24 maxlen: 24
45.137.30.0/24 maxlen: 24
149.62.42.0/24 maxlen: 24
149.62.43.0/24 maxlen: 24
179.61.163.0/24 maxlen: 24
179.61.180.0/24 maxlen: 24
181.214.6.0/24 maxlen: 24
181.214.8.0/24 maxlen: 24
181.214.37.0/24 maxlen: 24
181.214.186.0/24 maxlen: 24
181.214.206.0/24 maxlen: 24
191.96.48.0/24 maxlen: 24
191.101.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:9e:f1:f3:1f:51:8a:d9:c2:13:1c:be:57:0a:b3:33:55:bb:3b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 4 14:49:54 2025 GMT
Not After : Aug 3 14:54:54 2026 GMT
Subject: CN=65E61E46DD2A24EDC3D32FE85B9AEDB3B149C079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d5:3d:a1:30:1a:dc:b6:31:96:e1:71:7a:1f:
19:57:6a:cf:96:40:cd:ee:b9:f6:66:e5:c6:f4:4f:
39:4d:ad:e1:c9:7e:da:18:ee:d0:44:14:74:45:e8:
30:50:82:48:6e:77:3c:49:a4:86:d8:b2:73:4f:a3:
72:d4:f4:3e:da:20:0e:a6:52:dc:8a:d3:03:9d:c6:
a6:5d:9f:2a:bd:fd:67:89:43:5e:d8:5f:1c:c7:67:
36:27:7a:e6:5f:e8:da:f4:ca:67:e5:2d:53:87:60:
22:c4:4b:9f:ef:e5:be:1d:11:e9:5d:63:d4:eb:2a:
fe:22:b4:d5:d3:ec:93:46:c3:6f:3a:ef:80:59:3e:
d3:84:99:6c:e3:dc:f7:fd:3e:c1:5f:33:3d:06:86:
32:cf:c8:a2:21:89:1c:e0:7f:9c:70:ef:da:25:37:
2c:85:23:10:e8:fd:53:b6:66:da:e8:c0:51:3c:57:
21:bd:fc:82:84:81:e7:d7:8d:21:92:28:8e:c1:7b:
8e:34:1f:d8:81:9f:96:2c:83:f7:1f:71:1c:53:b9:
44:c0:9f:33:24:fe:1f:b2:42:0f:2e:98:b3:0a:5e:
f6:b4:3e:c7:0f:2d:e3:13:f5:11:06:1e:91:31:b4:
0b:a5:d5:cb:9d:ec:d8:00:1d:e4:51:88:04:7a:fa:
11:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E6:1E:46:DD:2A:24:ED:C3:D3:2F:E8:5B:9A:ED:B3:B1:49:C0:79
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.77.0/24
5.253.202.0/24
45.93.45.0/24
45.93.47.0/24
45.95.13.0/24
45.95.23.0/24
45.137.30.0/24
149.62.42.0/23
179.61.163.0/24
179.61.180.0/24
181.214.6.0/24
181.214.8.0/24
181.214.37.0/24
181.214.186.0/24
181.214.206.0/24
191.96.48.0/24
191.101.209.0/24
Signature Algorithm: sha256WithRSAEncryption
06:79:06:e2:18:a3:48:60:71:f3:04:7b:54:75:33:55:91:00:
c8:68:ed:8c:43:a5:46:fc:32:fd:bd:3e:69:f5:31:43:9c:5e:
10:3b:84:86:be:02:56:a2:50:60:bf:e8:78:c8:cd:44:62:d4:
b6:45:3a:d7:93:ad:48:af:59:40:6a:5d:65:3e:c1:eb:79:9e:
fd:ca:ec:3f:04:9f:81:9c:7d:5f:fb:9c:c1:a4:15:6f:1a:dc:
17:41:7c:75:8a:dd:62:34:25:0e:2c:ff:44:71:48:e3:08:0c:
e8:08:f2:66:f5:c4:af:28:46:78:0a:a6:0c:ec:18:25:a8:60:
f2:a2:23:3b:d0:59:5a:b4:07:24:4e:2a:83:e4:7f:73:15:2e:
15:4a:d6:d0:44:c6:25:1a:ca:5b:a0:2b:cc:75:e9:46:f1:e7:
8b:5f:56:fa:55:7a:17:e1:34:aa:04:06:0e:f2:dd:30:ae:a1:
1e:91:30:a8:08:75:d1:1c:c2:71:86:8a:a5:69:36:fe:7e:dd:
c4:be:69:92:4e:d0:be:a3:39:63:10:2c:b2:6d:2b:eb:82:e7:
04:3b:9e:01:3d:10:24:70:00:5a:51:36:ae:58:e7:ed:3d:a8:
7b:86:05:23:69:e6:01:7d:38:5d:fb:d0:09:97:64:a9:91:67:
fb:8b:69:6f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIp7x8x9RitnCExy+VwqzM1W7O8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MDQxNDQ5NTRaFw0yNjA4MDMxNDU0NTRaMDMxMTAvBgNV
BAMTKDY1RTYxRTQ2REQyQTI0RURDM0QzMkZFODVCOUFFREIzQjE0OUMwNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX1T2hMBrctjGW4XF6HxlXas+W
QM3uufZm5cb0TzlNreHJftoY7tBEFHRF6DBQgkhudzxJpIbYsnNPo3LU9D7aIA6m
UtyK0wOdxqZdnyq9/WeJQ17YXxzHZzYneuZf6Nr0ymflLVOHYCLES5/v5b4dEeld
Y9TrKv4itNXT7JNGw28674BZPtOEmWzj3Pf9PsFfMz0GhjLPyKIhiRzgf5xw79ol
NyyFIxDo/VO2ZtrowFE8VyG9/IKEgefXjSGSKI7Be440H9iBn5Ysg/cfcRxTuUTA
nzMk/h+yQg8umLMKXva0PscPLeMT9REGHpExtAul1cud7NgAHeRRiAR6+hF7AgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUZeYeRt0qJO3D0y/oW5rts7FJwHkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB/BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAAX8TQME
AAX9ygMEAC1dLQMEAC1dLwMEAC1fDQMEAC1fFwMEAC2JHgMEAZU+KgMEALM9owME
ALM9tAMEALXWBgMEALXWCAMEALXWJQMEALXWugMEALXWzgMEAL9gMAMEAL9l0TAN
BgkqhkiG9w0BAQsFAAOCAQEABnkG4hijSGBx8wR7VHUzVZEAyGjtjEOlRvwy/b0+
afUxQ5xeEDuEhr4CVqJQYL/oeMjNRGLUtkU615OtSK9ZQGpdZT7B63me/crsPwSf
gZx9X/ucwaQVbxrcF0F8dYrdYjQlDiz/RHFI4wgM6AjyZvXEryhGeAqmDOwYJahg
8qIjO9BZWrQHJE4qg+R/cxUuFUrW0ETGJRrKW6ArzHXpRvHni19W+lV6F+E0qgQG
DvLdMK6hHpEwqAh10RzCcYaKpWk2/n7dxL5pkk7QvqM5YxAssm0r64LnBDueAT0Q
JHAAWlE2rljn7T2oe4YFI2nmAX04XfvQCZdkqZFn+4tpbw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:48:35 2025 by rpki-client