Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: 1PXCZ4VlKqgcrmK2vaAIXgA1N9VvIDoSWgTa0qJD6nA=
Subject key identifier: 76:25:34:14:2C:38:F4:DA:21:28:21:61:75:4E:B5:AE:EE:9C:06:5D
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 7A0DE77BBE4B01E0767A6202AECE0E7E349AF165
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Sat 06 Sep 2025 10:04:17 +0000
ROA not before: Sat 06 Sep 2025 09:59:17 +0000
ROA not after: Sat 05 Sep 2026 10:04:17 +0000
asID: 0
IP address blocks: 2a14:7580:b000::/36 maxlen: 48
2a14:7581:f80::/44 maxlen: 48
2a14:7581:f90::/44 maxlen: 48
2a14:7581:fff::/48 maxlen: 48
2a14:7583::/32 maxlen: 32
2a14:7583:3000::/36 maxlen: 48
2a14:7584:2000::/36 maxlen: 48
2a14:7584:d000::/36 maxlen: 48
2a14:7585::/32 maxlen: 48
2a14:7586::/32 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 13:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:0d:e7:7b:be:4b:01:e0:76:7a:62:02:ae:ce:0e:7e:34:9a:f1:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Sep 6 09:59:17 2025 GMT
Not After : Sep 5 10:04:17 2026 GMT
Subject: CN=762534142C38F4DA21282161754EB5AEEE9C065D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:59:36:16:18:85:62:d9:6d:7a:8f:72:c1:99:
45:98:5a:f9:f7:9c:8d:7b:ec:21:39:3d:a3:9c:99:
13:d0:e5:28:a3:53:9d:f6:e6:a4:90:04:71:af:29:
5d:96:c9:97:f8:10:3e:08:41:eb:a2:95:32:e0:b5:
1b:98:a1:4e:2f:d8:35:50:9b:33:65:0a:3b:e9:6c:
5b:0f:d5:b2:d9:83:03:81:d8:31:0e:6f:67:8d:1a:
7f:b3:45:1e:29:93:74:ff:5f:fa:a9:46:f1:79:57:
7b:bf:b8:ff:44:d0:13:c5:ce:e0:3d:32:34:03:e0:
4e:71:f9:1e:b3:84:67:45:aa:98:dc:f5:91:5e:a9:
9e:04:b3:2f:6f:c8:60:05:16:13:f4:a6:91:7e:05:
a3:79:d8:29:3a:58:7b:c5:3a:35:05:3c:94:40:a7:
65:28:01:33:ae:4e:d7:04:27:7a:76:0f:64:24:e7:
4a:ce:60:b6:e1:ad:ad:fd:59:fa:36:9f:d1:74:93:
a5:64:fa:25:31:e6:c9:5a:a3:5f:5c:68:96:6a:b7:
00:35:c5:3a:a9:05:36:e4:cc:9c:d9:b7:44:61:b2:
cc:92:12:14:5d:92:99:2a:72:d5:a3:64:00:76:9f:
25:71:1b:87:d7:1d:a1:1f:bc:a5:f6:76:66:3d:4e:
75:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:25:34:14:2C:38:F4:DA:21:28:21:61:75:4E:B5:AE:EE:9C:06:5D
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:b000::/36
2a14:7581:f80::/43
2a14:7581:fff::/48
2a14:7583::/32
2a14:7584:2000::/36
2a14:7584:d000::/36
2a14:7585::-2a14:7587:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
64:45:a4:d7:6d:24:12:3f:0d:13:40:6e:72:66:60:25:f2:11:
47:b4:1f:7b:76:9c:e4:ec:4b:3d:bb:56:1f:ee:8b:9e:b1:97:
a8:8a:ee:43:2d:87:b1:19:e1:5b:ef:5f:92:6d:6d:d4:d6:9d:
99:1a:65:15:4d:94:5b:a6:e9:ea:33:cc:bc:d0:02:85:21:f1:
38:40:71:5d:b2:47:c3:f5:d5:d6:49:77:28:f3:79:10:ee:27:
6c:46:0b:32:ea:8a:a5:8c:31:94:54:c8:6d:df:c9:05:99:37:
ca:64:b7:90:cf:7c:48:ab:ad:ab:09:d7:70:d8:45:1d:4b:a4:
d0:38:95:cc:45:55:71:af:7d:b9:c7:cc:4e:44:cf:18:7d:0a:
d3:02:9f:52:fe:5a:94:e2:70:73:0b:0a:4c:22:a9:f7:b4:75:
ed:db:6d:a5:08:55:b2:2d:58:f4:81:27:ae:ee:38:61:c9:f4:
6f:c9:43:2c:f6:59:73:59:fe:38:2d:38:de:22:25:54:88:02:
60:8f:5e:62:63:86:6d:dd:b4:01:ab:1f:21:fc:f7:8e:d4:c0:
6d:59:00:29:39:74:41:a5:d5:c5:eb:c7:56:b8:d2:cd:1f:0b:
c6:90:b9:48:e2:54:20:6b:f1:a5:2b:8a:2c:58:4e:c9:41:e1:
9f:ce:e5:f6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUeg3ne75LAeB2emICrs4OfjSa8WUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA5MDYwOTU5MTdaFw0yNjA5MDUxMDA0MTdaMDMxMTAvBgNV
BAMTKDc2MjUzNDE0MkMzOEY0REEyMTI4MjE2MTc1NEVCNUFFRUU5QzA2NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0WTYWGIVi2W16j3LBmUWYWvn3
nI177CE5PaOcmRPQ5SijU5325qSQBHGvKV2WyZf4ED4IQeuilTLgtRuYoU4v2DVQ
mzNlCjvpbFsP1bLZgwOB2DEOb2eNGn+zRR4pk3T/X/qpRvF5V3u/uP9E0BPFzuA9
MjQD4E5x+R6zhGdFqpjc9ZFeqZ4Esy9vyGAFFhP0ppF+BaN52Ck6WHvFOjUFPJRA
p2UoATOuTtcEJ3p2D2Qk50rOYLbhra39Wfo2n9F0k6Vk+iUx5slao19caJZqtwA1
xTqpBTbkzJzZt0RhssySEhRdkpkqctWjZAB2nyVxG4fXHaEfvKX2dmY9TnVxAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUdiU0FCw49NohKCFhdU61ru6cBl0wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBaBggrBgEFBQcBBwEB/wRLMEkwRwQCAAIwQQMGBCoUdYCwAwcF
KhR1gQ+AAwcAKhR1gQ//AwUAKhR1gwMGBCoUdYQgAwYEKhR1hNAwDgMFACoUdYUD
BQMqFHWAMA0GCSqGSIb3DQEBCwUAA4IBAQBkRaTXbSQSPw0TQG5yZmAl8hFHtB97
dpzk7Es9u1Yf7ouesZeoiu5DLYexGeFb71+SbW3U1p2ZGmUVTZRbpunqM8y80AKF
IfE4QHFdskfD9dXWSXco83kQ7idsRgsy6oqljDGUVMht38kFmTfKZLeQz3xIq62r
Cddw2EUdS6TQOJXMRVVxr325x8xORM8YfQrTAp9S/lqU4nBzCwpMIqn3tHXt222l
CFWyLVj0gSeu7jhhyfRvyUMs9llzWf44LTjeIiVUiAJgj15iY4Zt3bQBqx8h/PeO
1MBtWQApOXRBpdXF68dWuNLNHwvGkLlI4lQga/GlK4osWE7JQeGfzuX2
-----END CERTIFICATE-----
Generated at Sun Sep 7 02:18:01 2025 by rpki-client