Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS60949.roa
File: AS60949.roa (raw, json)
Hash identifier: X3a8hc7izf4BRn/2sG2Oedt4TkzBaW/Zo7mNPCDFYUE=
Subject key identifier: AA:42:DC:D2:36:D9:58:3C:7A:33:7B:AC:65:79:1A:33:FD:DE:13:1F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2B3FFF469E76C70EB7B563C647AA60989D54CDA1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS60949.roa
Signing time: Wed 16 Jul 2025 11:54:13 +0000
ROA not before: Wed 16 Jul 2025 11:49:13 +0000
ROA not after: Wed 15 Jul 2026 11:54:13 +0000
asID: 60949
IP address blocks: 147.79.52.0/24 maxlen: 24
147.79.53.0/24 maxlen: 24
147.79.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:3f:ff:46:9e:76:c7:0e:b7:b5:63:c6:47:aa:60:98:9d:54:cd:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 16 11:49:13 2025 GMT
Not After : Jul 15 11:54:13 2026 GMT
Subject: CN=AA42DCD236D9583C7A337BAC65791A33FDDE131F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:61:cf:66:e8:09:f8:7f:33:80:88:a3:71:
09:c4:f5:02:7c:38:96:d9:2a:4d:2f:dc:cb:c1:a4:
37:47:69:2d:c1:3e:6c:54:7a:66:1a:e4:77:05:eb:
91:3d:e1:5a:3a:c2:5b:ec:04:0a:fd:cc:79:86:d7:
91:85:ef:32:f9:73:ab:6c:80:45:43:c1:15:4e:17:
e8:d7:b6:7d:aa:b6:cb:b3:18:fb:2e:7e:2c:6e:c1:
e8:58:6f:77:4e:6e:88:90:e5:4d:45:e2:f3:d3:dc:
a2:ef:fd:b4:18:a1:8c:90:df:56:b5:07:ef:53:12:
df:2c:c6:eb:09:eb:ff:90:2a:e0:43:fe:21:d1:c5:
cc:32:aa:e7:df:1b:1b:61:5d:3d:2f:f1:1d:68:ea:
3d:05:3a:a7:00:de:01:70:80:e2:2f:a8:89:8f:56:
b4:9d:c9:58:20:41:5e:85:14:3c:10:b5:0b:91:19:
37:7a:f9:9e:ff:c1:2a:6b:2a:af:0e:4e:cb:d1:2d:
bd:c2:2f:d3:53:55:52:a3:40:dc:1d:cd:31:50:24:
e2:2e:b2:7f:ec:dd:81:80:04:08:23:42:70:4f:24:
0d:16:7b:2a:92:f3:ab:a2:9f:c4:bf:12:b4:7a:13:
ef:b2:12:05:f8:0b:82:7f:94:81:16:03:0c:b9:ab:
07:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:42:DC:D2:36:D9:58:3C:7A:33:7B:AC:65:79:1A:33:FD:DE:13:1F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS60949.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.52.0-147.79.54.255
Signature Algorithm: sha256WithRSAEncryption
48:33:3b:8e:89:d1:10:3a:c1:13:27:71:a3:84:bb:31:8e:23:
85:ff:c3:84:6c:18:9a:e1:18:4d:87:ae:42:ff:7e:e9:73:5e:
7f:0f:64:9f:d8:ef:48:e7:c3:b1:01:04:17:5e:22:21:79:89:
7c:ba:7d:cc:8a:20:b4:c4:e5:34:9f:a3:c2:f8:18:52:b3:ea:
3d:d2:e5:40:5a:2a:aa:d5:43:55:4d:1c:94:2c:df:d5:27:f7:
3b:9a:80:19:1b:71:dc:b1:c8:3e:06:1f:39:1e:bd:0a:0d:8f:
c4:b1:7b:f7:ce:96:d6:30:0e:2e:80:6c:0c:4b:ca:13:b1:13:
ca:9f:04:54:43:67:c2:80:a5:69:6c:e4:b4:de:64:61:7b:e4:
50:ef:ef:70:f7:94:25:fa:b6:ee:77:8a:7e:33:e4:4e:c6:56:
cd:a8:c6:2d:e8:e0:4e:22:fb:d5:1f:85:81:59:f6:fc:a0:d9:
21:b2:c8:4b:01:c2:e5:15:b0:25:93:33:d8:6c:cb:87:f0:59:
40:04:61:e8:18:3e:53:46:11:b0:dd:86:eb:60:e3:16:5b:9c:
81:ff:a5:c4:3b:d2:52:7d:7b:f0:c5:34:bd:4e:07:67:86:b3:
4b:80:5f:6b:95:8d:1d:7b:2c:45:13:33:c1:6e:cf:5a:1a:38:
0c:df:58:7d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIUKz//Rp52xw63tWPGR6pgmJ1UzaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTYxMTQ5MTNaFw0yNjA3MTUxMTU0MTNaMDMxMTAvBgNV
BAMTKEFBNDJEQ0QyMzZEOTU4M0M3QTMzN0JBQzY1NzkxQTMzRkRERTEzMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF9mHPZugJ+H8zgIijcQnE9QJ8
OJbZKk0v3MvBpDdHaS3BPmxUemYa5HcF65E94Vo6wlvsBAr9zHmG15GF7zL5c6ts
gEVDwRVOF+jXtn2qtsuzGPsufixuwehYb3dOboiQ5U1F4vPT3KLv/bQYoYyQ31a1
B+9TEt8sxusJ6/+QKuBD/iHRxcwyquffGxthXT0v8R1o6j0FOqcA3gFwgOIvqImP
VrSdyVggQV6FFDwQtQuRGTd6+Z7/wSprKq8OTsvRLb3CL9NTVVKjQNwdzTFQJOIu
sn/s3YGABAgjQnBPJA0WeyqS86uin8S/ErR6E++yEgX4C4J/lIEWAwy5qweRAgMB
AAGjggIRMIICDTAdBgNVHQ4EFgQUqkLc0jbZWDx6M3usZXkaM/3eEx8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjA5NDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEApNP
NAMEAJNPNjANBgkqhkiG9w0BAQsFAAOCAQEASDM7jonREDrBEydxo4S7MY4jhf/D
hGwYmuEYTYeuQv9+6XNefw9kn9jvSOfDsQEEF14iIXmJfLp9zIogtMTlNJ+jwvgY
UrPqPdLlQFoqqtVDVU0clCzf1Sf3O5qAGRtx3LHIPgYfOR69Cg2PxLF7986W1jAO
LoBsDEvKE7ETyp8EVENnwoClaWzktN5kYXvkUO/vcPeUJfq27neKfjPkTsZWzajG
LejgTiL71R+FgVn2/KDZIbLISwHC5RWwJZMz2GzLh/BZQARh6Bg+U0YRsN2G62Dj
Flucgf+lxDvSUn178MU0vU4HZ4azS4Bfa5WNHXssRRMzwW7PWho4DN9YfQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:58:52 2025 by rpki-client