Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14445.roa
File: AS14445.roa (raw, json)
Hash identifier: td0azcV+w5OAmB9b5mhUVQoOk4RY1yGulSQIEHg2beI=
Subject key identifier: 4E:53:01:95:44:71:67:2C:9B:87:2E:35:13:13:1A:E0:9A:52:2F:7B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 70DFEA3509A0164162398C504516E108352CB80C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14445.roa
Signing time: Tue 01 Apr 2025 00:00:42 +0000
ROA not before: Mon 31 Mar 2025 23:55:42 +0000
ROA not after: Tue 31 Mar 2026 00:00:42 +0000
asID: 14445
IP address blocks: 92.242.184.0/24 maxlen: 24
181.214.101.0/24 maxlen: 24
193.58.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 03:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:df:ea:35:09:a0:16:41:62:39:8c:50:45:16:e1:08:35:2c:b8:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 31 23:55:42 2025 GMT
Not After : Mar 31 00:00:42 2026 GMT
Subject: CN=4E5301954471672C9B872E3513131AE09A522F7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:aa:0e:91:9e:4a:04:f8:80:58:76:b7:d7:bb:
6b:94:37:67:62:76:2f:d4:d8:62:4b:cd:46:5a:e4:
a0:de:79:5c:87:41:f9:22:9e:fa:2e:1f:a9:03:3d:
b4:9e:d1:c7:09:e6:e2:16:b3:f8:88:24:04:ba:39:
7e:21:f6:40:f1:1b:4d:20:cd:c3:a8:ba:bc:80:6a:
6f:13:cc:5e:05:16:c0:3e:32:fb:5a:73:d3:84:6d:
24:5d:be:13:d3:3b:9e:a1:1b:9c:8b:14:e1:bc:8d:
b4:5e:bf:94:77:76:87:34:53:b4:2b:30:f7:31:a2:
65:22:59:6a:3e:1b:88:b9:8e:9a:bd:6b:ce:54:24:
86:33:df:5c:59:33:48:4b:46:81:a2:0e:01:35:24:
11:84:24:83:34:9a:5b:74:f7:af:01:16:c6:1d:7f:
5e:e0:fc:4d:1f:e4:39:b2:8f:ee:ad:b3:9b:b4:98:
17:c0:88:20:21:fb:3c:8e:b1:5a:b3:ee:fd:61:60:
d2:52:4c:94:5d:be:20:22:98:0a:d8:7f:6a:5b:fb:
62:81:52:44:85:39:69:c5:21:72:f0:24:bf:e0:ee:
e8:b4:91:42:6d:a2:74:27:06:5d:d0:3f:0c:e2:ba:
23:09:15:c7:7a:e9:b9:c4:e2:64:9d:76:de:d3:ef:
c6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:53:01:95:44:71:67:2C:9B:87:2E:35:13:13:1A:E0:9A:52:2F:7B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14445.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.184.0/24
181.214.101.0/24
193.58.106.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:66:79:bf:e5:a8:11:15:87:51:dd:f9:53:f5:98:77:8d:1b:
28:fe:73:25:ea:87:c4:f6:a2:dc:46:86:ec:79:58:60:1f:d8:
33:26:25:71:2c:e1:30:89:e9:bd:8c:06:8a:59:ec:71:35:d6:
b0:93:ad:44:83:09:2c:c9:41:1d:8a:de:b0:5c:dc:7b:e9:74:
74:71:96:44:f9:6e:4c:5e:b3:f9:17:e5:7e:5c:ed:69:38:85:
b6:2b:99:0b:03:e2:fd:c4:10:d8:42:79:73:20:e9:26:8c:49:
d5:ae:7c:e8:67:b8:b1:ea:bf:7b:d2:28:28:16:02:3f:08:6a:
aa:34:ad:3c:d3:79:ed:89:4d:b1:1a:5f:52:2c:8b:75:e2:27:
38:1a:3a:a2:14:3b:3d:78:80:e6:2e:63:0b:13:86:b2:cd:8a:
1b:52:29:3d:89:3b:8d:0a:99:4a:97:8e:9e:24:d8:f8:1f:e1:
ca:45:25:c1:25:3e:dd:aa:40:34:6c:35:7b:39:a1:00:ee:29:
be:fb:bb:1e:6b:9f:7f:97:27:4e:17:85:b3:cc:91:4f:5d:1e:
0d:fe:b0:c1:c4:78:18:e4:26:f9:b6:46:1e:8a:3e:7b:d7:b1:
7c:0a:1d:f9:9f:8c:71:5e:5c:81:75:e3:b3:02:49:8a:9e:5c:
26:63:dd:0a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUcN/qNQmgFkFiOYxQRRbhCDUsuAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMzEyMzU1NDJaFw0yNjAzMzEwMDAwNDJaMDMxMTAvBgNV
BAMTKDRFNTMwMTk1NDQ3MTY3MkM5Qjg3MkUzNTEzMTMxQUUwOUE1MjJGN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnqg6RnkoE+IBYdrfXu2uUN2di
di/U2GJLzUZa5KDeeVyHQfkinvouH6kDPbSe0ccJ5uIWs/iIJAS6OX4h9kDxG00g
zcOouryAam8TzF4FFsA+Mvtac9OEbSRdvhPTO56hG5yLFOG8jbRev5R3doc0U7Qr
MPcxomUiWWo+G4i5jpq9a85UJIYz31xZM0hLRoGiDgE1JBGEJIM0mlt0968BFsYd
f17g/E0f5Dmyj+6ts5u0mBfAiCAh+zyOsVqz7v1hYNJSTJRdviAimArYf2pb+2KB
UkSFOWnFIXLwJL/g7ui0kUJtonQnBl3QPwziuiMJFcd66bnE4mSddt7T78ZZAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUTlMBlURxZyybhy41ExMa4JpSL3swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ0NDUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABc8rgD
BAC11mUDBADBOmowDQYJKoZIhvcNAQELBQADggEBAD5meb/lqBEVh1Hd+VP1mHeN
Gyj+cyXqh8T2otxGhux5WGAf2DMmJXEs4TCJ6b2MBopZ7HE11rCTrUSDCSzJQR2K
3rBc3HvpdHRxlkT5bkxes/kX5X5c7Wk4hbYrmQsD4v3EENhCeXMg6SaMSdWufOhn
uLHqv3vSKCgWAj8Iaqo0rTzTee2JTbEaX1Isi3XiJzgaOqIUOz14gOYuYwsThrLN
ihtSKT2JO40KmUqXjp4k2Pgf4cpFJcElPt2qQDRsNXs5oQDuKb77ux5rn3+XJ04X
hbPMkU9dHg3+sMHEeBjkJvm2Rh6KPnvXsXwKHfmfjHFeXIF147MCSYqeXCZj3Qo=
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:14:21 2025 by rpki-client