Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS36530.roa
File: AS36530.roa (raw, json)
Hash identifier: AzkmFBtVrSSranj4L/0EIXnWtNtCepD5tBjB3fXN0ek=
Subject key identifier: 57:2B:EF:E9:27:D4:2A:31:5C:09:05:97:B6:84:12:67:BB:A4:6A:0F
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 59BF93EFC4B957180E9031647D7323C0FA2C302D
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS36530.roa
Signing time: Fri 08 May 2026 13:25:51 +0000
ROA not before: Fri 08 May 2026 13:20:51 +0000
ROA not after: Fri 07 May 2027 13:25:51 +0000
asID: 36530
IP address blocks: 141.11.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:58:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:bf:93:ef:c4:b9:57:18:0e:90:31:64:7d:73:23:c0:fa:2c:30:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 8 13:20:51 2026 GMT
Not After : May 7 13:25:51 2027 GMT
Subject: CN=572BEFE927D42A315C090597B6841267BBA46A0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1f:a7:b6:92:24:f8:c2:10:10:0a:f8:0a:ef:
34:38:60:e3:ee:38:63:04:d4:c2:ea:87:ac:4f:0a:
67:8c:6c:31:a9:ce:ee:d2:ef:57:60:c5:28:1a:33:
6d:3f:d3:8a:9f:ba:11:d7:a0:1f:12:04:67:64:88:
bc:aa:0f:92:bc:2c:95:f6:7b:b3:4a:7e:bd:95:f3:
ff:8b:4f:43:15:47:14:23:57:8a:8e:05:a5:43:2e:
ba:81:69:13:30:44:77:3b:9c:43:08:44:c9:a8:f7:
d1:82:27:4f:5b:98:21:7d:de:6f:8a:e3:7f:36:d1:
5b:c7:46:94:44:c3:2c:f2:af:a7:f5:e8:ce:bd:b1:
3c:27:57:55:56:ea:26:72:19:9d:32:a4:72:bc:ef:
bc:d6:f9:a4:c2:e3:ba:af:36:42:2a:c4:e0:a3:6e:
92:a3:dd:54:80:85:a7:85:59:c2:a4:88:7e:2a:f6:
80:b5:2f:a6:6a:35:20:53:6b:36:ad:ba:c3:34:8e:
24:01:7c:eb:16:1d:50:9f:28:da:50:72:1c:91:df:
9f:fc:e0:85:f4:db:04:75:b8:6b:f7:1e:10:e8:df:
c0:71:b0:45:f3:f8:77:af:85:a1:35:df:cc:7d:e6:
21:b0:c5:f0:da:e5:84:9b:c0:c9:55:72:40:4e:24:
3f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:2B:EF:E9:27:D4:2A:31:5C:09:05:97:B6:84:12:67:BB:A4:6A:0F
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS36530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.240.0/24
Signature Algorithm: sha256WithRSAEncryption
75:5f:98:4f:93:9e:70:be:32:e7:d7:51:88:e4:93:8d:bb:4c:
f6:24:dc:94:3f:61:a9:49:7c:34:2b:4a:38:bb:c1:e6:a1:82:
43:d6:e9:77:f3:ca:59:1c:49:39:5c:73:c8:cb:2b:86:9f:00:
a6:c0:ee:bb:14:62:84:96:5c:cf:10:cc:f6:a0:b3:49:3a:23:
60:1e:68:7e:83:c6:f1:b3:8d:76:bf:15:f9:a7:db:44:63:09:
ce:6e:1c:59:22:1e:ad:66:79:c6:d4:43:e5:d8:9f:19:44:cb:
35:6b:26:f1:fa:60:7c:ea:fc:24:ab:a6:03:7c:d0:a6:3f:29:
3d:6f:4a:a3:f3:e1:1f:94:ba:5c:e1:cc:9c:13:5d:0b:b4:18:
e8:98:c0:1f:cd:b0:60:b6:c9:01:b0:96:0b:67:10:7e:34:03:
12:96:8c:29:a4:3d:55:a5:c7:f2:1d:89:76:f5:ac:9e:e0:67:
d3:b9:57:42:6e:e7:04:ef:37:32:41:b3:22:4d:7f:e1:35:a5:
26:63:86:fd:70:c6:94:a0:ec:65:63:00:56:f5:aa:e3:c2:c0:
52:cf:e2:dd:65:a1:be:ac:b1:ef:0f:e1:a1:60:32:db:b2:ab:
44:35:76:b2:1b:a6:8f:5e:fd:01:55:24:45:e0:77:5c:77:ff:
db:8f:bf:3e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUWb+T78S5VxgOkDFkfXMjwPosMC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjA1MDgxMzIwNTFaFw0yNzA1MDcxMzI1NTFaMDMxMTAvBgNV
BAMTKDU3MkJFRkU5MjdENDJBMzE1QzA5MDU5N0I2ODQxMjY3QkJBNDZBMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4H6e2kiT4whAQCvgK7zQ4YOPu
OGME1MLqh6xPCmeMbDGpzu7S71dgxSgaM20/04qfuhHXoB8SBGdkiLyqD5K8LJX2
e7NKfr2V8/+LT0MVRxQjV4qOBaVDLrqBaRMwRHc7nEMIRMmo99GCJ09bmCF93m+K
43820VvHRpREwyzyr6f16M69sTwnV1VW6iZyGZ0ypHK877zW+aTC47qvNkIqxOCj
bpKj3VSAhaeFWcKkiH4q9oC1L6ZqNSBTazatusM0jiQBfOsWHVCfKNpQchyR35/8
4IX02wR1uGv3HhDo38BxsEXz+HevhaE138x95iGwxfDa5YSbwMlVckBOJD/hAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUVyvv6SfUKjFcCQWXtoQSZ7ukag8wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzY1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC/Aw
DQYJKoZIhvcNAQELBQADggEBAHVfmE+TnnC+MufXUYjkk427TPYk3JQ/YalJfDQr
Sji7weahgkPW6XfzylkcSTlcc8jLK4afAKbA7rsUYoSWXM8QzPags0k6I2AeaH6D
xvGzjXa/Ffmn20RjCc5uHFkiHq1mecbUQ+XYnxlEyzVrJvH6YHzq/CSrpgN80KY/
KT1vSqPz4R+UulzhzJwTXQu0GOiYwB/NsGC2yQGwlgtnEH40AxKWjCmkPVWlx/Id
iXb1rJ7gZ9O5V0Ju5wTvNzJBsyJNf+E1pSZjhv1wxpSg7GVjAFb1quPCwFLP4t1l
ob6sse8P4aFgMtuyq0Q1drIbpo9e/QFVJEXgd1x3/9uPvz4=
-----END CERTIFICATE-----
Generated at Wed May 13 01:06:15 2026 by rpki-client