Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS47952.roa
File: AS47952.roa (raw, json)
Hash identifier: mG6NxVSxbG15sF/N6FL8pmxqAnMV7BudYJRt6OvigRI=
Subject key identifier: 5E:A6:BE:C8:67:68:46:FD:D4:56:C8:3A:C9:BA:44:9F:72:6A:F5:1D
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 5DCAB7DC3E3787431F188868A91104F72B0F4A2A
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS47952.roa
Signing time: Tue 04 Mar 2025 16:34:51 +0000
ROA not before: Tue 04 Mar 2025 16:29:51 +0000
ROA not after: Tue 03 Mar 2026 16:34:51 +0000
asID: 47952
IP address blocks: 81.90.176.0/24 maxlen: 24
81.90.177.0/24 maxlen: 24
81.90.178.0/24 maxlen: 24
81.90.179.0/24 maxlen: 24
193.138.172.0/24 maxlen: 24
193.138.173.0/24 maxlen: 24
193.138.174.0/24 maxlen: 24
193.138.175.0/24 maxlen: 24
194.56.184.0/24 maxlen: 24
194.56.185.0/24 maxlen: 24
194.56.186.0/24 maxlen: 24
194.56.187.0/24 maxlen: 24
212.103.36.0/22 maxlen: 24
212.103.36.0/24 maxlen: 24
212.103.37.0/24 maxlen: 24
212.103.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 01:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:ca:b7:dc:3e:37:87:43:1f:18:88:68:a9:11:04:f7:2b:0f:4a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Mar 4 16:29:51 2025 GMT
Not After : Mar 3 16:34:51 2026 GMT
Subject: CN=5EA6BEC8676846FDD456C83AC9BA449F726AF51D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8c:c3:ee:30:d6:ba:cb:ed:99:b8:91:c6:d8:
4f:0e:ba:88:bc:72:c9:f8:90:3e:f2:1c:32:b3:ef:
1f:61:1f:87:af:05:3f:5c:a5:19:45:b2:19:04:11:
b5:02:b6:77:74:96:4a:ec:03:c9:22:af:99:6c:05:
5a:6f:0c:50:42:ef:65:32:52:dd:8e:a7:69:d7:f4:
ca:4f:60:fb:a0:36:72:2b:44:fe:6d:6c:71:68:ae:
41:e3:b1:49:e4:b0:6c:8c:45:59:b4:3d:94:33:34:
cf:29:2c:bd:90:60:27:44:22:7d:64:ca:34:19:2e:
98:d4:e9:a7:37:1e:63:d0:47:27:ad:4b:ff:d9:1e:
33:c5:12:bf:20:b3:52:fd:a9:dd:ff:d0:01:6e:9f:
91:b7:7c:6d:15:e3:5c:58:6a:a6:48:ba:88:61:b1:
62:4a:15:e0:19:de:2c:84:83:f8:2e:53:f0:e0:a5:
48:2a:db:16:58:85:00:b8:26:7a:da:e4:57:c1:d8:
8b:06:c7:42:2e:43:bc:82:41:63:44:45:80:d4:ca:
d1:c3:31:ae:c0:37:cc:1f:6c:6b:98:12:68:88:43:
28:71:30:06:35:fd:1e:9b:79:2e:0e:84:1d:1b:fc:
84:e8:14:fc:86:97:a1:26:98:91:5f:1b:e0:41:cb:
a4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A6:BE:C8:67:68:46:FD:D4:56:C8:3A:C9:BA:44:9F:72:6A:F5:1D
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS47952.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.176.0/22
193.138.172.0/22
194.56.184.0/22
212.103.36.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:5a:c4:c1:02:e1:ed:c7:76:9a:eb:3b:f0:2b:22:56:4d:cc:
01:db:6b:20:f4:b9:01:78:4a:06:47:12:a0:66:a1:ba:68:b2:
d4:97:7b:a4:02:cd:3f:76:5a:7d:5b:22:f9:ca:27:d5:99:d9:
9c:5a:cd:56:04:20:f7:e1:c1:e2:14:b9:e7:23:c0:1b:cf:a9:
c0:ec:50:44:67:96:55:88:87:7b:d6:5b:58:4d:ba:d4:d8:10:
a7:4f:01:ed:f9:c3:41:55:4f:62:e0:22:45:bb:80:04:00:dd:
f3:11:57:c8:d7:42:b1:ed:0f:b4:99:15:9e:09:04:ba:d7:be:
87:1c:97:a9:5b:9c:09:c2:12:24:e2:59:30:17:b4:c0:8f:69:
81:2c:47:e1:a0:39:ea:bc:8a:fb:b3:a3:c1:66:af:ac:b9:04:
7e:3d:9e:f0:70:b3:ea:5a:32:b4:6b:63:c4:0c:2b:47:02:ca:
b6:78:cc:3b:b3:3d:12:69:ae:9d:f2:0c:f6:c0:c6:4e:2a:d8:
2f:2f:a3:56:a5:4d:93:7c:61:00:20:6f:20:70:65:17:49:d5:
b6:1b:40:9c:e5:6f:9b:b9:67:65:31:91:e6:e4:bf:f2:35:64:
3c:7b:40:e5:71:e5:3d:a1:a6:16:21:76:00:17:1d:a1:c8:08:
fa:e5:f0:93
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUXcq33D43h0MfGIhoqREE9ysPSiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAzMDQxNjI5NTFaFw0yNjAzMDMxNjM0NTFaMDMxMTAvBgNV
BAMTKDVFQTZCRUM4Njc2ODQ2RkRENDU2QzgzQUM5QkE0NDlGNzI2QUY1MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqjMPuMNa6y+2ZuJHG2E8Ouoi8
csn4kD7yHDKz7x9hH4evBT9cpRlFshkEEbUCtnd0lkrsA8kir5lsBVpvDFBC72Uy
Ut2Op2nX9MpPYPugNnIrRP5tbHForkHjsUnksGyMRVm0PZQzNM8pLL2QYCdEIn1k
yjQZLpjU6ac3HmPQRyetS//ZHjPFEr8gs1L9qd3/0AFun5G3fG0V41xYaqZIuohh
sWJKFeAZ3iyEg/guU/DgpUgq2xZYhQC4Jnra5FfB2IsGx0IuQ7yCQWNERYDUytHD
Ma7AN8wfbGuYEmiIQyhxMAY1/R6beS4OhB0b/IToFPyGl6EmmJFfG+BBy6RXAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUXqa+yGdoRv3UVsg6ybpEn3Jq9R0wHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDc5NTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAJRWrAD
BALBiqwDBALCOLgDBALUZyQwDQYJKoZIhvcNAQELBQADggEBALlaxMEC4e3Hdprr
O/ArIlZNzAHbayD0uQF4SgZHEqBmobpostSXe6QCzT92Wn1bIvnKJ9WZ2ZxazVYE
IPfhweIUuecjwBvPqcDsUERnllWIh3vWW1hNutTYEKdPAe35w0FVT2LgIkW7gAQA
3fMRV8jXQrHtD7SZFZ4JBLrXvoccl6lbnAnCEiTiWTAXtMCPaYEsR+GgOeq8ivuz
o8Fmr6y5BH49nvBws+paMrRrY8QMK0cCyrZ4zDuzPRJprp3yDPbAxk4q2C8vo1al
TZN8YQAgbyBwZRdJ1bYbQJzlb5u5Z2Uxkebkv/I1ZDx7QOVx5T2hphYhdgAXHaHI
CPrl8JM=
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:37:16 2025 by rpki-client