Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS44355.roa
File: AS44355.roa (raw, json)
Hash identifier: /LXRfxYRCHljdphleikEZP61a4vYYktuKegJuCA1qAE=
Subject key identifier: 3A:B7:9C:CC:A9:D8:12:0A:78:9A:14:0C:8F:B7:B6:5E:DF:5A:FA:86
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 53A53CCE7328670043E64366E2A2D181536A01D7
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS44355.roa
Signing time: Sun 11 May 2025 02:26:39 +0000
ROA not before: Sun 11 May 2025 02:21:39 +0000
ROA not after: Sun 10 May 2026 02:26:39 +0000
asID: 44355
IP address blocks: 193.57.167.0/24 maxlen: 24
2a0f:85c0:2::/48 maxlen: 48
2a0f:85c0:400::/48 maxlen: 48
2a0f:85c2:20::/48 maxlen: 48
2a0f:85c2:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:a5:3c:ce:73:28:67:00:43:e6:43:66:e2:a2:d1:81:53:6a:01:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: May 11 02:21:39 2025 GMT
Not After : May 10 02:26:39 2026 GMT
Subject: CN=3AB79CCCA9D8120A789A140C8FB7B65EDF5AFA86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:83:41:04:47:03:fa:05:f4:9a:4b:9c:e9:23:
38:53:67:49:00:d5:3d:d0:01:47:91:d0:2a:8f:58:
98:1a:76:85:64:49:bf:71:37:e2:b2:34:5f:e1:1b:
6c:a5:48:b6:df:e8:26:af:4e:fc:8b:f6:26:7b:c6:
3f:05:c2:ea:0d:96:4c:53:2c:d8:89:e7:42:7b:7b:
cb:a2:86:55:4a:e2:07:d4:6a:63:ea:09:41:77:45:
52:f2:88:20:48:b1:64:63:b1:e5:46:6c:c7:75:7f:
a3:8d:cd:49:69:4d:64:97:71:f8:fa:33:ca:d0:1d:
07:18:64:dc:31:a8:e3:34:ed:89:77:44:1f:a1:85:
3a:e6:79:af:bc:9a:23:d1:57:cc:e6:c0:76:0d:bd:
41:63:40:2b:d7:ea:5c:1d:3e:2a:89:93:0c:d7:9b:
f4:4a:d9:3f:63:41:fa:53:b8:fe:84:6c:d9:57:cb:
5f:46:96:0f:21:77:05:0b:99:9f:81:b7:6d:f8:50:
15:f1:0e:8e:b9:1e:f1:ac:8e:36:33:bd:20:af:f9:
e0:56:cb:41:83:44:c9:21:f8:0a:4c:d6:69:05:5c:
22:b4:15:4a:20:26:61:e9:a0:e9:08:2f:94:6d:e2:
b6:9b:2e:8e:72:7d:7c:a7:e6:74:3b:ac:a4:a8:b6:
c2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B7:9C:CC:A9:D8:12:0A:78:9A:14:0C:8F:B7:B6:5E:DF:5A:FA:86
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS44355.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.167.0/24
IPv6:
2a0f:85c0:2::/48
2a0f:85c0:400::/48
2a0f:85c2:20::/48
2a0f:85c2:100::/40
Signature Algorithm: sha256WithRSAEncryption
6a:ef:c7:2d:f1:c4:95:69:76:86:0c:41:06:5b:ea:99:66:90:
60:1f:36:86:d2:54:52:f2:c5:10:e1:75:b7:af:c1:b7:50:4f:
48:c9:cb:db:96:4f:ad:6d:20:29:a8:23:dd:3c:e9:4b:4c:94:
19:87:57:40:a3:cd:14:8d:76:27:7d:cd:bf:05:96:53:3d:bb:
c5:84:d0:79:6a:28:b9:a0:60:76:f6:c0:1b:ed:95:5b:09:61:
9b:61:a4:8a:e4:48:c2:33:49:d6:f1:d8:81:c2:fb:87:b3:f7:
6d:be:d1:14:00:c5:0f:4f:e0:71:09:1b:4b:8b:6c:ef:eb:e9:
e2:40:49:85:43:4f:08:ea:85:9e:f8:99:09:6d:72:a1:a4:63:
2d:73:76:a2:8c:05:4e:58:67:1c:53:4d:23:00:f9:6a:47:6f:
a4:c9:32:be:0d:e0:19:81:70:4b:ab:2d:16:d5:a2:68:0e:96:
3c:78:60:17:8d:7e:1c:fd:6a:15:02:5c:9f:a4:9f:cc:3e:3a:
80:b5:ed:6d:39:07:ca:ef:8d:1b:7f:48:20:ad:4b:3e:da:16:
a5:7f:8a:1a:2c:59:c3:cc:27:3a:db:e4:0e:32:20:e5:dc:fd:
c2:d0:2c:a6:bd:02:a7:c6:b2:b2:42:2c:57:83:8a:05:50:91:
ec:65:d7:1d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUU6U8znMoZwBD5kNm4qLRgVNqAdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA1MTEwMjIxMzlaFw0yNjA1MTAwMjI2MzlaMDMxMTAvBgNV
BAMTKDNBQjc5Q0NDQTlEODEyMEE3ODlBMTQwQzhGQjdCNjVFREY1QUZBODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClg0EERwP6BfSaS5zpIzhTZ0kA
1T3QAUeR0CqPWJgadoVkSb9xN+KyNF/hG2ylSLbf6CavTvyL9iZ7xj8FwuoNlkxT
LNiJ50J7e8uihlVK4gfUamPqCUF3RVLyiCBIsWRjseVGbMd1f6ONzUlpTWSXcfj6
M8rQHQcYZNwxqOM07Yl3RB+hhTrmea+8miPRV8zmwHYNvUFjQCvX6lwdPiqJkwzX
m/RK2T9jQfpTuP6EbNlXy19Glg8hdwULmZ+Bt234UBXxDo65HvGsjjYzvSCv+eBW
y0GDRMkh+ApM1mkFXCK0FUogJmHpoOkIL5Rt4rabLo5yfXyn5nQ7rKSotsInAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUOreczKnYEgp4mhQMj7e2Xt9a+oYwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTNDQzNTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSgYIKwYBBQUHAQcBAf8EOzA5MAwEAgABMAYDBADBOacw
KQQCAAIwIwMHACoPhcAAAgMHACoPhcAEAAMHACoPhcIAIAMGACoPhcIBMA0GCSqG
SIb3DQEBCwUAA4IBAQBq78ct8cSVaXaGDEEGW+qZZpBgHzaG0lRS8sUQ4XW3r8G3
UE9Iycvblk+tbSApqCPdPOlLTJQZh1dAo80UjXYnfc2/BZZTPbvFhNB5aii5oGB2
9sAb7ZVbCWGbYaSK5EjCM0nW8diBwvuHs/dtvtEUAMUPT+BxCRtLi2zv6+niQEmF
Q08I6oWe+JkJbXKhpGMtc3aijAVOWGccU00jAPlqR2+kyTK+DeAZgXBLqy0W1aJo
DpY8eGAXjX4c/WoVAlyfpJ/MPjqAte1tOQfK740bf0ggrUs+2half4oaLFnDzCc6
2+QOMiDl3P3C0CymvQKnxrKyQixXg4oFUJHsZdcd
-----END CERTIFICATE-----
Generated at Sun Jun 15 02:32:44 2025 by rpki-client