Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS47583.roa
File: AS47583.roa (raw, json)
Hash identifier: gOSEOxdKWoqKFPUha/mHEERq5ClaOPt4e9Pns8POQ04=
Subject key identifier: 4F:8E:37:0E:3B:14:3C:83:E5:56:5D:47:C0:D2:68:71:2E:15:D7:4D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: B449F5E4E910735E20C3F7ED752777B62E86F4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS47583.roa
Signing time: Tue 04 Feb 2025 13:07:49 +0000
ROA not before: Tue 04 Feb 2025 13:02:49 +0000
ROA not after: Tue 03 Feb 2026 13:07:49 +0000
asID: 47583
IP address blocks: 82.25.64.0/21 maxlen: 24
82.25.72.0/21 maxlen: 24
82.25.80.0/21 maxlen: 24
82.25.88.0/21 maxlen: 24
82.25.96.0/21 maxlen: 24
82.25.104.0/21 maxlen: 24
82.25.112.0/21 maxlen: 24
82.25.120.0/21 maxlen: 24
82.29.56.0/21 maxlen: 24
82.29.80.0/21 maxlen: 24
82.29.152.0/21 maxlen: 24
82.29.160.0/21 maxlen: 24
82.29.168.0/21 maxlen: 24
82.29.176.0/21 maxlen: 24
82.29.184.0/21 maxlen: 24
82.29.192.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
b4:49:f5:e4:e9:10:73:5e:20:c3:f7:ed:75:27:77:b6:2e:86:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 4 13:02:49 2025 GMT
Not After : Feb 3 13:07:49 2026 GMT
Subject: CN=4F8E370E3B143C83E5565D47C0D268712E15D74D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0c:18:76:2f:0d:f0:d2:10:fa:2f:14:db:ea:
e0:de:bf:d3:3a:32:a2:48:63:07:1a:8b:82:96:97:
b1:af:c5:bd:b9:5a:34:1d:43:9a:c0:20:22:50:d2:
fe:11:64:14:f1:3d:29:6d:1a:8e:b0:93:80:ad:46:
a5:83:37:a3:38:a1:5d:7a:16:46:09:6a:3d:9b:a2:
38:8a:49:d8:e3:1c:77:4c:97:e3:d2:83:9a:9a:37:
1e:5e:03:c8:51:75:d7:26:d2:d7:a2:10:82:48:12:
56:81:11:11:7a:23:33:a0:5f:74:36:c0:f5:6b:86:
79:8b:ca:e6:1a:95:d5:4e:5c:b6:78:d1:7a:bc:c0:
a2:8e:95:f1:d8:f7:5f:22:78:fb:44:b4:be:ec:3c:
fe:7d:49:1d:01:ad:f8:fe:4b:16:40:af:ab:07:8e:
a6:d1:e0:72:64:dd:20:30:41:09:8f:1e:73:04:f6:
0e:51:f8:23:a2:a9:8f:26:bf:e5:4e:0a:90:df:b3:
e5:7e:e6:f0:26:71:6c:a9:a4:89:28:30:18:75:c1:
be:40:3d:ea:52:5f:b1:86:d0:73:c1:d6:44:d7:11:
9c:e7:be:30:92:1b:96:94:9c:10:86:63:ef:2d:64:
48:73:7b:b1:65:4f:9a:45:3e:f6:ad:f5:d4:d4:64:
7b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8E:37:0E:3B:14:3C:83:E5:56:5D:47:C0:D2:68:71:2E:15:D7:4D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS47583.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.64.0/18
82.29.56.0/21
82.29.80.0/21
82.29.152.0-82.29.199.255
Signature Algorithm: sha256WithRSAEncryption
9d:bb:93:81:88:ec:39:d3:db:5e:7b:40:08:57:22:35:2d:d7:
d1:85:6c:74:35:bf:7f:ca:60:47:77:9d:3e:64:83:c6:37:ee:
e1:8f:07:f9:8c:2a:46:93:3b:36:57:5e:45:1d:71:b2:3e:85:
d8:10:c0:22:ac:3d:9d:21:e3:69:ac:68:31:c7:cb:4f:38:11:
7e:3a:bb:fc:35:ed:be:8d:88:9b:19:26:02:ac:b9:2d:b3:59:
5d:3e:8a:2f:02:93:b3:2d:20:d0:e2:6d:b2:77:52:0c:c9:2b:
bb:d2:18:79:7f:59:46:f8:6c:77:d3:13:58:08:46:a7:19:dd:
00:04:91:a6:37:7e:c4:e0:e7:94:21:01:77:a3:a8:be:e9:f5:
86:e4:83:d0:15:8e:aa:db:a0:f3:7b:67:a9:7c:62:4a:28:0e:
5a:e2:39:7f:5d:38:ad:19:fd:e1:cb:cd:b4:4e:d7:66:d9:20:
c9:c2:75:19:b3:05:23:b9:4f:5d:3c:8e:c8:04:9a:93:0e:01:
13:4a:ca:53:91:ac:0b:f4:f4:bf:f7:85:24:85:4b:78:94:c6:
58:de:17:b2:f4:92:4d:cd:d0:7d:77:25:06:34:e1:7e:ba:b1:
90:c2:eb:69:cf:44:7b:30:0a:4a:88:96:ff:36:83:94:cf:34:
fe:61:52:47
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIUALRJ9eTpEHNeIMP37XUnd7YuhvQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDQxMzAyNDlaFw0yNjAyMDMxMzA3NDlaMDMxMTAvBgNV
BAMTKDRGOEUzNzBFM0IxNDNDODNFNTU2NUQ0N0MwRDI2ODcxMkUxNUQ3NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDBh2Lw3w0hD6LxTb6uDev9M6
MqJIYwcai4KWl7Gvxb25WjQdQ5rAICJQ0v4RZBTxPSltGo6wk4CtRqWDN6M4oV16
FkYJaj2bojiKSdjjHHdMl+PSg5qaNx5eA8hRddcm0teiEIJIElaBERF6IzOgX3Q2
wPVrhnmLyuYaldVOXLZ40Xq8wKKOlfHY918iePtEtL7sPP59SR0Brfj+SxZAr6sH
jqbR4HJk3SAwQQmPHnME9g5R+COiqY8mv+VOCpDfs+V+5vAmcWyppIkoMBh1wb5A
PepSX7GG0HPB1kTXEZznvjCSG5aUnBCGY+8tZEhze7FlT5pFPvat9dTUZHsLAgMB
AAGjggIjMIICHzAdBgNVHQ4EFgQUT443DjsUPIPlVl1HwNJocS4V100wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDc1ODMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBAZSGUAD
BANSHTgDBANSHVAwDAMEA1IdmAMEA1IdwDANBgkqhkiG9w0BAQsFAAOCAQEAnbuT
gYjsOdPbXntACFciNS3X0YVsdDW/f8pgR3edPmSDxjfu4Y8H+YwqRpM7NldeRR1x
sj6F2BDAIqw9nSHjaaxoMcfLTzgRfjq7/DXtvo2ImxkmAqy5LbNZXT6KLwKTsy0g
0OJtsndSDMkru9IYeX9ZRvhsd9MTWAhGpxndAASRpjd+xODnlCEBd6Oovun1huSD
0BWOqtug83tnqXxiSigOWuI5f104rRn94cvNtE7XZtkgycJ1GbMFI7lPXTyOyASa
kw4BE0rKU5GsC/T0v/eFJIVLeJTGWN4XsvSSTc3QfXclBjThfrqxkMLrac9EezAK
SoiW/zaDlM80/mFSRw==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:23:59 2025 by rpki-client