Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS49770.roa
File: AS49770.roa (raw, json)
Hash identifier: ec/szpVRTYsqvTzjc0TVnJWZlGjT/CKI8lRzRPG/TaE=
Subject key identifier: B7:95:04:7C:5B:92:89:9C:EC:2B:FA:72:60:BB:E3:C5:52:40:37:20
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 10A9C3288C2D14680D58104FC97E5F88C3C56441
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS49770.roa
Signing time: Tue 20 May 2025 10:54:08 +0000
ROA not before: Tue 20 May 2025 10:49:08 +0000
ROA not after: Tue 19 May 2026 10:54:08 +0000
asID: 49770
IP address blocks: 92.112.212.0/24 maxlen: 24
92.112.217.0/24 maxlen: 24
92.112.228.0/24 maxlen: 24
92.112.231.0/24 maxlen: 24
92.112.236.0/24 maxlen: 24
92.112.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:a9:c3:28:8c:2d:14:68:0d:58:10:4f:c9:7e:5f:88:c3:c5:64:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 20 10:49:08 2025 GMT
Not After : May 19 10:54:08 2026 GMT
Subject: CN=B795047C5B92899CEC2BFA7260BBE3C552403720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8a:d1:28:ed:57:1f:80:43:cb:c4:3e:d4:ad:
3c:a8:80:b2:ea:e1:a7:c2:dc:23:18:6d:d0:42:3d:
8a:e2:f5:9e:6d:bf:e3:53:b1:22:85:a7:e9:51:65:
5c:86:1c:81:80:ad:0f:77:37:47:da:ca:77:80:51:
b4:5d:8a:bc:93:8b:34:f0:a7:5b:c4:5b:10:44:dd:
f7:86:c7:84:cd:b8:e6:16:df:e4:79:cf:35:7e:71:
9f:12:e2:98:b6:1a:92:9a:4d:86:8f:64:c6:65:53:
ae:8d:5e:07:8d:c7:20:32:c7:0e:31:aa:94:43:71:
21:f3:58:ef:56:34:89:6e:f2:2d:7d:60:6a:3f:40:
e1:cd:8a:45:89:71:b7:4b:2b:06:fb:68:7f:ee:98:
37:c8:f3:b4:cd:64:ab:73:d0:c4:d6:10:7c:58:d6:
b7:fb:9c:b8:7c:e8:37:c7:e0:3f:b5:f5:75:88:f7:
b4:da:d7:02:91:1e:b9:c6:3f:48:24:74:d1:49:31:
dc:e1:87:ed:b0:40:85:ed:03:b6:a6:e3:89:b8:51:
9d:b2:a7:20:7e:39:e4:ab:a9:f0:b5:ff:56:c5:d8:
12:84:f0:7a:cb:17:ce:0a:fe:a8:93:33:70:1b:19:
f3:94:05:7d:a5:3c:a7:97:59:9d:8e:a5:c9:ad:f5:
ab:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:95:04:7C:5B:92:89:9C:EC:2B:FA:72:60:BB:E3:C5:52:40:37:20
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS49770.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.212.0/24
92.112.217.0/24
92.112.228.0/24
92.112.231.0/24
92.112.236.0/24
92.112.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:b1:36:6f:ad:a6:f2:24:cc:3b:66:5f:5f:fc:cd:e6:3a:60:
db:36:c9:37:f8:5e:94:f1:bc:5c:9e:3f:f5:be:2a:22:b8:22:
78:63:61:47:f1:00:9e:4f:34:ae:82:fc:21:d0:8b:00:65:bf:
6d:77:83:e4:ab:c3:ce:e1:56:57:3e:cc:50:83:fd:1c:f9:9d:
8a:3a:e8:f3:30:88:48:a7:6c:d1:f0:4c:f5:df:37:db:dc:d4:
90:6a:9d:fd:29:31:62:2d:b8:01:af:64:02:8a:5f:f5:da:bf:
04:72:5e:c5:43:c7:61:df:1a:44:ad:43:c2:f5:86:92:ff:c1:
68:68:a0:f8:98:49:53:0b:eb:df:49:a4:4a:0a:e2:a1:a8:55:
ea:e8:fa:92:e7:5a:26:a2:37:11:69:25:36:88:44:7a:9e:54:
0b:ad:69:5f:c0:b1:61:1a:d5:fe:9a:49:54:a3:dc:b4:51:7c:
38:6f:fd:5e:66:b1:be:01:0d:c5:88:85:48:f5:7e:45:24:9a:
3c:6b:1a:ce:1a:17:85:2a:e9:2c:a3:f5:e8:8d:fc:17:e9:65:
23:24:8b:c6:30:30:c6:fd:9b:9e:c5:b4:40:36:a0:5c:5b:fc:
10:14:4f:b7:9c:fe:8e:97:ed:a3:ff:b9:e3:7b:c6:41:a5:6e:
5d:44:ba:ba
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUEKnDKIwtFGgNWBBPyX5fiMPFZEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjAxMDQ5MDhaFw0yNjA1MTkxMDU0MDhaMDMxMTAvBgNV
BAMTKEI3OTUwNDdDNUI5Mjg5OUNFQzJCRkE3MjYwQkJFM0M1NTI0MDM3MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLitEo7VcfgEPLxD7UrTyogLLq
4afC3CMYbdBCPYri9Z5tv+NTsSKFp+lRZVyGHIGArQ93N0fayneAUbRdiryTizTw
p1vEWxBE3feGx4TNuOYW3+R5zzV+cZ8S4pi2GpKaTYaPZMZlU66NXgeNxyAyxw4x
qpRDcSHzWO9WNIlu8i19YGo/QOHNikWJcbdLKwb7aH/umDfI87TNZKtz0MTWEHxY
1rf7nLh86DfH4D+19XWI97Ta1wKRHrnGP0gkdNFJMdzhh+2wQIXtA7am44m4UZ2y
pyB+OeSrqfC1/1bF2BKE8HrLF84K/qiTM3AbGfOUBX2lPKeXWZ2Opcmt9av5AgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUt5UEfFuSiZzsK/pyYLvjxVJANyAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDk3NzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABccNQD
BABccNkDBABccOQDBABccOcDBABccOwDBABccO8wDQYJKoZIhvcNAQELBQADggEB
AKOxNm+tpvIkzDtmX1/8zeY6YNs2yTf4XpTxvFyeP/W+KiK4InhjYUfxAJ5PNK6C
/CHQiwBlv213g+Srw87hVlc+zFCD/Rz5nYo66PMwiEinbNHwTPXfN9vc1JBqnf0p
MWItuAGvZAKKX/XavwRyXsVDx2HfGkStQ8L1hpL/wWhooPiYSVML699JpEoK4qGo
Vero+pLnWiaiNxFpJTaIRHqeVAutaV/AsWEa1f6aSVSj3LRRfDhv/V5msb4BDcWI
hUj1fkUkmjxrGs4aF4Uq6Syj9eiN/BfpZSMki8YwMMb9m57FtEA2oFxb/BAUT7ec
/o6X7aP/ueN7xkGlbl1Euro=
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:12:05 2025 by rpki-client