Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS984.roa
File: AS984.roa (raw, json)
Hash identifier: VRdrMIkLQksG0luCe/1TEtsJ1OA70FLTE6pZVPZItlI=
Subject key identifier: 31:BC:AA:D0:C0:09:2A:A8:2F:32:20:67:BB:ED:03:62:DF:FA:59:CA
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 067F7F24CF43770FA54A9A232CCA444B7065137D
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS984.roa
Signing time: Mon 15 Sep 2025 03:13:10 +0000
ROA not before: Mon 15 Sep 2025 03:08:10 +0000
ROA not after: Mon 14 Sep 2026 03:13:10 +0000
asID: 984
IP address blocks: 45.146.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:7f:7f:24:cf:43:77:0f:a5:4a:9a:23:2c:ca:44:4b:70:65:13:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Sep 15 03:08:10 2025 GMT
Not After : Sep 14 03:13:10 2026 GMT
Subject: CN=31BCAAD0C0092AA82F322067BBED0362DFFA59CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bf:f9:a2:6b:70:c4:5c:d9:cd:92:bc:f1:67:
e5:61:a3:d6:9f:e8:d2:e7:05:ab:29:e0:ff:c9:67:
04:29:bd:c6:b4:11:97:11:eb:26:26:64:70:6f:72:
75:58:51:8c:a8:b1:d8:3b:fa:7c:3a:48:7a:15:ed:
2b:30:d3:90:27:b2:8e:50:3a:07:e4:ac:73:9b:37:
90:6d:a0:f8:26:8e:28:58:cf:c6:32:ff:98:78:d7:
35:da:e0:64:66:52:33:8c:8f:61:30:30:7e:bd:82:
16:5f:02:a0:a3:3f:a0:58:96:c1:cd:1f:5c:f1:8f:
8d:05:fc:8d:d3:03:29:24:ac:89:7c:f1:71:af:d3:
c7:de:41:c4:b9:3d:40:04:ac:1c:25:ae:9a:fb:53:
7f:b3:a9:91:1f:c2:74:11:c8:dc:de:a9:6d:96:c5:
e6:21:eb:24:30:62:4b:d3:3e:1d:0c:02:fe:cb:c6:
55:41:98:02:1b:29:71:27:9e:51:02:52:71:9b:97:
69:b7:58:b9:7f:07:4d:49:90:ac:1a:70:42:99:33:
21:45:bb:65:76:f6:fd:ab:2a:e3:cb:a3:d3:ce:8e:
db:ce:fe:bb:32:cc:28:2a:2d:d2:b6:35:c0:4a:71:
3f:8e:c9:37:a3:40:0b:61:cc:f1:62:63:49:d8:c5:
74:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:BC:AA:D0:C0:09:2A:A8:2F:32:20:67:BB:ED:03:62:DF:FA:59:CA
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS984.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.80.0/24
Signature Algorithm: sha256WithRSAEncryption
17:72:86:d9:49:2b:d1:93:a6:6e:d1:f7:03:a7:a5:06:1f:3d:
43:85:a8:2e:d7:ad:1b:69:6c:8e:46:b6:a0:b9:b2:56:a3:46:
5d:68:f9:b7:da:cb:b5:c1:a7:5f:b5:d8:a9:d8:75:39:e6:39:
08:04:92:94:c8:3a:b1:c2:16:61:eb:b1:59:5c:a2:e7:d7:a9:
df:38:5b:34:a9:92:4f:8b:b2:92:70:a0:24:b2:1d:43:e6:aa:
23:7b:5b:0f:c9:4d:de:b6:c4:73:bc:79:be:84:86:09:5f:b2:
ae:06:93:2f:ee:25:7d:ba:2b:51:05:79:b5:54:17:ca:1f:4b:
2f:77:86:b9:6d:57:3c:fb:50:78:73:ad:40:07:8d:78:17:14:
ae:ad:be:1c:d9:24:fd:c5:ad:70:eb:ea:fb:90:49:1b:f4:86:
4a:7c:1c:94:26:18:0b:00:87:af:51:87:1b:cf:04:98:aa:65:
9c:d5:6e:4b:e3:65:39:11:3e:57:44:b6:9e:5e:79:b6:e2:f6:
c1:9e:eb:cb:02:89:50:cc:e2:b3:23:54:d0:3b:4b:ff:6d:47:
15:c2:12:a0:88:1b:b8:b0:99:f8:86:b6:44:7e:3e:21:10:d7:
b8:34:c7:0a:b3:ac:79:11:6d:2b:c1:2c:a7:d4:56:79:51:ca:
4b:95:9a:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUBn9/JM9Ddw+lSpojLMpES3BlE30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTA5MTUwMzA4MTBaFw0yNjA5MTQwMzEzMTBaMDMxMTAvBgNV
BAMTKDMxQkNBQUQwQzAwOTJBQTgyRjMyMjA2N0JCRUQwMzYyREZGQTU5Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3v/mia3DEXNnNkrzxZ+Vho9af
6NLnBasp4P/JZwQpvca0EZcR6yYmZHBvcnVYUYyosdg7+nw6SHoV7Ssw05Anso5Q
OgfkrHObN5BtoPgmjihYz8Yy/5h41zXa4GRmUjOMj2EwMH69ghZfAqCjP6BYlsHN
H1zxj40F/I3TAykkrIl88XGv08feQcS5PUAErBwlrpr7U3+zqZEfwnQRyNzeqW2W
xeYh6yQwYkvTPh0MAv7LxlVBmAIbKXEnnlECUnGbl2m3WLl/B01JkKwacEKZMyFF
u2V29v2rKuPLo9POjtvO/rsyzCgqLdK2NcBKcT+OyTejQAthzPFiY0nYxXQPAgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQUMbyq0MAJKqgvMiBnu+0DYt/6WcowHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTOTg0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZJQMA0G
CSqGSIb3DQEBCwUAA4IBAQAXcobZSSvRk6Zu0fcDp6UGHz1Dhagu160baWyORrag
ubJWo0ZdaPm32su1wadftdip2HU55jkIBJKUyDqxwhZh67FZXKLn16nfOFs0qZJP
i7KScKAksh1D5qoje1sPyU3etsRzvHm+hIYJX7KuBpMv7iV9uitRBXm1VBfKH0sv
d4a5bVc8+1B4c61AB414FxSurb4c2ST9xa1w6+r7kEkb9IZKfByUJhgLAIevUYcb
zwSYqmWc1W5L42U5ET5XRLaeXnm24vbBnuvLAolQzOKzI1TQO0v/bUcVwhKgiBu4
sJn4hrZEfj4hENe4NMcKs6x5EW0rwSyn1FZ5UcpLlZob
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:11:48 2025 by rpki-client