Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS400810.roa
File: AS400810.roa (raw, json)
Hash identifier: MEzxbOtU7Tcmp1O1Lnrh1HZh7X+zYs7XNiCUcsmna18=
Subject key identifier: 83:14:66:E4:5C:E6:9B:F4:37:D4:7B:B5:AE:5A:D8:9D:89:99:36:49
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 56C523A365509C296C9308796AA4AF0DE7CE5A8B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS400810.roa
Signing time: Fri 11 Jul 2025 12:33:02 +0000
ROA not before: Fri 11 Jul 2025 12:28:02 +0000
ROA not after: Fri 10 Jul 2026 12:33:02 +0000
asID: 400810
IP address blocks: 96.62.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:c5:23:a3:65:50:9c:29:6c:93:08:79:6a:a4:af:0d:e7:ce:5a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 11 12:28:02 2025 GMT
Not After : Jul 10 12:33:02 2026 GMT
Subject: CN=831466E45CE69BF437D47BB5AE5AD89D89993649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d6:2b:42:e3:e6:eb:e0:01:b3:2b:cb:46:4e:
cf:24:74:33:e2:01:ef:af:10:1c:39:ef:1f:4d:c8:
48:12:28:05:96:f9:07:07:e7:cf:d8:ad:61:af:e3:
3f:e1:aa:74:4c:27:16:39:66:1f:a0:67:e8:e2:f2:
e0:ce:46:b1:27:de:b8:4f:ee:55:1c:00:dd:30:bc:
1f:24:2c:d7:04:43:b8:5d:d5:2f:16:fc:f5:71:fe:
1e:7a:bb:1d:2e:9a:ea:58:58:0b:9b:b5:f4:1a:a8:
b5:43:2f:68:7b:0f:38:6a:d7:85:ee:a9:71:3a:66:
41:62:de:44:48:ed:47:f2:37:63:7e:13:eb:27:06:
53:1f:20:d5:cb:af:ca:bd:d0:d1:f1:64:21:8d:db:
8e:c2:12:8b:41:3a:6a:28:20:fc:7a:a0:37:77:b1:
80:81:2f:89:83:5e:fe:94:2e:df:37:08:8b:b4:0c:
81:73:47:28:88:fa:6c:bf:2f:ec:5f:db:2b:72:b8:
a2:f5:61:bf:d4:52:9d:86:e9:8f:6e:2a:12:b3:fd:
f1:6c:37:86:ba:e2:7a:55:d0:cb:95:34:b6:19:b0:
c8:3a:83:68:79:bb:87:1e:a9:89:a9:ef:f9:1c:03:
f2:de:79:03:6b:96:d0:4d:c2:7b:0e:8c:96:0d:12:
9d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:14:66:E4:5C:E6:9B:F4:37:D4:7B:B5:AE:5A:D8:9D:89:99:36:49
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS400810.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.217.0/24
Signature Algorithm: sha256WithRSAEncryption
11:d9:78:a4:51:c1:9d:b5:01:a6:62:0f:2d:b6:d6:7e:36:aa:
89:43:75:ef:4b:fa:b4:3e:aa:52:a4:0d:c7:18:5e:ab:a0:5f:
b0:6b:0a:91:b6:44:46:01:a8:69:f8:dc:77:ba:f4:4a:89:a8:
3c:d6:9a:d1:a5:26:e9:73:1d:17:d8:ce:3d:58:98:e4:1e:27:
e2:70:8d:d9:c7:5c:ea:1a:fe:ec:59:1c:b4:1c:ad:fe:4c:8b:
04:04:a0:0c:96:fe:1a:80:55:2a:9d:bb:a1:79:71:7b:22:1f:
9b:17:61:c9:fd:8a:4d:b0:84:95:ea:15:41:6a:67:7d:b9:e3:
3e:00:3e:49:07:6e:5a:66:10:cb:fe:02:a1:d1:e3:99:5c:49:
ac:11:fd:f1:41:93:97:17:3f:ea:d5:35:62:53:05:db:9d:00:
59:6d:b2:e7:98:08:50:97:a2:a5:6e:f5:50:70:20:11:10:5d:
15:0f:49:7b:07:78:70:83:8a:a3:ad:df:9d:39:84:d3:bf:c7:
7f:d0:7c:6e:d3:06:46:03:2c:9f:0c:12:7d:e0:80:b9:bd:a8:
e9:18:76:41:d2:85:db:f9:2c:9b:bb:43:4f:b1:87:50:d9:5c:
b2:bb:90:fd:6d:9b:06:7c:05:27:3f:af:6d:4e:cb:04:ee:c6:
58:d3:6f:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVsUjo2VQnClskwh5aqSvDefOWoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTExMjI4MDJaFw0yNjA3MTAxMjMzMDJaMDMxMTAvBgNV
BAMTKDgzMTQ2NkU0NUNFNjlCRjQzN0Q0N0JCNUFFNUFEODlEODk5OTM2NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz1itC4+br4AGzK8tGTs8kdDPi
Ae+vEBw57x9NyEgSKAWW+QcH58/YrWGv4z/hqnRMJxY5Zh+gZ+ji8uDORrEn3rhP
7lUcAN0wvB8kLNcEQ7hd1S8W/PVx/h56ux0umupYWAubtfQaqLVDL2h7Dzhq14Xu
qXE6ZkFi3kRI7UfyN2N+E+snBlMfINXLr8q90NHxZCGN247CEotBOmooIPx6oDd3
sYCBL4mDXv6ULt83CIu0DIFzRyiI+my/L+xf2ytyuKL1Yb/UUp2G6Y9uKhKz/fFs
N4a64npV0MuVNLYZsMg6g2h5u4ceqYmp7/kcA/LeeQNrltBNwnsOjJYNEp0FAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUgxRm5Fzmm/Q31Hu1rlrYnYmZNkkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDAwODEwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAYD7Z
MA0GCSqGSIb3DQEBCwUAA4IBAQAR2XikUcGdtQGmYg8tttZ+NqqJQ3XvS/q0PqpS
pA3HGF6roF+wawqRtkRGAahp+Nx3uvRKiag81prRpSbpcx0X2M49WJjkHificI3Z
x1zqGv7sWRy0HK3+TIsEBKAMlv4agFUqnbuheXF7Ih+bF2HJ/YpNsISV6hVBamd9
ueM+AD5JB25aZhDL/gKh0eOZXEmsEf3xQZOXFz/q1TViUwXbnQBZbbLnmAhQl6Kl
bvVQcCAREF0VD0l7B3hwg4qjrd+dOYTTv8d/0Hxu0wZGAyyfDBJ94IC5vajpGHZB
0oXb+Sybu0NPsYdQ2Vyyu5D9bZsGfAUnP69tTssE7sZY02+O
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:58:53 2025 by rpki-client