Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: 1aeziKo0bCM86qbDMD0nYK46aM0nOyiKIMfR738NTfM=
Subject key identifier: 45:9D:61:1C:7E:58:1D:CD:DC:BC:DF:24:45:0E:17:F2:C6:F0:D5:3A
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 500B8543D20C9E324B852A9F971EEC1DEB62389E
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Sat 05 Apr 2025 04:56:51 +0000
ROA not before: Sat 05 Apr 2025 04:51:51 +0000
ROA not after: Sat 04 Apr 2026 04:56:51 +0000
asID: 0
IP address blocks: 2a14:7581:ff9::/48 maxlen: 48
2a14:7583::/32 maxlen: 48
2a14:7584:8000::/36 maxlen: 48
2a14:7586::/32 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:0b:85:43:d2:0c:9e:32:4b:85:2a:9f:97:1e:ec:1d:eb:62:38:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 5 04:51:51 2025 GMT
Not After : Apr 4 04:56:51 2026 GMT
Subject: CN=459D611C7E581DCDDCBCDF24450E17F2C6F0D53A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d7:8c:79:96:06:5e:17:2d:c4:90:cd:90:59:
85:fb:90:87:6d:1c:e0:e3:76:79:a2:9c:51:06:0f:
e7:a9:91:19:03:9a:80:bb:97:d5:38:4d:94:b7:91:
c3:02:6e:53:8f:90:a3:0f:6c:67:81:7e:70:f0:3c:
57:0a:e7:b3:d6:54:97:da:5e:71:54:1f:91:0e:e4:
fb:6e:2c:5a:a4:b3:39:4b:0f:91:54:22:98:e3:03:
fd:54:ca:c9:ab:50:07:b2:24:1c:f0:b7:67:e2:28:
16:55:bf:5c:c3:18:fb:3c:ad:fa:c6:fc:7e:c1:5b:
c5:84:66:07:0e:f9:32:0e:ac:98:6e:3b:52:e9:01:
6b:98:8b:d5:3a:7f:f8:0b:82:ef:07:6c:7a:ab:14:
93:b7:05:af:34:de:2f:d4:9f:5f:04:8a:8b:0a:d5:
48:be:a1:e3:ac:93:57:dc:10:5a:19:26:1f:c4:a1:
7f:6c:37:d7:5a:99:db:ee:86:40:d7:21:69:a7:78:
b2:e9:60:7c:1f:7b:24:50:7e:c9:34:fd:d1:e9:f3:
21:da:31:9d:16:28:2a:9e:05:da:ff:52:d1:a8:ee:
d6:b1:6c:3e:bf:62:e3:5b:4d:a8:e9:d1:23:18:39:
33:ef:28:7e:d4:39:ab:f4:0e:fc:27:18:bf:ea:3b:
26:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:9D:61:1C:7E:58:1D:CD:DC:BC:DF:24:45:0E:17:F2:C6:F0:D5:3A
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:ff9::/48
2a14:7583::/32
2a14:7584:8000::/36
2a14:7586::/31
Signature Algorithm: sha256WithRSAEncryption
9a:22:46:21:d3:cd:bc:7c:7a:1c:49:51:56:29:66:6c:66:c7:
b7:24:80:5b:5a:01:93:95:c5:f3:25:8e:a0:e2:bf:a4:0e:b5:
70:71:d8:ab:81:fa:7a:54:7e:c5:a1:1f:28:1c:fa:c7:1f:cb:
3a:0e:ca:f1:3d:c6:ad:e3:3b:03:a4:33:45:82:b2:6c:5a:a1:
b6:6c:91:25:b7:11:a0:df:37:f8:28:b1:f3:28:65:8f:f5:53:
a1:17:80:d5:a6:08:3a:c9:76:26:bd:2c:c8:ff:25:fa:f6:57:
8a:4d:ae:2e:45:60:12:b6:af:d6:1a:bc:d2:91:39:f2:b1:7d:
d4:5f:f3:70:18:e1:0f:9e:87:eb:21:5b:ad:87:27:74:b9:b0:
8c:9b:6f:7d:f2:f3:30:53:85:31:b2:7b:19:23:9d:74:2b:d6:
de:43:d7:98:b3:57:06:eb:59:e5:00:c0:ef:48:2d:ca:6b:4b:
36:1d:d5:09:eb:38:3f:4b:bd:68:4b:4a:c0:f3:29:f6:59:59:
85:ba:6c:bc:7d:c8:99:4b:62:0d:67:e7:77:60:bd:17:17:3c:
90:06:4a:60:a8:90:1f:08:7b:ee:5e:19:eb:d6:bb:39:79:a7:
11:c8:fd:10:6e:f8:05:c9:c1:e2:f1:72:74:2f:3d:2b:ff:84:
ed:e0:d8:ef
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIUUAuFQ9IMnjJLhSqflx7sHetiOJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA0MDUwNDUxNTFaFw0yNjA0MDQwNDU2NTFaMDMxMTAvBgNV
BAMTKDQ1OUQ2MTFDN0U1ODFEQ0REQ0JDREYyNDQ1MEUxN0YyQzZGMEQ1M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC114x5lgZeFy3EkM2QWYX7kIdt
HODjdnminFEGD+epkRkDmoC7l9U4TZS3kcMCblOPkKMPbGeBfnDwPFcK57PWVJfa
XnFUH5EO5PtuLFqkszlLD5FUIpjjA/1UysmrUAeyJBzwt2fiKBZVv1zDGPs8rfrG
/H7BW8WEZgcO+TIOrJhuO1LpAWuYi9U6f/gLgu8HbHqrFJO3Ba803i/Un18EiosK
1Ui+oeOsk1fcEFoZJh/EoX9sN9damdvuhkDXIWmneLLpYHwfeyRQfsk0/dHp8yHa
MZ0WKCqeBdr/UtGo7taxbD6/YuNbTajp0SMYOTPvKH7UOav0DvwnGL/qOyZlAgMB
AAGjggIeMIICGjAdBgNVHQ4EFgQURZ1hHH5YHc3cvN8kRQ4X8sbw1TowHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjA4BggrBgEFBQcBBwEB/wQpMCcwJQQCAAIwHwMHACoUdYEP+QMF
ACoUdYMDBgQqFHWEgAMFASoUdYYwDQYJKoZIhvcNAQELBQADggEBAJoiRiHTzbx8
ehxJUVYpZmxmx7ckgFtaAZOVxfMljqDiv6QOtXBx2KuB+npUfsWhHygc+scfyzoO
yvE9xq3jOwOkM0WCsmxaobZskSW3EaDfN/gosfMoZY/1U6EXgNWmCDrJdia9LMj/
Jfr2V4pNri5FYBK2r9YavNKROfKxfdRf83AY4Q+eh+shW62HJ3S5sIybb33y8zBT
hTGyexkjnXQr1t5D15izVwbrWeUAwO9ILcprSzYd1QnrOD9LvWhLSsDzKfZZWYW6
bLx9yJlLYg1n53dgvRcXPJAGSmCokB8Ie+5eGevWuzl5pxHI/RBu+AXJweLxcnQv
PSv/hO3g2O8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:26:29 2025 by rpki-client