Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS36530.roa
File: AS36530.roa (raw, json)
Hash identifier: ERbPsaKK1yH5OCBCV9eFRUakb6J6hOWTux9JtAukB/0=
Subject key identifier: 18:FE:2F:00:49:13:E3:42:7A:D8:F1:9B:B4:7E:98:E9:E6:04:7B:CB
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 32704AC4D7B0BDC6A809A5EB38811F2C3225684C
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS36530.roa
Signing time: Fri 08 Aug 2025 16:34:11 +0000
ROA not before: Fri 08 Aug 2025 16:29:11 +0000
ROA not after: Fri 07 Aug 2026 16:34:11 +0000
asID: 36530
IP address blocks: 141.11.108.0/24 maxlen: 24
141.11.140.0/24 maxlen: 24
141.11.141.0/24 maxlen: 24
141.11.181.0/24 maxlen: 24
141.11.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:70:4a:c4:d7:b0:bd:c6:a8:09:a5:eb:38:81:1f:2c:32:25:68:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 8 16:29:11 2025 GMT
Not After : Aug 7 16:34:11 2026 GMT
Subject: CN=18FE2F004913E3427AD8F19BB47E98E9E6047BCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bf:d4:a0:4d:4d:1c:9f:24:51:11:d9:cf:8e:
2b:d6:62:85:c2:df:fc:2b:57:d4:c5:b4:33:1c:07:
5c:00:66:9d:6b:c6:37:23:95:67:97:ba:23:5a:d9:
87:83:77:23:d4:75:c3:ad:a5:9a:04:6b:81:51:c3:
10:94:96:a5:b2:6c:c5:01:4d:2e:75:7a:2b:61:65:
db:7e:69:c8:b0:ec:98:3a:1f:0c:aa:cc:1a:f5:ac:
d3:d9:39:6f:c3:46:09:97:f4:d8:f9:13:21:dd:9b:
6f:f4:b0:f4:4c:66:c3:d3:d0:89:71:7b:e3:b7:d5:
cc:fd:19:e1:13:25:66:cb:07:a6:0f:a5:ba:d5:51:
de:f3:9e:55:db:5f:bc:8f:af:61:12:f3:36:10:fe:
0a:46:32:ea:9f:96:d1:62:db:cf:fa:22:c5:33:14:
25:37:bc:a9:87:ed:49:3a:09:1c:bc:21:64:69:0d:
71:d2:35:08:4e:93:9c:2a:0a:e0:1c:db:0e:07:b4:
bd:5e:aa:e6:66:ac:96:d9:6c:d0:e8:e3:36:a6:91:
27:34:19:6e:ff:c0:df:2a:b9:dd:0e:a8:9b:9f:92:
3a:48:5d:43:2a:76:d9:cf:28:a6:cd:90:10:66:95:
58:a4:53:51:3c:94:34:54:f8:49:f5:4e:1e:6a:ea:
40:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:FE:2F:00:49:13:E3:42:7A:D8:F1:9B:B4:7E:98:E9:E6:04:7B:CB
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS36530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.108.0/24
141.11.140.0/23
141.11.181.0/24
141.11.240.0/24
Signature Algorithm: sha256WithRSAEncryption
40:bd:f7:98:6c:e9:ad:5a:9d:8e:00:c1:f5:08:ea:98:3d:07:
bb:2f:1c:04:81:27:a7:eb:ab:bb:4a:10:07:81:15:6a:a4:46:
08:be:c5:2e:dd:3a:f2:54:73:e9:d3:88:1d:83:a4:d3:c2:96:
87:12:91:05:6f:b1:dd:5c:91:64:a1:ba:3b:e7:00:a3:67:2c:
47:63:a2:84:66:a2:bb:05:d7:cd:81:0a:43:d7:f7:62:fe:4c:
1e:46:0f:06:a9:e6:bc:1b:87:28:66:64:e7:93:46:e6:d1:dc:
06:59:80:53:67:36:19:45:3e:56:9f:c3:c8:07:f8:9e:16:a1:
16:cb:f3:bc:a5:22:c7:ce:4c:fe:e8:81:26:77:7b:35:97:28:
63:40:a3:a7:cc:d9:52:19:9c:94:ad:02:50:c5:50:53:74:a0:
cc:34:93:78:73:e1:1e:bd:7f:e5:26:40:cc:dd:e9:d8:48:bf:
d4:5f:0a:da:92:72:c2:4d:b2:09:63:32:ea:ef:a5:c7:1b:50:
a8:e9:9d:a2:90:07:dc:81:4c:3b:b0:20:74:e1:a0:07:54:e9:
67:db:3a:83:88:7f:93:0f:b3:1c:13:f2:74:ef:0c:36:26:83:
4f:c9:31:b3:96:2d:6e:3f:60:c6:f5:51:e0:7b:b8:b8:de:bb:
80:bf:0a:22
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUMnBKxNewvcaoCaXrOIEfLDIlaEwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA4MDgxNjI5MTFaFw0yNjA4MDcxNjM0MTFaMDMxMTAvBgNV
BAMTKDE4RkUyRjAwNDkxM0UzNDI3QUQ4RjE5QkI0N0U5OEU5RTYwNDdCQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjv9SgTU0cnyRREdnPjivWYoXC
3/wrV9TFtDMcB1wAZp1rxjcjlWeXuiNa2YeDdyPUdcOtpZoEa4FRwxCUlqWybMUB
TS51eithZdt+aciw7Jg6HwyqzBr1rNPZOW/DRgmX9Nj5EyHdm2/0sPRMZsPT0Ilx
e+O31cz9GeETJWbLB6YPpbrVUd7znlXbX7yPr2ES8zYQ/gpGMuqfltFi28/6IsUz
FCU3vKmH7Uk6CRy8IWRpDXHSNQhOk5wqCuAc2w4HtL1equZmrJbZbNDo4zamkSc0
GW7/wN8qud0OqJufkjpIXUMqdtnPKKbNkBBmlVikU1E8lDRU+En1Th5q6kApAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUGP4vAEkT40J62PGbtH6Y6eYEe8swHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzY1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACNC2wD
BAGNC4wDBACNC7UDBACNC/AwDQYJKoZIhvcNAQELBQADggEBAEC995hs6a1anY4A
wfUI6pg9B7svHASBJ6frq7tKEAeBFWqkRgi+xS7dOvJUc+nTiB2DpNPClocSkQVv
sd1ckWShujvnAKNnLEdjooRmorsF182BCkPX92L+TB5GDwap5rwbhyhmZOeTRubR
3AZZgFNnNhlFPlafw8gH+J4WoRbL87ylIsfOTP7ogSZ3ezWXKGNAo6fM2VIZnJSt
AlDFUFN0oMw0k3hz4R69f+UmQMzd6dhIv9RfCtqScsJNsgljMurvpccbUKjpnaKQ
B9yBTDuwIHThoAdU6WfbOoOIf5MPsxwT8nTvDDYmg0/JMbOWLW4/YMb1UeB7uLje
u4C/CiI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:42:15 2025 by rpki-client