Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: UVeMb85b6QlG2ZzEmk9aQmm6+A303g0VZoQo4AA8wXs=
Subject key identifier: A5:02:C5:71:30:C9:3E:F3:A3:AE:75:39:18:04:5D:FF:16:25:42:DA
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 0552BF3E47AAEAEBC72801CFC7F4FF4935657BCB
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Fri 18 Jul 2025 08:29:40 +0000
ROA not before: Fri 18 Jul 2025 08:24:40 +0000
ROA not after: Fri 17 Jul 2026 08:29:40 +0000
asID: 0
IP address blocks: 2a14:7580:b000::/36 maxlen: 48
2a14:7581:f30::/44 maxlen: 48
2a14:7581:ffb::/48 maxlen: 48
2a14:7581:ffd::/48 maxlen: 48
2a14:7581:fff::/48 maxlen: 48
2a14:7581:a000::/36 maxlen: 48
2a14:7581:e000::/36 maxlen: 48
2a14:7582::/32 maxlen: 48
2a14:7584:2000::/36 maxlen: 48
2a14:7584:d000::/36 maxlen: 48
2a14:7585::/32 maxlen: 48
2a14:7586::/32 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:52:bf:3e:47:aa:ea:eb:c7:28:01:cf:c7:f4:ff:49:35:65:7b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jul 18 08:24:40 2025 GMT
Not After : Jul 17 08:29:40 2026 GMT
Subject: CN=A502C57130C93EF3A3AE753918045DFF162542DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:35:6f:47:7c:1f:3b:8a:95:85:36:38:2a:9c:
24:d2:bb:76:8b:06:df:33:93:4a:23:97:1a:ec:22:
f6:ff:f1:65:8f:71:76:22:85:e8:cf:b6:1b:60:6d:
b8:61:cc:92:d5:a1:6a:64:b5:99:bc:05:1b:c2:d3:
4e:b0:fd:59:2c:e1:e4:31:3e:d4:5f:ca:89:c2:a7:
41:3a:21:91:27:6d:e2:d1:86:dc:b6:6f:51:32:bb:
61:08:fc:37:be:27:06:5d:2e:ca:03:70:a3:b9:ec:
4e:94:bf:cf:01:5b:c5:0b:22:3d:3d:e3:1c:68:83:
95:d7:00:15:85:5e:dc:58:c7:c5:ce:4b:a9:63:95:
d7:0e:1c:c5:cd:eb:51:2b:e0:3e:a1:09:d8:ef:95:
cb:8f:d6:62:e1:98:4b:51:12:c4:9d:01:f4:66:94:
be:69:41:dd:a8:31:95:a3:46:0a:3a:4d:58:7a:e8:
d1:64:c0:52:71:98:10:f2:97:c1:6a:1e:91:15:4b:
c9:68:8a:04:19:ef:41:20:a6:92:23:55:20:7f:92:
bf:5c:1f:85:fc:f5:8d:57:df:2f:73:5d:a7:b7:f1:
34:14:10:3b:25:cd:d8:65:d9:27:83:91:cf:fa:b4:
44:35:56:c4:9f:55:dc:2e:bd:31:b8:0e:2d:b6:ed:
04:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:02:C5:71:30:C9:3E:F3:A3:AE:75:39:18:04:5D:FF:16:25:42:DA
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:b000::/36
2a14:7581:f30::/44
2a14:7581:ffb::/48
2a14:7581:ffd::/48
2a14:7581:fff::/48
2a14:7581:a000::/36
2a14:7581:e000::/36
2a14:7582::/32
2a14:7584:2000::/36
