Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS61003.roa
File: AS61003.roa (raw, json)
Hash identifier: Khq/sn6EDDtONEHzivuncZA2uiqN8hc6vYZR5Uba+Fw=
Subject key identifier: 2B:BF:8B:62:FF:CA:04:D4:BC:C7:68:92:B3:A4:92:8D:D1:0F:33:CE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 311FE963F7978EF79F5AD6F9529D997F7FC1DC0D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS61003.roa
Signing time: Fri 18 Jul 2025 00:00:25 +0000
ROA not before: Thu 17 Jul 2025 23:55:25 +0000
ROA not after: Fri 17 Jul 2026 00:00:25 +0000
asID: 61003
IP address blocks: 143.14.151.0/24 maxlen: 24
143.14.169.0/24 maxlen: 24
155.117.55.0/24 maxlen: 24
167.148.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:1f:e9:63:f7:97:8e:f7:9f:5a:d6:f9:52:9d:99:7f:7f:c1:dc:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 17 23:55:25 2025 GMT
Not After : Jul 17 00:00:25 2026 GMT
Subject: CN=2BBF8B62FFCA04D4BCC76892B3A4928DD10F33CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0a:de:d8:53:43:8f:1c:1f:28:87:ce:0a:95:
86:2b:94:db:92:c5:a7:c6:ad:d5:ac:ec:cf:15:ba:
59:75:28:da:66:bc:9a:a8:29:a7:0f:5a:e3:74:46:
8b:bc:6a:fb:ee:14:13:4d:e9:5e:c6:ff:60:b9:d4:
67:76:8b:45:a0:d8:1b:cb:fc:dd:71:2c:f7:b3:2c:
a6:fb:a5:26:e9:2b:57:e6:f0:af:a2:e3:63:41:65:
66:f7:db:fb:fd:b0:b2:09:11:6b:26:75:84:9f:e8:
8d:ff:62:f9:8e:0e:d5:bd:59:85:87:3a:cd:c6:8c:
f7:62:d6:aa:d5:9f:66:73:38:fd:a4:78:0c:ff:21:
36:fd:18:06:87:90:af:79:43:36:50:92:ac:e1:24:
0e:79:36:fa:64:3b:1e:c5:47:66:8f:ae:a8:d7:62:
23:d5:50:8c:c8:ac:49:c8:eb:13:48:55:b6:8f:4b:
a7:25:6a:d0:f0:ff:1b:8c:42:5d:ef:50:47:39:fe:
09:34:51:92:e9:d0:59:36:4d:98:86:bf:84:c2:42:
fc:15:28:7f:5d:ff:85:0b:1a:be:4c:8d:38:bf:d9:
02:f0:e1:7a:1f:a1:a2:0a:16:be:ea:17:34:c5:7b:
20:82:f5:14:97:aa:1b:81:d4:ba:b1:94:20:37:de:
4c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BF:8B:62:FF:CA:04:D4:BC:C7:68:92:B3:A4:92:8D:D1:0F:33:CE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS61003.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.151.0/24
143.14.169.0/24
155.117.55.0/24
167.148.154.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:e4:79:91:43:92:0b:49:2b:7f:0f:d9:97:2b:7b:a1:76:5e:
20:f1:87:73:c0:51:14:ba:2f:e6:9c:1a:d4:e8:a9:36:c7:10:
21:30:13:e5:e1:23:00:40:e4:3e:77:75:04:94:44:20:32:de:
08:b6:97:7d:86:0f:95:57:71:7c:4c:0a:f3:d6:60:da:ce:f1:
54:63:7f:43:9e:eb:e1:fd:f4:48:f0:e4:dc:87:df:29:96:b6:
b7:7e:11:27:12:e2:13:b7:ee:71:5c:7a:6f:52:48:09:6c:11:
d0:30:9f:f5:a1:0a:62:f3:ad:80:17:45:41:37:12:cb:fd:2e:
4c:31:71:62:79:d9:27:b8:09:59:d6:8f:d1:0b:92:ef:25:db:
0d:04:22:83:4e:00:8a:bf:50:9b:90:d0:08:7e:c2:3f:80:f7:
04:d2:a5:fb:c4:2a:dc:2f:f1:cf:45:39:0a:04:21:19:19:af:
54:db:69:80:0d:bf:da:c4:5d:d9:c3:4f:92:c2:be:1d:74:f6:
2f:7a:65:b5:48:0c:dd:83:8c:80:e4:8c:b0:70:2b:08:35:0c:
0d:d5:ca:f4:4a:54:6d:32:d2:4d:ea:05:24:af:f8:71:d4:e3:
1e:80:8d:c9:82:a8:d2:f2:03:78:15:f8:84:80:d1:cc:0f:24:
b3:ae:92:74
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUMR/pY/eXjvefWtb5Up2Zf3/B3A0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTcyMzU1MjVaFw0yNjA3MTcwMDAwMjVaMDMxMTAvBgNV
BAMTKDJCQkY4QjYyRkZDQTA0RDRCQ0M3Njg5MkIzQTQ5MjhERDEwRjMzQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUCt7YU0OPHB8oh84KlYYrlNuS
xafGrdWs7M8Vull1KNpmvJqoKacPWuN0Rou8avvuFBNN6V7G/2C51Gd2i0Wg2BvL
/N1xLPezLKb7pSbpK1fm8K+i42NBZWb32/v9sLIJEWsmdYSf6I3/YvmODtW9WYWH
Os3GjPdi1qrVn2ZzOP2keAz/ITb9GAaHkK95QzZQkqzhJA55NvpkOx7FR2aPrqjX
YiPVUIzIrEnI6xNIVbaPS6clatDw/xuMQl3vUEc5/gk0UZLp0Fk2TZiGv4TCQvwV
KH9d/4ULGr5MjTi/2QLw4XofoaIKFr7qFzTFeyCC9RSXqhuB1LqxlCA33ky9AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUK7+LYv/KBNS8x2iSs6SSjdEPM84wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjEwMDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACPDpcD
BACPDqkDBACbdTcDBACnlJowDQYJKoZIhvcNAQELBQADggEBAE/keZFDkgtJK38P
2Zcre6F2XiDxh3PAURS6L+acGtToqTbHECEwE+XhIwBA5D53dQSURCAy3gi2l32G
D5VXcXxMCvPWYNrO8VRjf0Oe6+H99Ejw5NyH3ymWtrd+EScS4hO37nFcem9SSAls
EdAwn/WhCmLzrYAXRUE3Esv9LkwxcWJ52Se4CVnWj9ELku8l2w0EIoNOAIq/UJuQ
0Ah+wj+A9wTSpfvEKtwv8c9FOQoEIRkZr1TbaYANv9rEXdnDT5LCvh109i96ZbVI
DN2DjIDkjLBwKwg1DA3VyvRKVG0y0k3qBSSv+HHU4x6AjcmCqNLyA3gV+ISA0cwP
JLOuknQ=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:41:26 2025 by rpki-client