Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS197737.roa
File: AS197737.roa (raw, json)
Hash identifier: Ge4Kj9U+gF8FYA+UAEqmVl5xQzeQtIRRWEUfR6pIR6U=
Subject key identifier: 15:60:21:F4:53:0A:51:DE:08:8E:84:C1:87:7C:2B:7C:A8:A0:E6:CD
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 05BE89CE71BAF320ECE086B6EF69B7B322B8D002
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS197737.roa
Signing time: Tue 04 Feb 2025 00:17:09 +0000
ROA not before: Tue 04 Feb 2025 00:12:09 +0000
ROA not after: Tue 03 Feb 2026 00:17:09 +0000
asID: 197737
IP address blocks: 2a14:7581:5000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:be:89:ce:71:ba:f3:20:ec:e0:86:b6:ef:69:b7:b3:22:b8:d0:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:09 2025 GMT
Not After : Feb 3 00:17:09 2026 GMT
Subject: CN=156021F4530A51DE088E84C1877C2B7CA8A0E6CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ec:da:1a:94:0f:22:76:8c:21:aa:e9:ae:05:
fc:b8:ba:2c:11:6f:d1:fd:bb:10:d9:ca:7f:66:26:
01:c8:39:43:43:ce:9c:7d:93:89:0e:de:e3:e5:e2:
96:ca:27:76:aa:c2:b1:9b:7f:6c:24:2e:fd:ba:d1:
2f:ff:f8:a0:2d:90:fc:5a:c1:00:7f:dc:34:3c:21:
98:e7:c1:57:68:c4:fb:ef:8c:3b:df:79:ff:4d:d5:
c9:87:98:02:b1:e5:6a:12:99:48:f7:a9:84:c4:f1:
80:4e:d1:ce:cc:b8:65:34:a4:7f:e8:01:a4:e3:cc:
e5:2e:6f:b4:37:72:7a:94:6f:14:56:7c:fa:66:9a:
17:4d:80:57:c7:f8:87:c5:ba:10:fe:e1:45:60:6a:
43:dd:8f:3c:fc:fe:f1:3c:da:94:02:1f:f4:67:d2:
9c:e4:5f:86:4c:3b:db:be:e2:0a:c8:6f:a7:3a:c7:
ea:94:88:0b:40:2e:f0:df:19:80:6a:19:ea:5d:8e:
d5:72:03:4e:3b:51:46:b4:cb:ec:36:07:2a:60:fb:
0c:98:22:ba:79:c0:cb:19:d0:24:e2:72:49:05:cf:
62:62:a6:50:d9:5b:dd:fd:33:c6:be:a5:be:15:ae:
a0:07:6d:97:c3:4c:65:3f:67:28:8d:57:c8:07:ee:
09:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:60:21:F4:53:0A:51:DE:08:8E:84:C1:87:7C:2B:7C:A8:A0:E6:CD
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS197737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:5000::/36
Signature Algorithm: sha256WithRSAEncryption
85:2f:e9:6a:6b:0d:4a:20:55:76:cd:51:d2:b5:e2:29:ba:c9:
13:59:ff:c9:3c:ef:23:4e:db:be:2f:13:9c:c0:90:ea:57:36:
49:b1:70:fe:8c:f6:12:47:7a:4c:31:06:00:c0:f8:7e:c8:39:
87:d1:fb:27:0c:75:de:61:7d:58:6c:ff:03:68:ad:38:25:9f:
bc:ac:1a:31:39:78:20:e0:8a:65:4d:88:35:f0:99:77:55:24:
d9:01:34:a3:97:c8:70:c8:2c:7d:8d:04:b7:85:94:5e:86:c1:
e6:e9:7b:b4:50:29:d8:34:65:7c:2f:ee:cd:1b:af:80:75:d4:
92:e7:ff:86:76:87:b0:43:09:bc:2f:48:b0:fa:ff:e0:5a:fa:
d0:fc:ca:dc:f4:ab:09:91:29:9f:9e:04:2f:b2:1f:dc:74:cb:
0c:d1:ac:00:bc:f9:84:bf:1c:3c:cc:b6:7d:d5:a8:4d:11:b6:
d1:44:ff:50:b3:63:92:10:c5:7c:36:43:b6:f4:d0:5b:1b:41:
15:a6:2a:e5:a5:eb:c7:cf:dd:94:68:1c:bd:81:dc:3e:2e:82:
45:97:07:b6:51:af:54:ef:a7:0f:b1:f9:4d:39:c1:2c:01:47:
00:8b:da:c4:9f:da:4a:f6:bd:c7:ac:3b:a6:19:be:96:0c:db:
68:9c:5e:fd
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUBb6JznG68yDs4Ia272m3syK40AIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDlaFw0yNjAyMDMwMDE3MDlaMDMxMTAvBgNV
BAMTKDE1NjAyMUY0NTMwQTUxREUwODhFODRDMTg3N0MyQjdDQThBMEU2Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP7NoalA8idowhqumuBfy4uiwR
b9H9uxDZyn9mJgHIOUNDzpx9k4kO3uPl4pbKJ3aqwrGbf2wkLv260S//+KAtkPxa
wQB/3DQ8IZjnwVdoxPvvjDvfef9N1cmHmAKx5WoSmUj3qYTE8YBO0c7MuGU0pH/o
AaTjzOUub7Q3cnqUbxRWfPpmmhdNgFfH+IfFuhD+4UVgakPdjzz8/vE82pQCH/Rn
0pzkX4ZMO9u+4grIb6c6x+qUiAtALvDfGYBqGepdjtVyA047UUa0y+w2Bypg+wyY
Irp5wMsZ0CTickkFz2JiplDZW939M8a+pb4VrqAHbZfDTGU/ZyiNV8gH7gmzAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUFWAh9FMKUd4IjoTBh3wrfKig5s0wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMTk3NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1
gVAwDQYJKoZIhvcNAQELBQADggEBAIUv6WprDUogVXbNUdK14im6yRNZ/8k87yNO
274vE5zAkOpXNkmxcP6M9hJHekwxBgDA+H7IOYfR+ycMdd5hfVhs/wNorTgln7ys
GjE5eCDgimVNiDXwmXdVJNkBNKOXyHDILH2NBLeFlF6Gwebpe7RQKdg0ZXwv7s0b
r4B11JLn/4Z2h7BDCbwvSLD6/+Ba+tD8ytz0qwmRKZ+eBC+yH9x0ywzRrAC8+YS/
HDzMtn3VqE0RttFE/1CzY5IQxXw2Q7b00FsbQRWmKuWl68fP3ZRoHL2B3D4ugkWX
B7ZRr1Tvpw+x+U05wSwBRwCL2sSf2kr2vcesO6YZvpYM22icXv0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:42:00 2025 by rpki-client