Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS44486.roa
File: AS44486.roa (raw, json)
Hash identifier: GZiCj6C8wpr5MsrKyjT5jRMA672e7ymhkD502rSDdg8=
Subject key identifier: 29:9C:45:75:4A:C0:34:2E:C7:3A:61:BC:84:CE:8F:17:1E:40:08:D0
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 18811091991659EB6427CDE04F812665AC09770A
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS44486.roa
Signing time: Tue 04 Feb 2025 00:17:09 +0000
ROA not before: Tue 04 Feb 2025 00:12:09 +0000
ROA not after: Tue 03 Feb 2026 00:17:09 +0000
asID: 44486
IP address blocks: 2a14:7580:fc00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:81:10:91:99:16:59:eb:64:27:cd:e0:4f:81:26:65:ac:09:77:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:09 2025 GMT
Not After : Feb 3 00:17:09 2026 GMT
Subject: CN=299C45754AC0342EC73A61BC84CE8F171E4008D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:30:da:04:9d:cd:7b:5b:4a:0f:56:c3:cd:17:
2b:36:fc:56:e2:37:c2:17:66:4f:bb:e2:86:c2:d8:
df:b8:a4:88:36:9a:e4:ac:0c:c3:cb:63:4f:b2:9e:
51:cb:73:b8:dc:bc:f8:7a:a8:02:f0:76:1a:f7:17:
ca:60:8f:3e:09:e4:ac:57:61:23:e3:78:62:3d:f0:
81:3a:b2:3c:aa:36:22:e6:fa:44:85:c4:32:62:59:
11:46:f4:e8:3f:e5:a3:c0:c3:5e:fa:91:ea:8d:e4:
4e:99:b1:67:3a:5d:72:cf:3d:2b:de:b8:c4:59:3c:
02:3a:6a:27:84:1b:5e:0f:46:56:ed:41:c0:c1:01:
7d:aa:c2:db:f2:4d:1a:15:22:e8:9c:ac:2e:2f:c1:
61:4d:88:f1:be:37:2a:8c:8f:9d:3b:fd:fc:13:7a:
2c:15:b0:5d:4f:9d:4d:c6:4f:aa:2a:26:6a:28:ea:
35:88:64:80:16:03:9a:1d:97:b7:04:81:2c:15:e3:
5d:ab:e2:19:31:8a:62:a9:3f:68:2e:3a:b5:4d:6b:
47:bc:34:10:a2:61:df:24:3c:c2:74:25:f1:8a:10:
ad:80:c2:37:83:c3:24:ca:f1:ff:e8:9f:5b:59:10:
28:56:7a:cb:f7:f5:03:94:0a:49:9d:76:79:86:b4:
48:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9C:45:75:4A:C0:34:2E:C7:3A:61:BC:84:CE:8F:17:1E:40:08:D0
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS44486.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:fc00::/40
Signature Algorithm: sha256WithRSAEncryption
05:d1:fc:55:c4:f3:e4:7a:46:7d:c3:42:ff:bf:e8:9a:0a:7b:
61:d5:98:b4:f2:ea:37:ce:39:7e:cb:cf:4e:7f:86:e1:88:89:
5e:78:29:50:5e:a4:2a:c1:1b:4e:21:2c:98:90:8d:0d:46:b7:
9d:26:8d:21:e3:7e:52:d9:fc:e3:69:42:2f:2a:03:2e:b8:fb:
4e:d8:ec:c1:66:bc:1b:4f:98:ce:02:31:b8:b3:a5:fb:e4:f4:
0e:28:36:56:b3:ce:10:ed:f5:72:f1:73:de:fb:34:55:46:32:
d3:92:11:02:7e:c6:03:f6:bf:eb:86:34:db:07:a5:fc:66:40:
8e:70:49:db:d9:89:91:e5:18:31:c8:31:03:71:7b:b2:2e:fd:
71:a0:de:f8:a6:e6:74:ab:82:10:8a:c6:a6:50:81:43:2c:7c:
60:40:c1:ab:40:7e:b5:ae:4d:6c:3e:5b:2d:68:02:86:31:5f:
76:97:81:bc:00:3b:9d:f0:d6:f6:a9:9a:8f:8e:7b:9c:05:33:
f6:db:3a:d2:cd:aa:47:80:fa:03:64:3f:f5:a8:6e:af:51:79:
76:f9:7a:d2:30:d0:bd:f0:19:d2:2b:ec:90:31:7e:60:b6:81:
4d:a8:76:3a:1c:06:c5:9a:96:bd:98:f6:df:75:b6:32:a0:18:
3d:d7:5d:91
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUGIEQkZkWWetkJ83gT4EmZawJdwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDlaFw0yNjAyMDMwMDE3MDlaMDMxMTAvBgNV
BAMTKDI5OUM0NTc1NEFDMDM0MkVDNzNBNjFCQzg0Q0U4RjE3MUU0MDA4RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaMNoEnc17W0oPVsPNFys2/Fbi
N8IXZk+74obC2N+4pIg2muSsDMPLY0+ynlHLc7jcvPh6qALwdhr3F8pgjz4J5KxX
YSPjeGI98IE6sjyqNiLm+kSFxDJiWRFG9Og/5aPAw176keqN5E6ZsWc6XXLPPSve
uMRZPAI6aieEG14PRlbtQcDBAX2qwtvyTRoVIuicrC4vwWFNiPG+NyqMj507/fwT
eiwVsF1PnU3GT6oqJmoo6jWIZIAWA5odl7cEgSwV412r4hkximKpP2guOrVNa0e8
NBCiYd8kPMJ0JfGKEK2AwjeDwyTK8f/on1tZEChWesv39QOUCkmddnmGtEiDAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUKZxFdUrANC7HOmG8hM6PFx5ACNAwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTNDQ0ODYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqFHWA
/DANBgkqhkiG9w0BAQsFAAOCAQEABdH8VcTz5HpGfcNC/7/omgp7YdWYtPLqN845
fsvPTn+G4YiJXngpUF6kKsEbTiEsmJCNDUa3nSaNIeN+Utn842lCLyoDLrj7Ttjs
wWa8G0+YzgIxuLOl++T0Dig2VrPOEO31cvFz3vs0VUYy05IRAn7GA/a/64Y02wel
/GZAjnBJ29mJkeUYMcgxA3F7si79caDe+KbmdKuCEIrGplCBQyx8YEDBq0B+ta5N
bD5bLWgChjFfdpeBvAA7nfDW9qmaj457nAUz9ts60s2qR4D6A2Q/9ahur1F5dvl6
0jDQvfAZ0ivskDF+YLaBTah2OhwGxZqWvZj233W2MqAYPdddkQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:14:09 2025 by rpki-client