Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: NLMOZrwHEqMuhWHhX7EnpP292yiTxiKS4/yHg6geVdY=
Subject key identifier: A2:C5:4D:17:FD:43:B3:F7:13:B3:95:19:B7:2D:5A:39:12:91:9E:47
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 1B2AF29942898F571F03A0A65C6BFC245671CCFD
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Fri 13 Jun 2025 06:04:18 +0000
ROA not before: Fri 13 Jun 2025 05:59:18 +0000
ROA not after: Fri 12 Jun 2026 06:04:18 +0000
asID: 0
IP address blocks: 2a14:7580:c000::/36 maxlen: 48
2a14:7581:ffb::/48 maxlen: 48
2a14:7583::/32 maxlen: 48
2a14:7584:8000::/36 maxlen: 48
2a14:7586::/32 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:2a:f2:99:42:89:8f:57:1f:03:a0:a6:5c:6b:fc:24:56:71:cc:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 13 05:59:18 2025 GMT
Not After : Jun 12 06:04:18 2026 GMT
Subject: CN=A2C54D17FD43B3F713B39519B72D5A3912919E47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:61:e5:91:fe:a0:f7:f0:04:5a:35:2b:cb:b4:
00:c7:26:d2:6c:30:7c:b0:49:2a:b4:ba:b4:14:e3:
ca:13:d3:cf:25:94:64:0e:55:a7:f7:1e:46:1a:49:
48:87:f5:f9:f0:4b:d5:9e:26:bf:3f:2a:a7:d3:94:
1d:48:ec:c0:1b:8e:1b:76:57:3b:91:81:65:67:3d:
cc:c4:cd:57:50:72:67:e2:a2:41:41:8d:55:24:c8:
c9:bb:89:66:52:34:30:1c:db:ba:a3:dd:91:bb:f1:
73:d0:6a:84:32:5a:ca:4a:46:4b:c8:6d:ec:96:f9:
08:b4:b3:c0:cf:a5:4c:0c:8b:72:d6:1b:e6:9a:df:
4d:3d:5d:e0:6a:0a:58:5e:a0:7c:9b:db:87:78:92:
8b:a8:66:31:76:33:13:71:33:48:34:f1:d2:b9:8f:
be:fa:f0:f7:80:cc:73:26:72:7c:73:d3:60:c7:14:
fe:b3:57:2a:f7:91:43:87:ff:1d:e9:82:25:30:5d:
50:c1:c4:ae:45:1c:47:16:59:59:b7:27:6f:c9:2d:
83:1b:1f:0e:95:dc:d8:f2:df:e4:ad:9e:f5:73:8a:
e9:4b:a1:9b:3f:a9:e2:b8:e6:ba:03:51:57:04:ba:
f4:fc:e8:ec:72:12:e7:22:09:6d:06:8d:a8:91:45:
76:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C5:4D:17:FD:43:B3:F7:13:B3:95:19:B7:2D:5A:39:12:91:9E:47
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:c000::/36
2a14:7581:ffb::/48
2a14:7583::/32
2a14:7584:8000::/36
2a14:7586::/31
Signature Algorithm: sha256WithRSAEncryption
0d:9f:b5:d4:4e:bf:3d:1a:fb:4a:2f:92:18:b1:86:1e:13:9d:
ad:9f:98:a0:2a:f8:b7:2c:73:c5:37:31:1f:4b:1b:c1:95:10:
86:c8:c4:99:f7:4e:0b:bb:9f:85:65:28:92:80:b7:ee:3d:1a:
62:8f:cf:0b:95:b0:74:ca:12:b7:4c:f3:0f:69:bc:16:ea:95:
7d:aa:5f:af:09:78:34:73:b8:1c:64:ad:cb:c9:8a:f3:8d:f5:
ca:44:84:bd:12:2e:ec:09:53:72:b9:88:ce:23:91:7e:5e:d6:
ea:39:e4:91:c5:d4:9a:11:ca:96:ea:35:75:34:24:33:24:13:
7e:5c:3c:2a:42:27:22:a7:80:a2:b4:1f:c6:6d:8f:b3:e2:41:
d1:36:65:9c:29:33:a2:b8:99:89:1a:bd:f4:8f:40:28:ba:5a:
2c:d0:09:f3:f6:d6:96:00:cd:77:fc:87:1b:8e:95:41:81:fa:
6c:2a:be:fb:0d:d4:06:21:62:9f:d8:da:8a:34:cf:58:6c:21:
1c:f3:16:96:25:f6:60:6b:2d:91:ea:65:1b:5d:3a:dc:58:39:
ff:e3:a3:81:34:00:46:81:7a:41:58:4a:77:35:18:71:87:98:
ce:01:5e:31:8f:a6:58:78:eb:65:66:66:d4:20:84:3a:23:62:
40:33:68:ea
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUGyrymUKJj1cfA6CmXGv8JFZxzP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA2MTMwNTU5MThaFw0yNjA2MTIwNjA0MThaMDMxMTAvBgNV
BAMTKEEyQzU0RDE3RkQ0M0IzRjcxM0IzOTUxOUI3MkQ1QTM5MTI5MTlFNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFYeWR/qD38ARaNSvLtADHJtJs
MHywSSq0urQU48oT088llGQOVaf3HkYaSUiH9fnwS9WeJr8/KqfTlB1I7MAbjht2
VzuRgWVnPczEzVdQcmfiokFBjVUkyMm7iWZSNDAc27qj3ZG78XPQaoQyWspKRkvI
beyW+Qi0s8DPpUwMi3LWG+aa3009XeBqClheoHyb24d4kouoZjF2MxNxM0g08dK5
j7768PeAzHMmcnxz02DHFP6zVyr3kUOH/x3pgiUwXVDBxK5FHEcWWVm3J2/JLYMb
Hw6V3Njy3+StnvVziulLoZs/qeK45roDUVcEuvT86OxyEuciCW0GjaiRRXbtAgMB
AAGjggImMIICIjAdBgNVHQ4EFgQUosVNF/1Ds/cTs5UZty1aORKRnkcwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wLQQCAAIwJwMGBCoUdYDAAwcA
KhR1gQ/7AwUAKhR1gwMGBCoUdYSAAwUBKhR1hjANBgkqhkiG9w0BAQsFAAOCAQEA
DZ+11E6/PRr7Si+SGLGGHhOdrZ+YoCr4tyxzxTcxH0sbwZUQhsjEmfdOC7ufhWUo
koC37j0aYo/PC5WwdMoSt0zzD2m8FuqVfapfrwl4NHO4HGSty8mK8431ykSEvRIu
7AlTcrmIziORfl7W6jnkkcXUmhHKluo1dTQkMyQTflw8KkInIqeAorQfxm2Ps+JB
0TZlnCkzoriZiRq99I9AKLpaLNAJ8/bWlgDNd/yHG46VQYH6bCq++w3UBiFin9ja
ijTPWGwhHPMWliX2YGstkeplG1063Fg5/+OjgTQARoF6QVhKdzUYcYeYzgFeMY+m
WHjrZWZm1CCEOiNiQDNo6g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:22:29 2025 by rpki-client