Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS57043.roa
File: AS57043.roa (raw, json)
Hash identifier: 5kt0gUPpPlXUEkEZgXCUZ1bMA7kcongFeMkYDKoEOqw=
Subject key identifier: 28:49:35:21:CD:C5:F5:0E:DC:C6:87:05:2C:E8:A2:6A:F5:4E:80:CE
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 24A2DA85C7BB95C445F9FB6270DD21FEE1CCFE21
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS57043.roa
Signing time: Wed 29 Oct 2025 14:19:14 +0000
ROA not before: Wed 29 Oct 2025 14:14:14 +0000
ROA not after: Wed 28 Oct 2026 14:19:14 +0000
asID: 57043
IP address blocks: 82.139.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:a2:da:85:c7:bb:95:c4:45:f9:fb:62:70:dd:21:fe:e1:cc:fe:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Oct 29 14:14:14 2025 GMT
Not After : Oct 28 14:19:14 2026 GMT
Subject: CN=28493521CDC5F50EDCC687052CE8A26AF54E80CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fe:ed:55:d7:19:3b:80:c5:53:44:16:c4:02:
ce:bd:64:d2:67:b3:12:93:9a:8c:62:3e:58:c8:3f:
a9:86:cf:5b:2d:2e:9a:9b:94:21:b7:5d:98:f6:0d:
49:14:6f:80:46:5e:58:4f:ad:28:f8:f1:cd:03:36:
cb:c5:73:4e:02:54:7d:9e:66:32:cc:71:de:71:8e:
91:19:1f:9b:8d:24:91:78:43:ee:71:7a:2e:d8:0a:
ac:7b:61:0c:a5:eb:95:71:27:15:37:24:1b:6d:4f:
81:7a:98:87:e1:3f:ce:26:ee:37:49:5d:35:e6:ca:
46:04:a4:da:03:90:4d:bc:8f:1d:c2:e1:50:63:6d:
64:c1:be:98:9b:44:3f:ca:70:da:8c:34:e1:ff:9a:
8b:06:17:61:93:26:f2:d0:19:16:ed:c9:55:c5:9a:
7c:6f:ec:59:44:4d:9f:d7:11:37:a1:38:36:bf:29:
e8:33:cf:8f:73:75:8a:ae:8b:b7:ab:aa:d2:af:96:
62:09:62:49:bc:be:e4:61:ed:9d:69:75:f8:45:a4:
29:54:fe:e1:98:8c:a7:3e:a7:56:d2:8f:39:43:e7:
79:52:19:4e:33:c8:d8:69:20:9b:2a:63:2b:f1:7c:
aa:c0:52:f4:95:ad:a5:1d:7a:3a:5e:2a:9a:56:14:
f1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:49:35:21:CD:C5:F5:0E:DC:C6:87:05:2C:E8:A2:6A:F5:4E:80:CE
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS57043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.193.0/24
Signature Algorithm: sha256WithRSAEncryption
32:e5:06:70:3d:4d:55:02:81:66:5d:69:ae:48:bd:1c:91:83:
13:d7:56:99:17:7f:10:9f:41:6f:7a:86:a5:e7:23:19:5d:00:
2c:72:1e:84:c2:4d:55:89:e6:12:5b:a6:29:62:f6:4d:0c:e7:
42:95:9a:40:fe:ae:f4:ed:7d:f4:f3:33:8b:3a:9d:74:bf:79:
45:a5:92:3d:a6:cc:d7:b8:fd:e1:36:43:2d:4c:8e:c2:d4:2d:
4d:5d:ae:84:4f:3d:79:6c:7a:7a:8f:fc:61:2a:63:4e:f8:cc:
1c:a4:d1:67:28:10:36:1e:d2:9d:f9:e8:53:62:09:10:5e:cd:
dd:44:f8:31:02:aa:30:e3:d2:74:48:9e:56:d5:ad:fa:5a:5a:
c8:7a:7d:b3:8f:40:37:78:dd:1b:21:f0:d6:10:ce:fd:78:6c:
b5:ba:c7:b2:0c:ed:d5:e7:2b:fb:8d:5a:d0:b7:b4:f7:c4:06:
0c:03:16:70:a5:26:fe:c4:46:2d:96:8b:de:c2:e1:04:a0:0d:
f5:4a:7c:8f:c7:53:31:ab:3f:4c:68:84:dc:9a:79:b8:73:68:
83:fa:4e:e1:8c:08:7b:07:6b:0f:08:b7:b8:56:8c:0e:61:56:
b4:dc:9e:84:a7:1a:48:13:95:f7:3a:8d:ea:a5:ab:d0:b3:72:
99:34:bc:a8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUJKLahce7lcRF+fticN0h/uHM/iEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTEwMjkxNDE0MTRaFw0yNjEwMjgxNDE5MTRaMDMxMTAvBgNV
BAMTKDI4NDkzNTIxQ0RDNUY1MEVEQ0M2ODcwNTJDRThBMjZBRjU0RTgwQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs/u1V1xk7gMVTRBbEAs69ZNJn
sxKTmoxiPljIP6mGz1stLpqblCG3XZj2DUkUb4BGXlhPrSj48c0DNsvFc04CVH2e
ZjLMcd5xjpEZH5uNJJF4Q+5xei7YCqx7YQyl65VxJxU3JBttT4F6mIfhP84m7jdJ
XTXmykYEpNoDkE28jx3C4VBjbWTBvpibRD/KcNqMNOH/mosGF2GTJvLQGRbtyVXF
mnxv7FlETZ/XETehODa/Kegzz49zdYqui7erqtKvlmIJYkm8vuRh7Z1pdfhFpClU
/uGYjKc+p1bSjzlD53lSGU4zyNhpIJsqYyvxfKrAUvSVraUdejpeKppWFPHJAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUKEk1Ic3F9Q7cxocFLOiiavVOgM4wHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTNTcwNDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSi8Ew
DQYJKoZIhvcNAQELBQADggEBADLlBnA9TVUCgWZdaa5IvRyRgxPXVpkXfxCfQW96
hqXnIxldACxyHoTCTVWJ5hJbpili9k0M50KVmkD+rvTtffTzM4s6nXS/eUWlkj2m
zNe4/eE2Qy1MjsLULU1droRPPXlsenqP/GEqY074zByk0WcoEDYe0p356FNiCRBe
zd1E+DECqjDj0nRInlbVrfpaWsh6fbOPQDd43Rsh8NYQzv14bLW6x7IM7dXnK/uN
WtC3tPfEBgwDFnClJv7ERi2Wi97C4QSgDfVKfI/HUzGrP0xohNyaebhzaIP6TuGM
CHsHaw8It7hWjA5hVrTcnoSnGkgTlfc6jeqlq9Czcpk0vKg=
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:05:18 2025 by rpki-client