Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS33652.roa
File: AS33652.roa (raw, json)
Hash identifier: rqhZlCTXdr+axfUNGsDwcqnaKi6qJWcZLrOKAEko5Os=
Subject key identifier: 6F:8C:7E:7F:D3:4D:87:D0:4B:5F:09:5C:0D:75:F7:40:06:56:EB:6E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 17EF5F02E370B3C563DBDC1CD28F86BBB9428E5C
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS33652.roa
Signing time: Tue 30 Sep 2025 10:55:07 +0000
ROA not before: Tue 30 Sep 2025 10:50:07 +0000
ROA not after: Tue 29 Sep 2026 10:55:07 +0000
asID: 33652
IP address blocks: 46.202.218.0/24 maxlen: 24
92.113.86.0/24 maxlen: 24
92.113.89.0/24 maxlen: 24
92.113.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:ef:5f:02:e3:70:b3:c5:63:db:dc:1c:d2:8f:86:bb:b9:42:8e:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 30 10:50:07 2025 GMT
Not After : Sep 29 10:55:07 2026 GMT
Subject: CN=6F8C7E7FD34D87D04B5F095C0D75F7400656EB6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bd:91:bc:d0:25:10:bb:e5:c7:e4:d6:87:c0:
f3:01:6d:d8:5c:e4:f0:3a:9b:5d:4c:2b:a6:b2:13:
ac:67:96:a1:cd:81:e5:f7:95:50:bb:21:e7:e7:b6:
1a:f8:27:1c:93:3d:72:34:d3:03:c1:63:c9:64:87:
56:cb:d2:fd:3b:47:25:e2:e2:82:e2:e8:02:53:30:
13:84:22:e0:c7:ee:0c:dc:6d:dd:e9:77:c8:a8:b0:
79:3f:9c:74:8a:17:e5:ea:74:82:aa:18:7c:db:5f:
21:ec:25:0a:19:bf:e3:3c:12:3e:37:d1:05:c8:38:
4a:f5:5f:5a:14:0e:c5:7a:17:33:b7:c9:d6:a9:0b:
38:d6:a2:68:3c:b3:03:58:16:34:88:81:ff:4d:8f:
a5:1a:24:64:1b:c2:af:f1:b6:5a:8d:f2:16:dc:c5:
83:f7:dc:dd:2c:10:36:02:39:82:c5:95:03:92:1b:
03:45:26:b4:95:e9:f9:2b:9a:53:0b:4c:64:21:b0:
78:38:dd:bd:7a:e2:60:96:11:27:7e:3c:5f:91:eb:
32:fe:13:54:bc:fe:9d:94:d7:70:73:67:9e:b9:f0:
8f:b3:16:98:80:62:b8:e1:88:de:d2:17:e5:14:7c:
e1:59:0b:b6:c4:22:32:0d:5d:fe:19:6c:8f:7a:2d:
da:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8C:7E:7F:D3:4D:87:D0:4B:5F:09:5C:0D:75:F7:40:06:56:EB:6E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS33652.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.218.0/24
92.113.86.0/24
92.113.89.0/24
92.113.114.0/24
Signature Algorithm: sha256WithRSAEncryption
77:69:79:52:de:77:ae:2e:89:86:00:93:d0:9c:be:39:5f:8a:
eb:32:a4:73:13:03:4b:99:4d:26:2b:b9:a5:e3:7e:1c:7c:8e:
f1:67:07:89:1b:bf:8d:3e:95:77:4f:d7:1a:67:4f:a8:4e:4c:
ed:f1:de:82:d8:7c:06:d9:e6:16:f0:32:8c:53:c4:13:d4:5b:
23:c9:a5:3a:e4:65:88:8f:ae:be:cf:c4:29:dc:77:eb:71:b3:
6d:0e:91:c2:d2:87:bb:0c:b2:bf:f8:b6:f7:18:dd:65:49:09:
6c:46:40:8c:e8:2d:cd:2d:6f:5b:ba:0e:39:e2:fe:e6:ef:1e:
a1:9d:37:e6:40:8a:3d:d1:1e:03:35:b6:b4:a4:75:99:0c:34:
44:e5:68:0d:4c:b3:e4:b9:aa:d7:ab:62:82:0f:fb:ae:c4:97:
c5:29:da:49:55:2d:04:cb:9b:b1:03:dd:3d:0e:b3:53:71:02:
64:db:4e:9b:38:06:c7:cb:be:ce:76:e9:a8:04:4a:fe:dd:de:
59:8c:5a:25:2a:35:04:bb:9c:49:28:78:f5:8c:6e:fe:bb:12:
66:76:13:3f:81:1b:6d:8b:d3:ec:58:cb:3e:1c:5e:75:02:56:
9a:2b:52:0a:b3:1c:ed:90:de:57:b6:57:6b:02:80:20:a7:05:
69:83:84:c1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUF+9fAuNws8Vj29wc0o+Gu7lCjlwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MzAxMDUwMDdaFw0yNjA5MjkxMDU1MDdaMDMxMTAvBgNV
BAMTKDZGOEM3RTdGRDM0RDg3RDA0QjVGMDk1QzBENzVGNzQwMDY1NkVCNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjvZG80CUQu+XH5NaHwPMBbdhc
5PA6m11MK6ayE6xnlqHNgeX3lVC7Iefnthr4JxyTPXI00wPBY8lkh1bL0v07RyXi
4oLi6AJTMBOEIuDH7gzcbd3pd8iosHk/nHSKF+XqdIKqGHzbXyHsJQoZv+M8Ej43
0QXIOEr1X1oUDsV6FzO3ydapCzjWomg8swNYFjSIgf9Nj6UaJGQbwq/xtlqN8hbc
xYP33N0sEDYCOYLFlQOSGwNFJrSV6fkrmlMLTGQhsHg43b164mCWESd+PF+R6zL+
E1S8/p2U13BzZ5658I+zFpiAYrjhiN7SF+UUfOFZC7bEIjINXf4ZbI96LdobAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUb4x+f9NNh9BLXwlcDXX3QAZW624wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzM2NTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAuytoD
BABccVYDBABccVkDBABccXIwDQYJKoZIhvcNAQELBQADggEBAHdpeVLed64uiYYA
k9CcvjlfiusypHMTA0uZTSYruaXjfhx8jvFnB4kbv40+lXdP1xpnT6hOTO3x3oLY
fAbZ5hbwMoxTxBPUWyPJpTrkZYiPrr7PxCncd+txs20OkcLSh7sMsr/4tvcY3WVJ
CWxGQIzoLc0tb1u6Djni/ubvHqGdN+ZAij3RHgM1trSkdZkMNETlaA1Ms+S5qter
YoIP+67El8Up2klVLQTLm7ED3T0Os1NxAmTbTps4BsfLvs526agESv7d3lmMWiUq
NQS7nEkoePWMbv67EmZ2Ez+BG22L0+xYyz4cXnUCVporUgqzHO2Q3le2V2sCgCCn
BWmDhME=
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:36:28 2025 by rpki-client