Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS53388.roa
File: AS53388.roa (raw, json)
Hash identifier: xEekUaTzefJT3t0uHcmVeCvtH0TDhG5aZf1vzDsdUiA=
Subject key identifier: 3E:F6:E5:B8:E1:09:81:B3:C6:BD:47:BC:75:C7:43:EF:75:00:EE:86
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 76AF16EAFE0B4E6DACED6843FF5C325601EAAD26
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS53388.roa
Signing time: Mon 31 Mar 2025 06:30:10 +0000
ROA not before: Mon 31 Mar 2025 06:25:10 +0000
ROA not after: Mon 30 Mar 2026 06:30:10 +0000
asID: 53388
IP address blocks: 95.135.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:24:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:af:16:ea:fe:0b:4e:6d:ac:ed:68:43:ff:5c:32:56:01:ea:ad:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 31 06:25:10 2025 GMT
Not After : Mar 30 06:30:10 2026 GMT
Subject: CN=3EF6E5B8E10981B3C6BD47BC75C743EF7500EE86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6e:cb:ba:98:12:76:dd:24:eb:56:7d:9b:c5:
ba:25:f9:57:25:f6:69:6e:c6:52:98:8c:39:72:72:
61:4c:27:b7:23:8f:2d:88:05:d5:8b:81:4f:44:e8:
7d:d8:f2:a9:57:8e:9c:2b:d0:6f:67:d7:b2:85:f6:
18:72:3e:6b:15:e3:bf:41:50:99:fb:d1:27:b2:b1:
5e:6b:02:60:f4:ee:2f:18:5c:5b:e0:26:78:bc:ac:
f6:bf:61:29:6b:9a:bb:26:2b:43:ab:86:51:8c:15:
4e:60:da:e4:d4:81:b9:0d:42:2d:ff:0e:08:0c:9a:
e7:e5:d5:4f:7c:63:23:57:f9:5c:c2:7a:5e:fe:d8:
da:18:84:b3:05:c8:44:1e:11:b3:c1:54:24:57:de:
04:84:b9:42:7d:8f:ca:f0:b5:cc:bd:f1:c1:0d:5f:
1e:50:2a:58:47:70:25:51:d4:3a:30:37:de:78:32:
1a:77:22:cf:6a:8a:37:32:7b:0f:0d:99:ad:49:10:
87:cf:c0:99:c7:6a:68:cb:46:4b:f5:af:94:44:4f:
39:07:f6:e0:cf:01:a7:1b:06:2f:67:24:3e:a1:9d:
a0:a3:29:a8:be:10:32:05:a5:d4:77:e4:49:a3:a2:
73:5e:6e:29:c4:8a:00:70:97:5d:b1:bd:64:bd:61:
e5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F6:E5:B8:E1:09:81:B3:C6:BD:47:BC:75:C7:43:EF:75:00:EE:86
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS53388.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.135.125.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:54:e1:ec:60:80:dc:f1:96:b5:99:c2:30:fc:80:4b:d7:2a:
a8:96:4e:a3:94:d3:ad:c4:95:12:96:91:ae:d2:b3:aa:ce:06:
11:48:27:1d:52:4f:58:5c:2e:2f:d3:91:54:cb:3f:81:c7:df:
9f:af:2e:e5:48:64:16:d0:07:7e:5f:d4:03:d3:e8:b0:50:63:
7a:0f:25:04:83:f6:c7:49:2f:91:fc:b5:b5:c8:c9:e2:3e:d1:
12:6f:43:0f:1f:93:a5:c2:b7:3b:0d:64:cb:76:83:33:2c:b3:
05:6a:1b:0b:d1:58:df:8b:a4:9d:63:fd:9c:05:45:5e:e2:17:
3a:55:36:4f:f4:0c:06:45:b1:7b:d3:90:7f:df:dc:92:64:76:
de:3f:25:da:fe:c1:4f:a4:f1:5e:b6:db:d8:45:6a:26:37:d2:
b9:58:98:87:ff:7b:3c:b9:f4:6e:69:64:c1:12:65:d1:29:4f:
93:06:cf:59:5e:95:ca:76:df:b3:88:e8:b3:4d:63:a8:39:f0:
b0:a5:ac:f2:6f:85:7a:ba:b0:92:30:d9:26:c4:f3:7a:00:a9:
a3:7a:48:dd:2d:3b:34:2c:f8:9f:56:c5:43:26:ba:00:35:fb:
88:d1:59:80:23:cc:72:0a:52:b2:33:79:cd:1f:dd:e1:ed:92:
71:2d:09:bf
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUdq8W6v4LTm2s7WhD/1wyVgHqrSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAzMzEwNjI1MTBaFw0yNjAzMzAwNjMwMTBaMDMxMTAvBgNV
BAMTKDNFRjZFNUI4RTEwOTgxQjNDNkJENDdCQzc1Qzc0M0VGNzUwMEVFODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZbsu6mBJ23STrVn2bxbol+Vcl
9mluxlKYjDlycmFMJ7cjjy2IBdWLgU9E6H3Y8qlXjpwr0G9n17KF9hhyPmsV479B
UJn70SeysV5rAmD07i8YXFvgJni8rPa/YSlrmrsmK0OrhlGMFU5g2uTUgbkNQi3/
DggMmufl1U98YyNX+VzCel7+2NoYhLMFyEQeEbPBVCRX3gSEuUJ9j8rwtcy98cEN
Xx5QKlhHcCVR1DowN954Mhp3Is9qijcyew8Nma1JEIfPwJnHamjLRkv1r5RETzkH
9uDPAacbBi9nJD6hnaCjKai+EDIFpdR35EmjonNebinEigBwl12xvWS9YeWhAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUPvbluOEJgbPGvUe8dcdD73UA7oYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTMzODgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABfh30w
DQYJKoZIhvcNAQELBQADggEBAHtU4exggNzxlrWZwjD8gEvXKqiWTqOU063ElRKW
ka7Ss6rOBhFIJx1ST1hcLi/TkVTLP4HH35+vLuVIZBbQB35f1APT6LBQY3oPJQSD
9sdJL5H8tbXIyeI+0RJvQw8fk6XCtzsNZMt2gzMsswVqGwvRWN+LpJ1j/ZwFRV7i
FzpVNk/0DAZFsXvTkH/f3JJkdt4/Jdr+wU+k8V6229hFaiY30rlYmIf/ezy59G5p
ZMESZdEpT5MGz1lelcp237OI6LNNY6g58LClrPJvhXq6sJIw2SbE83oAqaN6SN0t
OzQs+J9WxUMmugA1+4jRWYAjzHIKUrIzec0f3eHtknEtCb8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:30:48 2025 by rpki-client