Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: qwHwqNnf+GCZSN4dszeTTCiKJP6ZkiIHkXUBINt5SEA=
Subject key identifier: 43:15:31:8B:AA:86:DF:78:91:98:9C:93:D0:41:43:F8:F8:24:79:0A
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 13AA2779AB6EABAD037D89A2B38C26F30854E189
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS0.roa
Signing time: Thu 22 May 2025 03:22:10 +0000
ROA not before: Thu 22 May 2025 03:17:10 +0000
ROA not after: Thu 21 May 2026 03:22:10 +0000
asID: 0
IP address blocks: 2a0f:85c1:295::/48 maxlen: 48
2a0f:85c1:340::/48 maxlen: 48
2a0f:85c1:343::/48 maxlen: 48
2a0f:85c1:354::/48 maxlen: 48
2a0f:85c1:35a::/48 maxlen: 48
2a0f:85c1:362::/48 maxlen: 48
2a0f:85c1:396::/48 maxlen: 48
2a0f:85c1:399::/48 maxlen: 48
2a0f:85c1:39a::/48 maxlen: 48
2a0f:85c1:3a0::/48 maxlen: 48
2a0f:85c1:3a1::/48 maxlen: 48
2a0f:85c1:3a7::/48 maxlen: 48
2a0f:85c1:3af::/48 maxlen: 48
2a0f:85c1:3b2::/48 maxlen: 48
2a0f:85c1:3b3::/48 maxlen: 48
2a0f:85c1:3bb::/48 maxlen: 48
2a0f:85c1:3c8::/48 maxlen: 48
2a0f:85c1:3d0::/48 maxlen: 48
2a0f:85c1:3f3::/48 maxlen: 48
2a0f:85c1:834::/48 maxlen: 48
2a0f:85c1:885::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 01 Jun 2025 22:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:aa:27:79:ab:6e:ab:ad:03:7d:89:a2:b3:8c:26:f3:08:54:e1:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: May 22 03:17:10 2025 GMT
Not After : May 21 03:22:10 2026 GMT
Subject: CN=4315318BAA86DF7891989C93D04143F8F824790A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:36:31:4a:17:5e:71:a6:03:a3:3b:44:3e:7b:
f6:90:b6:d3:ea:c3:58:0d:7e:bd:b4:06:7e:7e:11:
72:61:ef:81:9d:0e:1a:58:00:09:d9:e2:05:d1:ef:
7b:5e:bc:09:b7:9c:6c:54:67:b6:2f:41:b1:9f:ef:
5c:9d:18:be:f8:4e:67:20:7d:34:50:88:c0:8e:60:
71:43:f3:42:dd:8b:0e:2a:65:7f:c3:58:64:07:d4:
b8:40:9e:a1:0c:f5:ed:2e:91:cf:65:8d:95:47:1b:
d6:bc:ea:10:ac:b7:7d:61:43:c3:f5:51:46:bb:62:
1e:7b:40:b1:3d:10:50:88:bb:04:08:d1:26:84:8e:
4c:af:48:5a:ad:aa:ef:9d:b6:91:38:e5:dd:81:50:
21:9d:22:c4:5c:87:03:15:26:d8:b0:8d:e2:e5:1a:
39:c1:47:9a:ef:6d:e8:7e:4e:3e:35:a2:74:5a:45:
da:7c:91:fe:12:c2:f6:dc:dc:50:3d:b2:16:08:9e:
72:53:b6:a9:0f:54:6f:60:f9:e2:b7:f0:7a:e8:fe:
c2:c3:3d:c4:31:3d:a1:f4:0f:5d:b5:1d:04:96:78:
37:31:55:9c:f2:bd:d5:64:08:29:01:ff:35:30:0b:
7d:0c:5e:68:80:e3:57:72:e2:97:c5:63:e2:93:3e:
69:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:15:31:8B:AA:86:DF:78:91:98:9C:93:D0:41:43:F8:F8:24:79:0A
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:295::/48
2a0f:85c1:340::/48
2a0f:85c1:343::/48
2a0f:85c1:354::/48
2a0f:85c1:35a::/48
2a0f:85c1:362::/48
