Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS984.roa
File: AS984.roa (raw, json)
Hash identifier: NHgw9srgYXter9EykROMZWc97bpavgD6ZK1jt6IG+Pw=
Subject key identifier: 47:74:DD:35:88:58:04:7E:4D:48:A8:0E:76:F2:8C:99:E7:5E:00:46
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 25D87692FC2C005D1044706FE858E4CB9FFFE892
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS984.roa
Signing time: Tue 10 Jun 2025 13:30:10 +0000
ROA not before: Tue 10 Jun 2025 13:25:10 +0000
ROA not after: Tue 09 Jun 2026 13:30:10 +0000
asID: 984
IP address blocks: 2a13:9500:8c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 14:20:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:d8:76:92:fc:2c:00:5d:10:44:70:6f:e8:58:e4:cb:9f:ff:e8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 10 13:25:10 2025 GMT
Not After : Jun 9 13:30:10 2026 GMT
Subject: CN=4774DD358858047E4D48A80E76F28C99E75E0046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:44:ec:70:39:3c:af:f2:09:e7:07:03:19:e5:
dc:40:f9:29:e0:0f:40:63:16:6e:b0:6e:bc:29:50:
a3:ef:c9:3f:3f:a1:ae:8a:87:f7:08:ee:8d:0d:fa:
3e:e6:78:44:36:ca:e0:6f:3d:86:17:0e:af:63:d3:
89:48:28:83:14:3f:19:52:19:31:e0:4e:5b:a8:27:
ae:7f:18:b5:4e:b5:c0:f7:74:98:49:e9:98:26:be:
f0:cc:0b:be:a7:05:b0:f5:49:69:e7:2c:e2:0f:78:
6a:b8:3f:87:e7:bb:2c:ff:53:dd:df:0c:fb:2e:70:
ee:ba:82:0f:d2:e4:66:86:89:e8:0d:57:0c:3a:fb:
26:c2:05:2b:0d:96:48:e2:49:90:76:fd:b5:ab:ac:
ac:38:58:9c:8b:af:2f:ac:54:05:77:dd:7f:ba:2f:
fa:3a:55:7b:80:3f:ac:c5:c8:ec:92:4d:a2:08:78:
ee:57:46:d9:0d:21:cc:21:29:6f:9c:bc:74:7f:79:
c9:4f:2e:15:1d:af:20:9d:a3:de:bc:40:e6:49:f0:
ce:8d:d5:a6:65:6c:02:63:7b:00:b8:6f:a2:1e:0c:
f3:d9:a9:12:d9:21:a0:fa:1c:8c:67:7b:ac:bb:2e:
56:8e:93:5b:23:2a:cd:4a:b3:ba:48:16:d4:f4:cb:
1c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:74:DD:35:88:58:04:7E:4D:48:A8:0E:76:F2:8C:99:E7:5E:00:46
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS984.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:8c::/48
Signature Algorithm: sha256WithRSAEncryption
99:4d:9a:f4:61:75:76:65:29:af:09:bc:c5:88:2e:4a:b8:0f:
42:18:00:a5:df:c1:84:cd:bb:78:1b:d1:19:d2:0c:90:a1:2b:
39:38:5a:c9:07:57:e7:4a:66:4b:87:73:8f:2e:83:4e:87:ff:
cf:49:59:ba:12:45:a5:60:1c:5d:a6:07:9e:b5:88:a9:ba:bf:
55:c1:95:7e:c9:6d:a3:55:74:c1:e5:2d:c5:b2:cb:e8:d9:ba:
f8:15:37:a9:a7:e8:c1:7d:d5:24:47:7c:53:88:45:b9:fa:29:
60:d8:3a:10:75:c5:fc:fb:ba:bc:c0:c7:2e:db:b4:9e:f0:d7:
74:4c:92:5f:13:89:1b:37:5f:42:63:6c:03:d7:12:98:cb:75:
a3:22:90:37:6b:fe:bd:0c:83:dc:cf:a4:d5:08:ea:fa:72:e4:
47:bf:15:85:8a:3c:f8:71:5d:e7:77:ab:98:50:39:4b:96:a3:
6c:8d:80:db:c1:bd:c8:78:d3:ea:07:87:1d:48:5b:fc:5a:de:
60:1b:14:eb:3f:2a:6d:95:e4:72:e1:57:47:e4:47:48:2d:39:
73:0e:05:c1:7d:11:a1:25:01:c1:f7:09:66:21:a8:c7:72:a7:
e8:28:d8:f2:6e:85:1c:2a:c2:67:46:53:1b:d0:a9:96:fa:10:
3b:7e:75:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUJdh2kvwsAF0QRHBv6Fjky5//6JIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTAxMzI1MTBaFw0yNjA2MDkxMzMwMTBaMDMxMTAvBgNV
BAMTKDQ3NzRERDM1ODg1ODA0N0U0RDQ4QTgwRTc2RjI4Qzk5RTc1RTAwNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTROxwOTyv8gnnBwMZ5dxA+Sng
D0BjFm6wbrwpUKPvyT8/oa6Kh/cI7o0N+j7meEQ2yuBvPYYXDq9j04lIKIMUPxlS
GTHgTluoJ65/GLVOtcD3dJhJ6ZgmvvDMC76nBbD1SWnnLOIPeGq4P4fnuyz/U93f
DPsucO66gg/S5GaGiegNVww6+ybCBSsNlkjiSZB2/bWrrKw4WJyLry+sVAV33X+6
L/o6VXuAP6zFyOySTaIIeO5XRtkNIcwhKW+cvHR/eclPLhUdryCdo968QOZJ8M6N
1aZlbAJjewC4b6IeDPPZqRLZIaD6HIxne6y7LlaOk1sjKs1Ks7pIFtT0yxz9AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUR3TdNYhYBH5NSKgOdvKMmedeAEYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTg0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOVAACM
MA0GCSqGSIb3DQEBCwUAA4IBAQCZTZr0YXV2ZSmvCbzFiC5KuA9CGACl38GEzbt4
G9EZ0gyQoSs5OFrJB1fnSmZLh3OPLoNOh//PSVm6EkWlYBxdpgeetYipur9VwZV+
yW2jVXTB5S3Fssvo2br4FTepp+jBfdUkR3xTiEW5+ilg2DoQdcX8+7q8wMcu27Se
8Nd0TJJfE4kbN19CY2wD1xKYy3WjIpA3a/69DIPcz6TVCOr6cuRHvxWFijz4cV3n
d6uYUDlLlqNsjYDbwb3IeNPqB4cdSFv8Wt5gGxTrPyptleRy4VdH5EdILTlzDgXB
fRGhJQHB9wlmIajHcqfoKNjyboUcKsJnRlMb0KmW+hA7fnU5
-----END CERTIFICATE-----
Generated at Sat Jun 14 04:11:47 2025 by rpki-client