Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS400529.roa
File: AS400529.roa (raw, json)
Hash identifier: mA+59zbgjdaF8SHuPaDqzEpKO1tfIIoXohnqkMcxhRc=
Subject key identifier: C0:6C:C9:A9:47:CA:F2:01:03:C0:3B:B2:F9:05:7B:BB:AC:2F:0B:C6
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 713CBF9056918FB75D448E7E0B1A83C35B3A9DF2
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS400529.roa
Signing time: Tue 11 Mar 2025 20:53:58 +0000
ROA not before: Tue 11 Mar 2025 20:48:58 +0000
ROA not after: Tue 10 Mar 2026 20:53:58 +0000
asID: 400529
IP address blocks: 45.149.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:3c:bf:90:56:91:8f:b7:5d:44:8e:7e:0b:1a:83:c3:5b:3a:9d:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Mar 11 20:48:58 2025 GMT
Not After : Mar 10 20:53:58 2026 GMT
Subject: CN=C06CC9A947CAF20103C03BB2F9057BBBAC2F0BC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c7:7e:87:10:07:6f:db:24:8a:8c:1f:32:1e:
5f:c2:b8:3c:82:8a:00:b6:f4:21:6c:a7:43:39:65:
c3:7d:37:89:84:b9:1d:30:b8:9e:fa:8d:da:93:c0:
c9:62:9e:92:c6:b2:b6:36:be:d9:11:16:0f:1b:62:
1f:b3:82:69:f9:f3:10:62:1b:43:f5:a9:d2:4a:79:
20:6f:6c:b8:3e:4d:17:fa:be:fd:a4:b4:b0:85:a6:
8b:5c:be:85:3b:9b:5e:d4:c7:f3:d6:46:1c:16:f2:
9c:3a:4c:be:8f:09:22:16:01:50:7d:00:91:78:2b:
df:3d:28:c5:bb:e2:75:f0:63:e4:0e:4e:14:df:38:
0d:eb:e9:5c:64:4c:58:87:6c:c7:82:70:7f:ab:94:
58:2f:3e:85:bc:08:8c:87:8c:2f:f8:ac:b4:29:34:
59:4a:3f:39:32:7d:84:8f:11:4f:87:86:d8:1e:d8:
7b:76:14:85:c7:95:c3:93:e7:06:3b:d3:15:42:c1:
38:f9:90:b6:3a:05:9a:fd:d0:00:34:cd:d1:c4:a3:
be:b9:39:77:12:4a:5e:54:3e:f0:fa:6f:04:26:07:
03:aa:31:b2:03:d8:da:cb:bd:ea:64:62:58:91:63:
7d:84:1f:3c:39:80:6b:50:82:9c:5f:d8:19:51:b1:
37:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6C:C9:A9:47:CA:F2:01:03:C0:3B:B2:F9:05:7B:BB:AC:2F:0B:C6
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS400529.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.185.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c9:dd:62:03:20:43:12:ed:64:f1:37:2d:ff:68:e0:5a:b8:
f5:5a:62:57:20:33:81:2e:52:ec:a6:62:f7:57:a5:f1:dd:c4:
39:9a:67:d1:38:2a:70:6b:38:10:0b:96:81:91:94:5d:e5:1b:
af:b9:48:42:50:43:5e:74:01:64:e6:9f:76:3d:44:89:79:99:
8e:21:e1:b8:86:61:45:92:b7:34:6a:fe:08:3e:58:2d:cd:b7:
c3:a2:f9:8b:03:49:58:89:b8:10:22:a0:59:83:1a:77:4e:1b:
af:97:8c:0a:cd:02:14:6d:7b:6c:66:b7:66:50:1b:6c:b3:59:
96:6e:37:77:e1:66:be:6d:8e:02:00:f2:0c:d8:e0:35:53:ab:
01:e6:82:41:58:15:05:0c:22:f2:c5:d3:2d:f8:fe:f5:7b:3a:
06:50:64:6f:96:91:f6:1d:21:34:60:29:f5:fe:8e:46:2e:b9:
7e:c1:4a:cb:b3:d4:a3:dd:a5:b6:7e:c6:da:02:02:c1:ef:9d:
c2:76:d5:34:cb:f7:79:5d:70:cf:1d:00:4d:b8:fd:1a:61:fd:
9a:7f:eb:ca:1b:5a:c7:14:81:8b:b3:75:30:95:aa:b5:3b:15:
79:94:7f:ec:98:64:69:62:54:e7:5a:cd:3c:6d:87:52:7e:10:
60:d9:1d:69
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUcTy/kFaRj7ddRI5+CxqDw1s6nfIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTAzMTEyMDQ4NThaFw0yNjAzMTAyMDUzNThaMDMxMTAvBgNV
BAMTKEMwNkNDOUE5NDdDQUYyMDEwM0MwM0JCMkY5MDU3QkJCQUMyRjBCQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQx36HEAdv2ySKjB8yHl/CuDyC
igC29CFsp0M5ZcN9N4mEuR0wuJ76jdqTwMlinpLGsrY2vtkRFg8bYh+zgmn58xBi
G0P1qdJKeSBvbLg+TRf6vv2ktLCFpotcvoU7m17Ux/PWRhwW8pw6TL6PCSIWAVB9
AJF4K989KMW74nXwY+QOThTfOA3r6VxkTFiHbMeCcH+rlFgvPoW8CIyHjC/4rLQp
NFlKPzkyfYSPEU+Hhtge2Ht2FIXHlcOT5wY70xVCwTj5kLY6BZr90AA0zdHEo765
OXcSSl5UPvD6bwQmBwOqMbID2NrLvepkYliRY32EHzw5gGtQgpxf2BlRsTfhAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUwGzJqUfK8gEDwDuy+QV7u6wvC8YwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTNDAwNTI5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZW5
MA0GCSqGSIb3DQEBCwUAA4IBAQApyd1iAyBDEu1k8Tct/2jgWrj1WmJXIDOBLlLs
pmL3V6Xx3cQ5mmfROCpwazgQC5aBkZRd5RuvuUhCUENedAFk5p92PUSJeZmOIeG4
hmFFkrc0av4IPlgtzbfDovmLA0lYibgQIqBZgxp3Thuvl4wKzQIUbXtsZrdmUBts
s1mWbjd34Wa+bY4CAPIM2OA1U6sB5oJBWBUFDCLyxdMt+P71ezoGUGRvlpH2HSE0
YCn1/o5GLrl+wUrLs9Sj3aW2fsbaAgLB753CdtU0y/d5XXDPHQBNuP0aYf2af+vK
G1rHFIGLs3Uwlaq1OxV5lH/smGRpYlTnWs08bYdSfhBg2R1p
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:18:16 2025 by rpki-client