2a0f:85c1:396::/48
2a0f:85c1:399::-2a0f:85c1:39a:ffff:ffff:ffff:ffff:ffff
2a0f:85c1:3a0::/47
2a0f:85c1:3a7::/48
2a0f:85c1:3af::/48
2a0f:85c1:3b2::/47
2a0f:85c1:3bb::/48
2a0f:85c1:3c8::/48
2a0f:85c1:3d0::/48
2a0f:85c1:3f3::/48
2a0f:85c1:834::/48
2a0f:85c1:885::/48
Signature Algorithm: sha256WithRSAEncryption
c4:e4:9f:f9:cb:3c:ba:df:53:77:73:34:80:77:0a:2b:a9:65:
c1:03:92:be:89:cd:2c:42:ca:14:ea:e9:ff:63:7c:5c:19:f0:
bc:e1:42:49:ec:f6:e9:63:61:ac:3a:37:09:ac:5a:aa:b6:85:
bb:95:a5:82:fb:27:02:79:2c:f4:47:f6:00:00:a0:84:c1:98:
48:d7:2d:9c:bd:35:39:16:76:ae:18:81:24:36:df:7c:a2:65:
24:19:b3:49:7f:90:4a:77:cc:07:ae:da:83:cf:55:5b:d1:80:
54:d0:64:7b:a8:92:2f:4b:19:0d:3d:f7:98:69:d8:fa:6e:67:
95:23:d3:98:b0:9c:33:ec:e4:ae:b2:cf:f3:04:85:53:57:75:
05:b7:e1:37:d6:cb:20:0e:ad:45:40:d9:93:90:f3:3d:f7:6d:
2d:1d:23:63:54:53:ee:48:60:e4:3f:57:48:98:a2:db:9a:12:
7a:2c:c9:39:06:56:83:5b:43:16:14:97:33:d7:30:4e:bf:e2:
c2:aa:d3:54:39:98:1c:3a:71:f9:f6:19:57:1c:b5:14:1f:1a:
09:b6:a4:9c:46:00:fb:cb:e6:b3:b0:4d:6d:31:8a:98:38:5d:
e1:9b:57:06:04:53:21:14:fc:c9:9b:73:1a:d6:75:32:f4:10:
09:13:00:f2
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgIUE6oneatuq60DfYmis4wm8whU4YkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA1MjIwMzE3MTBaFw0yNjA1MjEwMzIyMTBaMDMxMTAvBgNV
BAMTKDQzMTUzMThCQUE4NkRGNzg5MTk4OUM5M0QwNDE0M0Y4RjgyNDc5MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqNjFKF15xpgOjO0Q+e/aQttPq
w1gNfr20Bn5+EXJh74GdDhpYAAnZ4gXR73tevAm3nGxUZ7YvQbGf71ydGL74Tmcg
fTRQiMCOYHFD80Ldiw4qZX/DWGQH1LhAnqEM9e0ukc9ljZVHG9a86hCst31hQ8P1
UUa7Yh57QLE9EFCIuwQI0SaEjkyvSFqtqu+dtpE45d2BUCGdIsRchwMVJtiwjeLl
GjnBR5rvbeh+Tj41onRaRdp8kf4Swvbc3FA9shYInnJTtqkPVG9g+eK38Hro/sLD
PcQxPaH0D121HQSWeDcxVZzyvdVkCCkB/zUwC30MXmiA41dy4pfFY+KTPmkhAgMB
AAGjggKxMIICrTAdBgNVHQ4EFgQUQxUxi6qG33iRmJyT0EFD+PgkeQowHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCBygYIKwYBBQUHAQcBAf8EgbowgbcwgbQEAgACMIGtAwcAKg+F
wQKVAwcAKg+FwQNAAwcAKg+FwQNDAwcAKg+FwQNUAwcAKg+FwQNaAwcAKg+FwQNi
AwcAKg+FwQOWMBIDBwAqD4XBA5kDBwAqD4XBA5oDBwEqD4XBA6ADBwAqD4XBA6cD
BwAqD4XBA68DBwEqD4XBA7IDBwAqD4XBA7sDBwAqD4XBA8gDBwAqD4XBA9ADBwAq
D4XBA/MDBwAqD4XBCDQDBwAqD4XBCIUwDQYJKoZIhvcNAQELBQADggEBAMTkn/nL
PLrfU3dzNIB3CiupZcEDkr6JzSxCyhTq6f9jfFwZ8LzhQkns9uljYaw6NwmsWqq2
hbuVpYL7JwJ5LPRH9gAAoITBmEjXLZy9NTkWdq4YgSQ233yiZSQZs0l/kEp3zAeu
2oPPVVvRgFTQZHuoki9LGQ0995hp2PpuZ5Uj05iwnDPs5K6yz/MEhVNXdQW34TfW
yyAOrUVA2ZOQ8z33bS0dI2NUU+5IYOQ/V0iYotuaEnosyTkGVoNbQxYUlzPXME6/
4sKq01Q5mBw6cfn2GVcctRQfGgm2pJxGAPvL5rOwTW0xipg4XeGbVwYEUyEU/Mmb
cxrWdTL0EAkTAPI=
-----END CERTIFICATE-----
Generated at Sun Jun 1 03:13:37 2025 by rpki-client