Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS53667.roa
File: AS53667.roa (raw, json)
Hash identifier: 8DYPJmbt7yntk6NFDKmst7wxLjzrkGmvOdeJzAVfInM=
Subject key identifier: 3E:43:1C:3E:1A:30:05:70:17:75:93:FF:D4:F5:BE:B7:E3:06:BB:35
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 36FFD5F12FD29D3B90D067458C19A32E69551F52
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS53667.roa
Signing time: Sun 31 Aug 2025 07:13:22 +0000
ROA not before: Sun 31 Aug 2025 07:08:22 +0000
ROA not after: Sun 30 Aug 2026 07:13:22 +0000
asID: 53667
IP address blocks: 2a14:7581:fa0::/44 maxlen: 48
2a14:7581:fb0::/44 maxlen: 48
2a14:7581:fd0::/44 maxlen: 48
2a14:7581:9e00::/40 maxlen: 48
2a14:7581:9f10::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 13:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:ff:d5:f1:2f:d2:9d:3b:90:d0:67:45:8c:19:a3:2e:69:55:1f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 31 07:08:22 2025 GMT
Not After : Aug 30 07:13:22 2026 GMT
Subject: CN=3E431C3E1A300570177593FFD4F5BEB7E306BB35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ef:9c:60:05:27:5c:da:25:e4:ac:fb:43:ba:
b1:61:bf:05:70:07:2c:f5:72:18:ee:ad:6b:18:2f:
bb:fe:70:68:19:64:7a:80:f0:07:92:51:f6:48:dd:
58:89:30:3b:17:b2:47:80:4f:ad:76:dd:5f:04:ee:
b6:63:07:8a:5d:e1:e1:b3:1e:1c:59:30:b3:cc:03:
45:d8:06:cb:38:64:bf:26:0a:e7:42:d8:e7:c4:57:
3e:99:83:d6:70:1f:ce:b8:18:b2:65:66:be:37:f5:
b4:86:a6:fd:26:3c:03:4c:fd:ee:15:7a:8b:b5:a7:
ad:db:bd:4e:4c:8d:dc:b2:14:3f:5d:6b:50:3d:f7:
b3:30:62:65:f2:49:2e:92:8f:75:cc:13:05:82:ca:
00:25:28:32:22:97:0b:3b:04:bd:49:66:e7:b1:32:
0e:72:97:a5:bb:c0:56:cf:83:a8:47:87:01:dc:5d:
4f:08:15:12:ee:8d:0b:0a:79:a8:71:0f:80:36:3d:
85:d9:4b:f0:3a:75:5c:71:de:8e:37:ea:7f:5e:fc:
01:e9:7a:d6:5a:5d:8b:ce:bc:28:83:02:ef:86:61:
76:3e:3e:e9:a0:dd:e9:7c:49:18:14:52:b5:95:85:
64:33:81:92:9a:fc:30:ea:bf:3c:9d:6b:20:e7:ab:
9b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:43:1C:3E:1A:30:05:70:17:75:93:FF:D4:F5:BE:B7:E3:06:BB:35
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS53667.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:fa0::/43
2a14:7581:fd0::/44
2a14:7581:9e00::/40
2a14:7581:9f10::/44
Signature Algorithm: sha256WithRSAEncryption
48:f3:0d:cd:c6:e7:22:b8:3f:b6:13:15:98:44:0b:60:fd:c5:
d2:d7:06:10:b5:3c:ff:b3:57:7d:0e:07:62:6e:b2:f8:23:6a:
64:45:4c:73:3a:21:ff:c5:0b:e4:cf:c5:c3:90:4c:27:c8:dd:
d7:d2:e4:96:12:ba:46:c4:0f:de:2c:d0:f6:79:85:df:fb:a3:
1f:a1:e9:39:48:5a:dd:74:84:9b:52:9f:c6:81:68:b5:e9:9f:
01:44:f1:6a:42:ad:ab:41:42:3c:23:43:34:ea:2b:bb:f0:e5:
e7:9b:c1:f8:ca:b9:88:3d:8a:19:da:15:b7:18:33:69:37:96:
6b:f2:ce:56:a9:63:3d:2d:4a:e2:6e:47:00:49:1e:7f:ae:d5:
a0:3d:a1:64:3f:18:62:a6:8a:fe:59:06:9c:d8:49:ae:bf:f8:
c7:7f:a3:d1:b1:4b:4c:c9:e8:72:eb:78:ec:e4:71:7f:d1:87:
98:97:2a:3e:ae:5c:9a:ca:99:fa:22:46:10:3f:7d:73:e4:be:
50:27:70:c3:d1:82:b0:8d:a5:00:b3:08:41:2c:fe:36:72:a0:
ef:76:a2:2e:fa:93:ff:74:96:ce:6d:cf:40:58:f0:75:c8:8b:
ae:c9:2a:08:8c:f8:77:01:9b:15:de:b4:55:19:cc:e5:66:14:
7a:06:6e:14
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUNv/V8S/SnTuQ0GdFjBmjLmlVH1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA4MzEwNzA4MjJaFw0yNjA4MzAwNzEzMjJaMDMxMTAvBgNV
BAMTKDNFNDMxQzNFMUEzMDA1NzAxNzc1OTNGRkQ0RjVCRUI3RTMwNkJCMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM75xgBSdc2iXkrPtDurFhvwVw
Byz1chjurWsYL7v+cGgZZHqA8AeSUfZI3ViJMDsXskeAT6123V8E7rZjB4pd4eGz
HhxZMLPMA0XYBss4ZL8mCudC2OfEVz6Zg9ZwH864GLJlZr439bSGpv0mPANM/e4V
eou1p63bvU5MjdyyFD9da1A997MwYmXySS6Sj3XMEwWCygAlKDIilws7BL1JZuex
Mg5yl6W7wFbPg6hHhwHcXU8IFRLujQsKeahxD4A2PYXZS/A6dVxx3o436n9e/AHp
etZaXYvOvCiDAu+GYXY+Pumg3el8SRgUUrWVhWQzgZKa/DDqvzydayDnq5vpAgMB
AAGjggImMIICIjAdBgNVHQ4EFgQUPkMcPhowBXAXdZP/1PW+t+MGuzUwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTNTM2Njcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPAYIKwYBBQUHAQcBAf8ELTArMCkEAgACMCMDBwUqFHWB
D6ADBwQqFHWBD9ADBgAqFHWBngMHBCoUdYGfEDANBgkqhkiG9w0BAQsFAAOCAQEA
SPMNzcbnIrg/thMVmEQLYP3F0tcGELU8/7NXfQ4HYm6y+CNqZEVMczoh/8UL5M/F
w5BMJ8jd19LklhK6RsQP3izQ9nmF3/ujH6HpOUha3XSEm1KfxoFotemfAUTxakKt
q0FCPCNDNOoru/Dl55vB+Mq5iD2KGdoVtxgzaTeWa/LOVqljPS1K4m5HAEkef67V
oD2hZD8YYqaK/lkGnNhJrr/4x3+j0bFLTMnocut47ORxf9GHmJcqPq5cmsqZ+iJG
ED99c+S+UCdww9GCsI2lALMIQSz+NnKg73aiLvqT/3SWzm3PQFjwdciLrskqCIz4
dwGbFd60VRnM5WYUegZuFA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 02:21:05 2025 by rpki-client