2a14:7584:d000::/36
2a14:7585::-2a14:7587:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
31:91:05:a6:64:4b:92:59:a4:a3:d7:6c:60:9e:ba:a5:58:db:
ed:35:d5:8e:1e:62:55:ea:f5:53:3e:eb:f7:a2:74:51:c8:32:
13:9b:c8:73:74:f6:c7:9b:74:3a:43:69:7b:e9:eb:0e:d6:32:
75:7a:df:62:c2:1a:33:82:9f:a8:17:f1:25:dc:bb:b5:19:10:
c1:b3:bb:b3:89:44:ed:56:53:e4:82:78:9d:4e:60:f9:2c:bf:
a5:b5:88:b7:bd:d7:d6:87:12:da:b5:11:f2:35:92:f0:96:0b:
fd:2f:59:6c:19:15:51:65:cc:45:d5:af:60:2e:6b:43:45:ee:
ed:d6:af:31:a7:d7:13:0a:e0:05:96:22:6e:8e:12:b0:9d:ee:
e1:c3:12:f1:9f:c5:7b:be:a0:a6:41:39:cc:b5:b4:36:c3:1a:
09:fc:61:14:6e:fe:c1:09:2c:cc:d6:e8:71:42:ac:5b:81:90:
9d:5b:4e:09:cd:ac:c4:f3:26:b4:d1:25:c0:c1:3b:c9:29:1d:
e6:4d:3b:a0:09:23:cf:ba:41:8f:f6:1e:82:3c:ce:0f:10:f1:
3a:54:ae:0b:64:35:6f:75:3e:e4:30:76:6d:36:99:99:1a:61:
bf:5c:0d:85:54:1f:a6:09:9a:04:a6:89:d7:8c:d4:6f:5d:a1:
67:b1:34:60
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIUBVK/Pkeq6uvHKAHPx/T/STVle8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA3MTgwODI0NDBaFw0yNjA3MTcwODI5NDBaMDMxMTAvBgNV
BAMTKEE1MDJDNTcxMzBDOTNFRjNBM0FFNzUzOTE4MDQ1REZGMTYyNTQyREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxNW9HfB87ipWFNjgqnCTSu3aL
Bt8zk0ojlxrsIvb/8WWPcXYihejPthtgbbhhzJLVoWpktZm8BRvC006w/Vks4eQx
PtRfyonCp0E6IZEnbeLRhty2b1Eyu2EI/De+JwZdLsoDcKO57E6Uv88BW8ULIj09
4xxog5XXABWFXtxYx8XOS6ljldcOHMXN61Er4D6hCdjvlcuP1mLhmEtREsSdAfRm
lL5pQd2oMZWjRgo6TVh66NFkwFJxmBDyl8FqHpEVS8loigQZ70EgppIjVSB/kr9c
H4X89Y1X3y9zXae38TQUEDslzdhl2SeDkc/6tEQ1VsSfVdwuvTG4Di227QQzAgMB
AAGjggJiMIICXjAdBgNVHQ4EFgQUpQLFcTDJPvOjrnU5GARd/xYlQtowHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjB8BggrBgEFBQcBBwEB/wRtMGswaQQCAAIwYwMGBCoUdYCwAwcE
KhR1gQ8wAwcAKhR1gQ/7AwcAKhR1gQ/9AwcAKhR1gQ//AwYEKhR1gaADBgQqFHWB
4AMFACoUdYIDBgQqFHWEIAMGBCoUdYTQMA4DBQAqFHWFAwUDKhR1gDANBgkqhkiG
9w0BAQsFAAOCAQEAMZEFpmRLklmko9dsYJ66pVjb7TXVjh5iVer1Uz7r96J0Ucgy
E5vIc3T2x5t0OkNpe+nrDtYydXrfYsIaM4KfqBfxJdy7tRkQwbO7s4lE7VZT5IJ4
nU5g+Sy/pbWIt73X1ocS2rUR8jWS8JYL/S9ZbBkVUWXMRdWvYC5rQ0Xu7davMafX
EwrgBZYibo4SsJ3u4cMS8Z/Fe76gpkE5zLW0NsMaCfxhFG7+wQkszNbocUKsW4GQ
nVtOCc2sxPMmtNElwME7ySkd5k07oAkjz7pBj/YegjzODxDxOlSuC2Q1b3U+5DB2
bTaZmRphv1wNhVQfpgmaBKaJ14zUb12hZ7E0YA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:11:16 2025 by rpki-client