Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS152900.roa
File: AS152900.roa (raw, json)
Hash identifier: D6Zv+FNvXgKrNW4kfdVaGRvBoaKAcEILwFQZzljj+68=
Subject key identifier: E8:AF:A0:E3:98:94:28:6B:B8:02:C0:B3:9A:A9:66:51:5A:EA:C6:86
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 626ACEFF838B38468EF7A5275F1807504048342C
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS152900.roa
Signing time: Tue 04 Feb 2025 00:17:09 +0000
ROA not before: Tue 04 Feb 2025 00:12:09 +0000
ROA not after: Tue 03 Feb 2026 00:17:09 +0000
asID: 152900
IP address blocks: 2a14:7580:e500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 10:47:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:6a:ce:ff:83:8b:38:46:8e:f7:a5:27:5f:18:07:50:40:48:34:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:09 2025 GMT
Not After : Feb 3 00:17:09 2026 GMT
Subject: CN=E8AFA0E39894286BB802C0B39AA966515AEAC686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3d:16:7d:cc:24:38:a5:f4:57:2d:c6:ae:1b:
9e:f2:e9:e7:df:14:52:37:db:8f:b4:b1:a1:a5:1c:
d3:78:97:f0:18:d9:82:87:62:37:e2:e8:ac:c7:78:
03:2f:fb:97:f7:0e:1e:65:92:8a:21:11:49:a6:9a:
5d:22:01:49:49:dc:f4:d9:9c:ed:7f:67:82:ae:f9:
75:cc:3a:7e:89:4f:76:68:e2:56:24:f3:37:05:17:
81:fc:3f:07:de:33:3d:7b:74:7b:15:cb:c7:de:9a:
70:17:1a:3b:27:e7:ac:8b:3a:52:aa:d8:26:1f:ac:
da:9b:4e:7d:3a:42:b0:60:d9:2a:88:67:4b:86:3f:
63:a9:14:8f:e2:11:15:1a:f2:ac:a1:b0:a8:d6:51:
6c:28:95:ce:b7:2c:66:e3:6c:96:09:f9:46:e2:9f:
62:9a:a2:f3:06:c9:50:3a:4b:20:a8:84:4c:bc:ee:
31:81:1f:86:da:63:0c:11:48:1b:d6:62:e5:99:16:
1c:ee:a3:e4:8a:fd:d8:5c:1e:1a:13:21:ac:70:f1:
ca:df:54:59:cc:b4:4a:52:7b:f5:96:db:96:72:40:
03:79:8e:4e:3c:3e:04:7c:38:84:3a:5f:e0:5c:31:
3f:2a:db:70:82:4e:ae:f2:45:47:92:18:e3:f4:fa:
7e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AF:A0:E3:98:94:28:6B:B8:02:C0:B3:9A:A9:66:51:5A:EA:C6:86
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS152900.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:e500::/40
Signature Algorithm: sha256WithRSAEncryption
1c:a6:ab:a7:86:fd:c3:20:3f:89:9b:fc:62:bd:82:94:51:c3:
1f:de:35:d8:d3:dd:3a:ed:ff:79:13:ed:c8:34:3e:53:9f:c8:
c2:55:7e:74:71:30:81:7c:3a:78:b5:45:25:1a:6a:26:56:ac:
6b:a0:26:ba:92:46:a0:f9:0f:ee:8b:13:44:51:cf:1c:4c:a8:
11:d5:73:c5:b6:c9:b5:42:7a:15:d1:6e:f1:26:26:4c:64:46:
2d:a4:31:c4:01:2e:f1:a2:18:dd:69:fd:b4:ad:e6:c0:49:1e:
38:e4:b0:c5:4f:94:10:d6:8b:64:26:c1:97:e1:4b:e6:9e:2a:
ec:37:d4:5c:ae:fb:cd:f2:08:c0:97:43:e0:02:93:92:39:89:
e2:fc:20:61:c7:9a:90:fb:38:82:23:d8:a4:8b:3a:6f:12:56:
4e:24:42:25:aa:67:40:3e:17:c9:ac:2d:88:fe:3d:f3:67:8e:
92:95:b5:59:00:3a:05:21:af:8b:fd:92:d1:ea:72:58:f0:5b:
6e:14:74:3e:17:9e:6f:ca:6d:30:ee:b0:8d:1e:25:da:dc:ac:
a9:91:a6:8e:8b:9e:82:0a:79:8e:ab:ac:09:44:75:f2:7e:e9:
23:82:2d:70:ad:18:63:c6:ef:bd:51:89:f0:c5:e6:24:ca:1e:
99:40:92:0a
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUYmrO/4OLOEaO96UnXxgHUEBINCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDlaFw0yNjAyMDMwMDE3MDlaMDMxMTAvBgNV
BAMTKEU4QUZBMEUzOTg5NDI4NkJCODAyQzBCMzlBQTk2NjUxNUFFQUM2ODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXPRZ9zCQ4pfRXLcauG57y6eff
FFI324+0saGlHNN4l/AY2YKHYjfi6KzHeAMv+5f3Dh5lkoohEUmmml0iAUlJ3PTZ
nO1/Z4Ku+XXMOn6JT3Zo4lYk8zcFF4H8PwfeMz17dHsVy8femnAXGjsn56yLOlKq
2CYfrNqbTn06QrBg2SqIZ0uGP2OpFI/iERUa8qyhsKjWUWwolc63LGbjbJYJ+Ubi
n2KaovMGyVA6SyCohEy87jGBH4baYwwRSBvWYuWZFhzuo+SK/dhcHhoTIaxw8crf
VFnMtEpSe/WW25ZyQAN5jk48PgR8OIQ6X+BcMT8q23CCTq7yRUeSGOP0+n5vAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU6K+g45iUKGu4AsCzmqlmUVrqxoYwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMTUyOTAwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1
gOUwDQYJKoZIhvcNAQELBQADggEBABymq6eG/cMgP4mb/GK9gpRRwx/eNdjT3Trt
/3kT7cg0PlOfyMJVfnRxMIF8Oni1RSUaaiZWrGugJrqSRqD5D+6LE0RRzxxMqBHV
c8W2ybVCehXRbvEmJkxkRi2kMcQBLvGiGN1p/bSt5sBJHjjksMVPlBDWi2QmwZfh
S+aeKuw31Fyu+83yCMCXQ+ACk5I5ieL8IGHHmpD7OIIj2KSLOm8SVk4kQiWqZ0A+
F8msLYj+PfNnjpKVtVkAOgUhr4v9ktHqcljwW24UdD4Xnm/KbTDusI0eJdrcrKmR
po6LnoIKeY6rrAlEdfJ+6SOCLXCtGGPG771RifDF5iTKHplAkgo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:44 2025 by rpki-client