Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS25098.roa
File: AS25098.roa (raw, json)
Hash identifier: R6cbu2Mb52jf4SUy7SATxNqEHpkbHq9cnyP7dlTxIf8=
Subject key identifier: 9B:DA:69:D9:C1:0D:7A:9F:A4:20:8E:72:DC:05:EE:31:68:2F:AE:7D
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 5157ADD42EDADFD4102C8BC3FFF112DA3D879357
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS25098.roa
Signing time: Wed 15 Jan 2025 16:37:18 +0000
ROA not before: Wed 15 Jan 2025 16:32:18 +0000
ROA not after: Wed 14 Jan 2026 16:37:18 +0000
asID: 25098
IP address blocks: 85.8.144.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:57:ad:d4:2e:da:df:d4:10:2c:8b:c3:ff:f1:12:da:3d:87:93:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 16:32:18 2025 GMT
Not After : Jan 14 16:37:18 2026 GMT
Subject: CN=9BDA69D9C10D7A9FA4208E72DC05EE31682FAE7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5f:22:03:d7:17:f6:2a:1c:a9:d0:7c:e9:41:
b2:e2:2c:c7:50:f8:87:ab:93:b6:cc:20:ef:c3:de:
56:38:69:bd:ec:05:ce:6a:9d:79:44:f5:84:50:55:
f2:5e:05:31:d4:00:a8:01:9f:c2:42:47:b0:a4:9d:
9f:b1:66:cd:51:26:d1:cd:bd:e3:e7:90:14:a0:ee:
d7:a4:4d:05:1e:eb:43:17:9f:53:c4:fe:40:d9:7f:
10:ca:86:bc:e6:f1:4b:4c:df:91:8b:4c:67:ea:c2:
3c:93:e8:a4:41:0a:41:a0:f5:c6:71:50:e9:d3:b5:
fd:a9:2e:a7:3b:52:44:f1:14:b6:9b:14:81:6e:08:
72:47:9e:ed:6c:b3:39:5a:e3:7e:0e:f5:53:6a:a2:
52:e8:c9:a1:c1:10:d0:43:c5:1b:d8:b4:3d:cd:8f:
45:7f:d9:a1:99:72:ed:97:49:38:2d:56:55:0b:fc:
a7:fc:49:68:04:2d:fb:4b:26:dd:c4:b6:49:a9:8c:
a1:13:db:5e:f1:a1:f8:91:8a:bf:2c:31:71:15:e8:
48:16:50:2a:c5:41:ee:52:42:b3:63:0d:22:97:07:
cc:df:a1:1a:11:5f:a1:0c:8b:e4:22:4d:88:a2:04:
a3:22:3a:0c:12:c8:92:4f:65:22:e8:b3:f8:ba:90:
9e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DA:69:D9:C1:0D:7A:9F:A4:20:8E:72:DC:05:EE:31:68:2F:AE:7D
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS25098.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.144.0/22
188.119.68.0/22
212.107.4.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:2e:b4:58:98:42:9c:c5:f4:98:d3:af:af:2c:5d:10:d0:6c:
48:d8:2f:30:de:3a:a2:f1:25:5a:ca:63:c5:20:85:27:fb:0a:
ae:e0:4e:b5:d4:f3:f8:d2:73:04:6a:29:e4:bc:d2:19:f2:f1:
bb:e0:ca:29:e7:03:66:86:b1:3c:58:25:15:95:ff:0a:60:9e:
f3:86:bf:89:2d:be:a6:16:0d:4f:bf:37:39:b1:48:cc:05:e5:
ba:28:ec:0d:c8:bf:3d:ca:f6:88:0c:c5:16:37:22:11:35:b2:
89:aa:20:a9:c4:88:e6:a8:ab:cb:b1:25:bb:96:eb:fc:99:0e:
c9:a6:db:bb:81:33:64:fb:9f:87:e5:75:ed:30:26:60:80:5c:
3e:a5:3f:79:f1:33:d8:ff:ab:83:e2:6d:e6:c7:28:2e:50:c7:
1b:44:3d:5c:e2:c0:50:d3:88:02:a8:54:bc:a2:c4:d7:84:b0:
75:9f:92:16:8e:4e:fa:a1:c0:f8:91:10:55:a8:29:e3:c3:6d:
07:ae:8c:2e:87:1c:c8:e0:8d:ec:8f:c6:6e:c7:24:06:83:ab:
ff:4c:8d:c7:9e:20:b5:4f:43:8a:bf:6c:4c:3f:c9:45:7b:00:
99:18:c0:9e:2d:28:88:aa:4b:53:02:ac:7f:1c:ce:9e:68:2c:
d6:fd:17:0c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUUVet1C7a39QQLIvD//ES2j2Hk1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNjMyMThaFw0yNjAxMTQxNjM3MThaMDMxMTAvBgNV
BAMTKDlCREE2OUQ5QzEwRDdBOUZBNDIwOEU3MkRDMDVFRTMxNjgyRkFFN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRXyID1xf2Khyp0HzpQbLiLMdQ
+Ierk7bMIO/D3lY4ab3sBc5qnXlE9YRQVfJeBTHUAKgBn8JCR7CknZ+xZs1RJtHN
vePnkBSg7tekTQUe60MXn1PE/kDZfxDKhrzm8UtM35GLTGfqwjyT6KRBCkGg9cZx
UOnTtf2pLqc7UkTxFLabFIFuCHJHnu1sszla434O9VNqolLoyaHBENBDxRvYtD3N
j0V/2aGZcu2XSTgtVlUL/Kf8SWgELftLJt3EtkmpjKET217xofiRir8sMXEV6EgW
UCrFQe5SQrNjDSKXB8zfoRoRX6EMi+QiTYiiBKMiOgwSyJJPZSLos/i6kJ4PAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUm9pp2cENep+kII5y3AXuMWgvrn0wHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjUwOTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAJVCJAD
BAK8d0QDBALUawQDBALUc2QwDQYJKoZIhvcNAQELBQADggEBAIoutFiYQpzF9JjT
r68sXRDQbEjYLzDeOqLxJVrKY8UghSf7Cq7gTrXU8/jScwRqKeS80hny8bvgyinn
A2aGsTxYJRWV/wpgnvOGv4ktvqYWDU+/NzmxSMwF5boo7A3Ivz3K9ogMxRY3IhE1
somqIKnEiOaoq8uxJbuW6/yZDsmm27uBM2T7n4flde0wJmCAXD6lP3nxM9j/q4Pi
bebHKC5QxxtEPVziwFDTiAKoVLyixNeEsHWfkhaOTvqhwPiREFWoKePDbQeujC6H
HMjgjeyPxm7HJAaDq/9MjceeILVPQ4q/bEw/yUV7AJkYwJ4tKIiqS1MCrH8czp5o
LNb9Fww=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:20 2025 by rpki-client