Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
File: AS43641.roa (raw, json)
Hash identifier: lfXiuJX9LbujOHrGn4DBIZ6UDJxTaxMvGfKLxkgKpSM=
Subject key identifier: F8:BE:6A:40:37:BF:81:DA:2D:73:C9:E4:B3:4A:9B:05:65:F0:3B:53
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3C94CF948103782A6353E84BD425E72B2B92702E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
Signing time: Tue 13 May 2025 17:51:42 +0000
ROA not before: Tue 13 May 2025 17:46:42 +0000
ROA not after: Tue 12 May 2026 17:51:42 +0000
asID: 43641
IP address blocks: 2.57.20.0/23 maxlen: 24
181.215.31.0/24 maxlen: 24
181.215.55.0/24 maxlen: 24
181.215.58.0/24 maxlen: 24
181.215.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:94:cf:94:81:03:78:2a:63:53:e8:4b:d4:25:e7:2b:2b:92:70:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 13 17:46:42 2025 GMT
Not After : May 12 17:51:42 2026 GMT
Subject: CN=F8BE6A4037BF81DA2D73C9E4B34A9B0565F03B53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:df:1c:b7:73:f7:6a:5a:fd:95:d6:db:e7:56:
d6:a3:bb:c7:48:af:44:4a:ff:8b:e9:3f:39:2f:e1:
b0:12:c6:f0:c3:86:f5:44:51:0e:b0:4e:fc:b3:70:
e5:49:d0:42:54:83:83:b2:df:22:9a:2f:a4:92:54:
ae:37:a2:61:53:b4:81:d7:a0:f5:ed:58:96:01:3a:
ed:39:a8:d0:8c:98:96:0d:b1:60:79:8a:44:b9:86:
2f:74:37:bd:d9:19:b2:26:50:c9:72:20:cd:88:48:
ef:b4:6a:e3:e9:30:02:5d:1b:54:07:95:23:2d:e0:
e4:a5:db:b8:3f:7c:61:f1:4c:52:8b:fd:b3:e4:86:
01:74:33:78:6b:6e:9e:02:39:4c:53:ee:26:60:20:
53:7b:26:8c:7d:18:f2:f5:74:d5:c6:9d:c8:d2:7d:
ac:3e:4e:7d:e3:af:a7:84:94:4b:8a:7a:7c:99:93:
2b:8f:6e:79:72:f7:27:9f:40:d4:07:24:6a:db:58:
55:8a:58:8a:ad:cc:44:ae:4e:00:f0:20:4e:ca:71:
e9:74:78:d1:1e:d7:d8:ff:45:93:6c:76:41:5d:ab:
cf:59:15:e5:06:ec:9e:74:fa:90:94:3c:26:db:09:
86:22:c4:d4:01:79:86:88:16:cf:44:16:97:72:0a:
a1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BE:6A:40:37:BF:81:DA:2D:73:C9:E4:B3:4A:9B:05:65:F0:3B:53
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.20.0/23
181.215.31.0/24
181.215.55.0/24
181.215.58.0/24
181.215.62.0/24
Signature Algorithm: sha256WithRSAEncryption
56:84:a5:1b:ca:61:a2:e9:08:72:42:5c:5c:44:91:be:a3:8e:
3c:9b:c8:e4:12:db:28:9f:ff:3d:ca:c0:58:db:25:48:bc:c9:
f7:3f:ce:30:56:03:31:59:12:25:ba:2a:97:10:c7:b2:30:40:
85:ab:eb:0f:64:fb:17:0e:b9:79:26:45:c7:36:54:a8:9e:a8:
d3:b9:51:66:a8:39:1f:94:25:cb:0c:02:1d:f7:8b:83:43:9e:
a9:9c:97:2c:94:45:8d:b5:02:2b:02:fa:1d:89:50:dd:4f:42:
e1:6e:a9:aa:a9:de:99:35:c9:ab:95:4a:ec:09:c0:f5:be:ea:
85:83:ac:d0:53:ed:3b:4e:66:1e:5e:1f:d1:0f:e6:69:88:78:
d1:3f:e5:7b:08:b7:09:f3:90:b6:35:00:24:16:70:95:9c:2f:
4f:6a:59:c3:61:da:68:cb:6a:46:9e:18:fd:07:bb:34:bb:fc:
a7:3d:2e:16:43:29:e3:1b:02:ac:3a:28:d9:64:cf:99:e2:aa:
bf:fc:c5:c1:cb:27:33:87:fd:73:b8:60:ce:e3:1f:47:4f:79:
4e:dc:5a:2a:43:62:78:0f:85:1a:3d:51:f6:c5:12:cc:1f:0f:
65:b5:81:18:8f:34:f2:38:ec:9f:1a:7d:9c:0c:3f:76:92:5a:
29:ec:56:47
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUPJTPlIEDeCpjU+hL1CXnKyuScC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA1MTMxNzQ2NDJaFw0yNjA1MTIxNzUxNDJaMDMxMTAvBgNV
BAMTKEY4QkU2QTQwMzdCRjgxREEyRDczQzlFNEIzNEE5QjA1NjVGMDNCNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo3xy3c/dqWv2V1tvnVtaju8dI
r0RK/4vpPzkv4bASxvDDhvVEUQ6wTvyzcOVJ0EJUg4Oy3yKaL6SSVK43omFTtIHX
oPXtWJYBOu05qNCMmJYNsWB5ikS5hi90N73ZGbImUMlyIM2ISO+0auPpMAJdG1QH
lSMt4OSl27g/fGHxTFKL/bPkhgF0M3hrbp4COUxT7iZgIFN7Jox9GPL1dNXGncjS
faw+Tn3jr6eElEuKenyZkyuPbnly9yefQNQHJGrbWFWKWIqtzESuTgDwIE7Kcel0
eNEe19j/RZNsdkFdq89ZFeUG7J50+pCUPCbbCYYixNQBeYaIFs9EFpdyCqERAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU+L5qQDe/gdotc8nks0qbBWXwO1MwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDM2NDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAECORQD
BAC11x8DBAC11zcDBAC11zoDBAC11z4wDQYJKoZIhvcNAQELBQADggEBAFaEpRvK
YaLpCHJCXFxEkb6jjjybyOQS2yif/z3KwFjbJUi8yfc/zjBWAzFZEiW6KpcQx7Iw
QIWr6w9k+xcOuXkmRcc2VKieqNO5UWaoOR+UJcsMAh33i4NDnqmclyyURY21AisC
+h2JUN1PQuFuqaqp3pk1yauVSuwJwPW+6oWDrNBT7TtOZh5eH9EP5mmIeNE/5XsI
twnzkLY1ACQWcJWcL09qWcNh2mjLakaeGP0HuzS7/Kc9LhZDKeMbAqw6KNlkz5ni
qr/8xcHLJzOH/XO4YM7jH0dPeU7cWipDYngPhRo9UfbFEswfD2W1gRiPNPI47J8a
fZwMP3aSWinsVkc=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:22:20 2025 by rpki-client