Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS151905.roa
File: AS151905.roa (raw, json)
Hash identifier: xiWB6EXQYlT0SXcgj1CCPxeeyzLH6SIefwLIZM85now=
Subject key identifier: 9D:36:53:5A:52:89:B9:3E:02:DD:37:BB:EE:A7:A0:57:70:1A:4D:F9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 572C97054177AD81AD900312816AB64AEB6A7F71
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS151905.roa
Signing time: Tue 01 Jul 2025 11:54:10 +0000
ROA not before: Tue 01 Jul 2025 11:49:10 +0000
ROA not after: Tue 30 Jun 2026 11:54:10 +0000
asID: 151905
IP address blocks: 2a13:9500:9f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 11:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:2c:97:05:41:77:ad:81:ad:90:03:12:81:6a:b6:4a:eb:6a:7f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 1 11:49:10 2025 GMT
Not After : Jun 30 11:54:10 2026 GMT
Subject: CN=9D36535A5289B93E02DD37BBEEA7A057701A4DF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9c:d3:07:04:14:cf:b6:d0:4d:40:9b:cf:17:
8d:f6:38:f7:04:2b:06:78:94:05:61:54:01:e3:f8:
a5:e7:9b:b3:d5:3a:5d:fa:ca:83:5e:74:c7:e5:77:
ad:09:d6:d7:9d:16:1c:fe:e0:a5:8e:2b:61:ce:17:
c6:52:b9:84:2c:56:a2:9d:32:08:dc:5e:62:1f:ba:
dd:09:b4:16:da:1e:d1:67:7e:61:17:44:f9:25:60:
fc:2d:7c:f3:03:50:0e:dc:15:31:de:9d:3c:25:22:
e9:34:aa:9d:3f:35:7d:3a:bb:ef:4e:49:0a:7c:60:
df:c3:11:84:77:30:a4:8c:a3:85:98:65:1d:1a:fd:
e9:be:9c:f7:5b:24:07:9e:ac:c1:65:da:48:78:5c:
4f:ce:fc:c0:53:25:1b:33:60:0d:b0:ba:4c:48:80:
58:b4:0c:c0:a0:a7:34:01:dc:ae:de:16:5f:5a:69:
3b:9f:3a:db:7f:e4:d8:08:03:e6:4a:77:57:ff:8b:
11:7b:dd:a3:92:8d:66:0a:45:58:a3:4e:21:eb:f9:
69:9c:86:01:22:51:45:85:5a:6e:55:58:1a:36:ae:
4e:f3:e9:b1:9f:e6:ac:87:4b:c9:47:b8:34:06:41:
ad:2f:dc:7f:0c:72:e1:1a:93:9a:2c:44:c5:60:b2:
fe:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:36:53:5A:52:89:B9:3E:02:DD:37:BB:EE:A7:A0:57:70:1A:4D:F9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS151905.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:9f::/48
Signature Algorithm: sha256WithRSAEncryption
5f:e7:3e:0c:10:91:f9:20:01:63:88:4c:97:be:d9:ba:70:03:
4b:ea:a4:f0:ab:61:d8:35:4d:f7:e0:65:cb:8c:3f:be:56:9d:
a1:c4:25:08:e5:36:41:a5:fe:eb:5a:3a:dc:4d:1c:6a:4d:9e:
68:19:d8:52:05:b1:64:a2:8a:56:e9:a2:22:a2:97:69:f0:5e:
60:72:f0:38:84:68:d8:87:11:6c:65:9c:22:8e:0d:83:89:da:
7e:b8:88:fd:1d:ce:91:43:57:ec:d4:78:c9:bf:9b:4a:b6:2b:
8b:91:7d:26:f2:e3:90:a3:de:bd:84:5a:2f:bf:00:d1:8c:aa:
f7:47:02:73:2d:e9:80:16:8d:00:fd:f1:54:b5:e3:c9:bc:58:
38:ad:04:4d:2a:ed:f2:62:34:da:26:67:67:86:08:7d:aa:14:
f3:a1:5b:02:74:88:fc:d8:8e:2e:2a:fa:a0:94:9e:01:a7:1d:
fb:11:2f:aa:66:fb:d2:4f:76:9c:e2:0a:be:dd:c5:60:99:5e:
00:af:35:94:4b:23:63:22:14:26:f9:5c:2c:44:81:bb:76:37:
94:52:45:c1:12:01:15:53:c2:b1:80:8b:b8:f5:25:61:f1:06:
10:ee:e8:1c:c4:bf:63:75:3f:81:f9:dd:3f:6c:61:29:55:a6:
b5:b8:56:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUVyyXBUF3rYGtkAMSgWq2Sutqf3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MDExMTQ5MTBaFw0yNjA2MzAxMTU0MTBaMDMxMTAvBgNV
BAMTKDlEMzY1MzVBNTI4OUI5M0UwMkREMzdCQkVFQTdBMDU3NzAxQTRERjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChnNMHBBTPttBNQJvPF432OPcE
KwZ4lAVhVAHj+KXnm7PVOl36yoNedMfld60J1tedFhz+4KWOK2HOF8ZSuYQsVqKd
MgjcXmIfut0JtBbaHtFnfmEXRPklYPwtfPMDUA7cFTHenTwlIuk0qp0/NX06u+9O
SQp8YN/DEYR3MKSMo4WYZR0a/em+nPdbJAeerMFl2kh4XE/O/MBTJRszYA2wukxI
gFi0DMCgpzQB3K7eFl9aaTufOtt/5NgIA+ZKd1f/ixF73aOSjWYKRVijTiHr+Wmc
hgEiUUWFWm5VWBo2rk7z6bGf5qyHS8lHuDQGQa0v3H8McuEak5osRMVgsv7vAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUnTZTWlKJuT4C3Te77qegV3AaTfkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTUxOTA1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AACfMA0GCSqGSIb3DQEBCwUAA4IBAQBf5z4MEJH5IAFjiEyXvtm6cANL6qTwq2HY
NU334GXLjD++Vp2hxCUI5TZBpf7rWjrcTRxqTZ5oGdhSBbFkoopW6aIiopdp8F5g
cvA4hGjYhxFsZZwijg2Didp+uIj9Hc6RQ1fs1HjJv5tKtiuLkX0m8uOQo969hFov
vwDRjKr3RwJzLemAFo0A/fFUtePJvFg4rQRNKu3yYjTaJmdnhgh9qhTzoVsCdIj8
2I4uKvqglJ4Bpx37ES+qZvvST3ac4gq+3cVgmV4ArzWUSyNjIhQm+VwsRIG7djeU
UkXBEgEVU8KxgIu49SVh8QYQ7ugcxL9jdT+B+d0/bGEpVaa1uFZG
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:55:52 2025 by rpki-client