Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63902.roa
File: AS63902.roa (raw, json)
Hash identifier: NGGXPZIU8bjIEtHVNGvcXmICZ4SpmWbolkH3f6gmzHA=
Subject key identifier: 3C:D6:B2:87:69:90:A3:C0:F2:E5:E6:02:C8:E3:34:A3:45:3B:26:3B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 12995F1FAD5F431D0F865E8A0F62CCE40156C206
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63902.roa
Signing time: Tue 27 May 2025 12:03:42 +0000
ROA not before: Tue 27 May 2025 11:58:42 +0000
ROA not after: Tue 26 May 2026 12:03:42 +0000
asID: 63902
IP address blocks: 96.62.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:99:5f:1f:ad:5f:43:1d:0f:86:5e:8a:0f:62:cc:e4:01:56:c2:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 27 11:58:42 2025 GMT
Not After : May 26 12:03:42 2026 GMT
Subject: CN=3CD6B2876990A3C0F2E5E602C8E334A3453B263B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ef:c4:e6:bc:a0:79:90:33:6f:01:bd:c7:97:
8d:4c:33:73:ad:00:0f:32:37:74:55:7d:7f:f4:00:
09:09:88:38:41:69:03:22:6b:3d:63:de:e4:cf:0d:
de:7a:27:3e:7e:6b:3e:fd:cb:17:c0:23:4e:d7:ef:
ac:22:2a:c6:9e:93:2f:df:bf:70:06:b5:92:21:2d:
b4:75:8a:0e:29:c8:d8:33:17:1f:de:c9:0f:5c:cd:
62:cf:0b:80:5c:9e:e9:25:af:04:80:cf:6f:47:61:
77:03:e9:e6:ce:fd:dc:93:f1:fe:de:b3:c6:6b:3a:
69:eb:ac:a4:c6:1a:5a:6f:17:75:df:22:31:bc:8a:
3d:8f:44:39:42:44:76:ed:3a:8e:11:02:06:6f:55:
85:d5:93:c3:07:a0:62:aa:b9:36:26:53:91:fe:52:
01:88:03:fe:73:b0:01:d2:a1:05:b5:c7:fa:ee:2a:
d5:db:97:97:43:e8:59:0c:ae:1f:cd:eb:0e:f5:a9:
23:89:0b:ed:ae:57:5f:ac:51:71:84:2d:56:fc:99:
d4:da:9d:23:e8:76:80:ee:66:8b:02:e2:ae:41:56:
67:18:3c:b1:fa:11:9e:44:b8:90:e9:f9:85:07:cc:
de:f5:dc:bc:28:e6:68:e6:e8:e7:00:88:e7:5f:a9:
8d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D6:B2:87:69:90:A3:C0:F2:E5:E6:02:C8:E3:34:A3:45:3B:26:3B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63902.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.222.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:02:8d:fe:2a:1a:69:c6:21:5d:e8:ad:eb:3d:5c:7d:fb:70:
17:c7:fa:92:f8:1e:26:25:ea:45:ca:f3:19:81:1d:43:c4:4e:
29:28:93:01:75:b7:3c:86:01:a8:c4:cd:4f:2d:0b:78:ed:8f:
a3:bf:99:f0:b3:61:d5:58:6b:40:cc:56:be:c3:f5:b1:b5:c9:
67:60:b2:c3:6b:3c:ad:d0:db:0f:9b:8b:e9:fa:0c:6e:ad:1d:
b4:55:48:19:e1:0f:77:b7:23:7e:d1:b4:06:cd:03:7c:00:e5:
a0:0f:ba:ae:ba:a2:57:ff:ba:1e:56:1e:35:ce:98:cf:a8:f9:
84:e5:36:e6:c5:3d:2b:0f:98:76:c1:4e:56:9f:e9:08:fd:fd:
b2:6a:94:f0:59:81:18:7c:d0:56:36:d2:25:c4:0c:3e:bf:06:
ba:4c:4f:c6:79:3d:42:b5:b7:3e:90:40:57:d0:59:cf:78:6d:
c0:f7:24:0e:f8:09:73:75:71:15:c4:13:74:86:77:f5:d6:d1:
d9:d2:ff:c0:fa:bf:ec:73:b5:be:dc:84:9b:40:0f:5f:6f:cf:
61:5c:d9:be:e1:7d:50:4a:9b:bd:85:43:87:36:8a:49:22:dc:
f3:71:6a:06:91:70:df:a6:ad:a3:7e:3e:f1:d7:31:95:ba:6e:
77:cf:3e:60
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUEplfH61fQx0Phl6KD2LM5AFWwgYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MjcxMTU4NDJaFw0yNjA1MjYxMjAzNDJaMDMxMTAvBgNV
BAMTKDNDRDZCMjg3Njk5MEEzQzBGMkU1RTYwMkM4RTMzNEEzNDUzQjI2M0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy78TmvKB5kDNvAb3Hl41MM3Ot
AA8yN3RVfX/0AAkJiDhBaQMiaz1j3uTPDd56Jz5+az79yxfAI07X76wiKsaeky/f
v3AGtZIhLbR1ig4pyNgzFx/eyQ9czWLPC4BcnuklrwSAz29HYXcD6ebO/dyT8f7e
s8ZrOmnrrKTGGlpvF3XfIjG8ij2PRDlCRHbtOo4RAgZvVYXVk8MHoGKquTYmU5H+
UgGIA/5zsAHSoQW1x/ruKtXbl5dD6FkMrh/N6w71qSOJC+2uV1+sUXGELVb8mdTa
nSPodoDuZosC4q5BVmcYPLH6EZ5EuJDp+YUHzN713Lwo5mjm6OcAiOdfqY0VAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUPNayh2mQo8Dy5eYCyOM0o0U7JjswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjM5MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABgPt4w
DQYJKoZIhvcNAQELBQADggEBAEsCjf4qGmnGIV3ores9XH37cBfH+pL4HiYl6kXK
8xmBHUPETikokwF1tzyGAajEzU8tC3jtj6O/mfCzYdVYa0DMVr7D9bG1yWdgssNr
PK3Q2w+bi+n6DG6tHbRVSBnhD3e3I37RtAbNA3wA5aAPuq66olf/uh5WHjXOmM+o
+YTlNubFPSsPmHbBTlaf6Qj9/bJqlPBZgRh80FY20iXEDD6/BrpMT8Z5PUK1tz6Q
QFfQWc94bcD3JA74CXN1cRXEE3SGd/XW0dnS/8D6v+xztb7chJtAD19vz2Fc2b7h
fVBKm72FQ4c2ikki3PNxagaRcN+mraN+PvHXMZW6bnfPPmA=
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:48:25 2025 by rpki-client