Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59993.roa
File: AS59993.roa (raw, json)
Hash identifier: 7izpeMCWTWYWHIcAmUv3a/FIMKJkFlhys0PafCJKEOs=
Subject key identifier: 1F:AF:AE:7C:F6:E0:AB:9B:75:18:EB:BA:05:E2:D2:CC:72:05:A1:43
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 77680B1931DD71A91917708289C35AAC7E85CCDB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59993.roa
Signing time: Fri 16 May 2025 10:19:42 +0000
ROA not before: Fri 16 May 2025 10:14:42 +0000
ROA not after: Fri 15 May 2026 10:19:42 +0000
asID: 59993
IP address blocks: 2a13:9500:47::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:68:0b:19:31:dd:71:a9:19:17:70:82:89:c3:5a:ac:7e:85:cc:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 16 10:14:42 2025 GMT
Not After : May 15 10:19:42 2026 GMT
Subject: CN=1FAFAE7CF6E0AB9B7518EBBA05E2D2CC7205A143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5e:b5:6f:6f:88:2e:0c:f8:d8:74:08:4a:45:
59:5f:04:c2:db:fd:eb:fa:c8:01:07:2a:34:38:b0:
51:cf:61:bb:46:b8:24:3b:f6:75:65:59:23:b8:8b:
69:3a:91:e2:1b:f8:79:a7:db:83:22:00:b8:d9:4c:
b4:1b:b7:fb:de:ee:c8:c2:eb:cc:a1:da:6a:d1:cf:
6d:f5:53:87:fb:96:fd:cc:78:44:49:96:6e:3d:1c:
f8:1f:1b:2d:c6:8d:c1:1d:b1:69:2f:81:4a:a2:0d:
80:aa:5a:38:15:84:cd:64:7d:9a:c0:10:d7:2c:d8:
f7:f0:7d:99:de:31:36:f8:de:63:03:0b:3b:cb:92:
ac:34:4b:70:e9:95:69:30:83:74:c0:22:45:4a:9d:
df:7a:8d:9b:74:01:83:11:82:ce:a5:2f:6d:a6:86:
56:94:78:0b:d1:5e:93:c0:64:b3:e2:fd:24:e4:aa:
b4:6a:2b:cd:14:19:8a:1e:de:a7:58:18:a3:50:25:
6b:cd:79:ed:56:09:29:58:ab:94:e5:1a:b1:ec:53:
b4:6c:31:ea:ac:5d:c2:7d:f0:17:0b:75:ee:f4:3a:
e0:87:54:4c:83:ed:b9:c9:90:21:b4:2d:e6:d1:1e:
4b:7b:3f:f9:0b:a5:97:e0:d4:bf:bf:86:b2:0a:f6:
f6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AF:AE:7C:F6:E0:AB:9B:75:18:EB:BA:05:E2:D2:CC:72:05:A1:43
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59993.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:47::/48
Signature Algorithm: sha256WithRSAEncryption
1a:97:6a:a7:b3:5f:dd:e6:d9:fd:f3:0f:bf:47:f8:d4:8e:d0:
fa:a9:92:d6:04:95:fb:9f:d9:27:ad:2a:7f:31:03:25:33:78:
ce:c7:9e:77:da:8c:9e:16:7d:4a:89:9e:17:4e:e2:ad:70:11:
1d:d6:55:6f:7d:4d:09:ee:6e:9a:01:c7:2d:0b:97:e2:19:97:
86:eb:55:bf:cd:47:bc:43:91:b2:6d:d6:d3:22:f1:9e:8f:43:
5d:a0:5f:8f:43:ce:48:1c:0e:69:1d:92:2d:f2:1e:cd:ba:14:
99:0f:78:b8:58:33:6e:04:e5:ee:b0:bb:8c:38:4f:e8:fd:6f:
10:0e:a6:f2:4c:01:bb:b1:34:c0:bc:38:f6:10:8d:ee:15:db:
08:b0:3d:94:4b:fc:e2:d0:43:71:e8:30:63:9e:8c:84:21:02:
13:cd:a9:65:4e:5d:1d:aa:40:c1:18:77:e8:88:3f:be:04:fb:
21:f4:82:57:af:10:d4:b0:b9:b6:f8:45:44:12:ed:6b:5c:1c:
5d:81:d1:b7:00:b2:29:99:8a:82:af:f9:3b:3b:d0:a9:5d:9d:
42:84:90:9e:41:ad:7d:d0:d9:12:4a:b4:fb:77:29:49:75:ec:
ee:88:d9:8d:dc:6e:27:01:5b:95:b1:73:ce:31:28:93:48:a7:
68:da:ce:24
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUd2gLGTHdcakZF3CCicNarH6FzNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MTYxMDE0NDJaFw0yNjA1MTUxMDE5NDJaMDMxMTAvBgNV
BAMTKDFGQUZBRTdDRjZFMEFCOUI3NTE4RUJCQTA1RTJEMkNDNzIwNUExNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUXrVvb4guDPjYdAhKRVlfBMLb
/ev6yAEHKjQ4sFHPYbtGuCQ79nVlWSO4i2k6keIb+Hmn24MiALjZTLQbt/ve7sjC
68yh2mrRz231U4f7lv3MeERJlm49HPgfGy3GjcEdsWkvgUqiDYCqWjgVhM1kfZrA
ENcs2PfwfZneMTb43mMDCzvLkqw0S3DplWkwg3TAIkVKnd96jZt0AYMRgs6lL22m
hlaUeAvRXpPAZLPi/STkqrRqK80UGYoe3qdYGKNQJWvNee1WCSlYq5TlGrHsU7Rs
MeqsXcJ98BcLde70OuCHVEyD7bnJkCG0LebRHkt7P/kLpZfg1L+/hrIK9vaXAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUH6+ufPbgq5t1GOu6BeLSzHIFoUMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTk5OTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqE5UA
AEcwDQYJKoZIhvcNAQELBQADggEBABqXaqezX93m2f3zD79H+NSO0PqpktYElfuf
2SetKn8xAyUzeM7HnnfajJ4WfUqJnhdO4q1wER3WVW99TQnubpoBxy0Ll+IZl4br
Vb/NR7xDkbJt1tMi8Z6PQ12gX49DzkgcDmkdki3yHs26FJkPeLhYM24E5e6wu4w4
T+j9bxAOpvJMAbuxNMC8OPYQje4V2wiwPZRL/OLQQ3HoMGOejIQhAhPNqWVOXR2q
QMEYd+iIP74E+yH0glevENSwubb4RUQS7WtcHF2B0bcAsimZioKv+Ts70KldnUKE
kJ5BrX3Q2RJKtPt3KUl17O6I2Y3cbicBW5Wxc84xKJNIp2jaziQ=
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:56:26 2025 by rpki-client