Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: 9rtJ3tjjThvZtwMa6HxISmmLdrKdRben5onLocn177Q=
Subject key identifier: D1:D4:0B:01:21:AB:56:05:E9:A2:BA:CD:29:20:89:85:F7:CC:90:2F
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 4352F82DE4C6C56B404A93875EB529ED4E51329B
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Tue 04 Nov 2025 11:54:58 +0000
ROA not before: Tue 04 Nov 2025 11:49:58 +0000
ROA not after: Tue 03 Nov 2026 11:54:58 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:50::/44 maxlen: 44
2a14:7580:9000::/36 maxlen: 48
2a14:7580:c000::/36 maxlen: 48
2a14:7580:f100::/40 maxlen: 48
2a14:7580:f400::/40 maxlen: 48
2a14:7580:f500::/40 maxlen: 48
2a14:7580:f600::/40 maxlen: 48
2a14:7580:f700::/40 maxlen: 48
2a14:7580:f800::/40 maxlen: 48
2a14:7580:f900::/40 maxlen: 48
2a14:7580:fa00::/40 maxlen: 48
2a14:7580:ff00::/44 maxlen: 48
2a14:7580:ff30::/44 maxlen: 48
2a14:7581:f60::/44 maxlen: 48
2a14:7581:f90::/44 maxlen: 48
2a14:7581:fa0::/44 maxlen: 48
2a14:7581:fb0::/44 maxlen: 48
2a14:7581:fc0::/44 maxlen: 48
2a14:7581:fd0::/44 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:ff2::/48 maxlen: 48
2a14:7581:ff8::/48 maxlen: 48
2a14:7581:9b00::/40 maxlen: 48
2a14:7581:9c00::/40 maxlen: 48
2a14:7581:9e00::/40 maxlen: 48
2a14:7581:9f00::/44 maxlen: 48
2a14:7581:9f10::/44 maxlen: 48
2a14:7582::/32 maxlen: 48
2a14:7583::/32 maxlen: 32
2a14:7583:3000::/36 maxlen: 48
2a14:7583:4000::/36 maxlen: 48
2a14:7583:5000::/36 maxlen: 48
2a14:7584:1000::/36 maxlen: 48
2a14:7584:6000::/36 maxlen: 48
2a14:7586::/32 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:52:f8:2d:e4:c6:c5:6b:40:4a:93:87:5e:b5:29:ed:4e:51:32:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Nov 4 11:49:58 2025 GMT
Not After : Nov 3 11:54:58 2026 GMT
Subject: CN=D1D40B0121AB5605E9A2BACD29208985F7CC902F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5c:49:06:1e:44:bb:19:26:32:62:a6:7c:97:
1a:1d:8b:1e:8c:64:32:2a:c6:5e:b0:7d:b9:8b:8d:
de:d0:02:5b:60:46:04:96:3f:f3:ba:4c:ce:50:c4:
7b:e6:30:fc:c0:e9:d0:a7:a5:68:15:38:37:f9:4b:
ed:00:f9:61:8c:17:60:cc:bb:a0:ff:4d:18:39:9a:
73:b1:12:d1:97:dd:b9:24:ee:3a:2f:3b:42:4a:6a:
35:c8:e8:ce:e1:dc:69:dc:34:f7:3d:c1:78:5b:5e:
9d:15:f6:57:6b:60:14:97:1d:6f:8e:76:89:e4:4c:
4a:95:19:61:8c:ef:e3:02:14:46:8b:3c:39:f7:af:
aa:93:c8:da:bb:32:90:9d:42:a5:79:99:f2:e8:e3:
17:e3:90:9c:5f:ca:c1:1f:b0:8e:fb:64:68:70:77:
19:ff:17:73:97:01:e5:4c:d7:46:8b:43:2b:84:02:
21:79:77:c6:ed:58:31:25:05:0d:ce:6e:fd:b3:32:
2e:a3:65:42:e3:76:18:9c:09:bb:b4:35:45:08:42:
01:b7:4e:01:21:e4:14:37:3c:3b:73:42:1c:19:2f:
e4:46:0e:8d:40:95:38:b2:4e:0f:48:28:31:c8:3b:
8d:c6:33:10:f0:90:62:a7:3b:ca:bc:39:fd:5d:f5:
ab:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D4:0B:01:21:AB:56:05:E9:A2:BA:CD:29:20:89:85:F7:CC:90:2F
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:50::/44
2a14:7580:9000::/36
2a14:7580:c000::/36
2a14:7580:f100::/40
2a14:7580:f400::-2a14:7580:faff:ffff:ffff:ffff:ffff:ffff
2a14:7580:ff00::/44
2a14:7580:ff30::/44
2a14:7581:f60::/44
2a14:7581:f90::-2a14:7581:fdf:ffff:ffff:ffff:ffff:ffff
2a14:7581:fe6::/48
2a14:7581:ff2::/48
2a14:7581:ff8::/48
2a14:7581:9b00::-2a14:7581:9cff:ffff:ffff:ffff:ffff:ffff
2a14:7581:9e00::-2a14:7581:9f1f:ffff:ffff:ffff:ffff:ffff
2a14:7582::/31
2a14:7584:1000::/36
2a14:7584:6000::/36
2a14:7586::/31
Signature Algorithm: sha256WithRSAEncryption
42:6b:44:26:8b:c4:0b:f4:32:37:5d:c8:99:c6:73:3f:b5:e6:
32:24:15:fb:12:25:c6:ba:db:12:61:9d:c8:da:2a:47:a2:ce:
e3:85:29:09:5a:3c:d5:d5:47:1c:a7:94:b6:c7:0c:62:f7:22:
fb:e6:42:91:3a:39:d1:81:47:09:c2:a5:ce:75:eb:3e:35:e1:
fa:83:0f:05:d7:d5:14:19:12:83:83:a5:8a:44:67:00:94:aa:
b2:a7:e6:78:b0:c8:91:e5:e8:89:00:61:aa:f3:8c:52:28:97:
24:22:9b:ba:48:a4:eb:1c:09:4b:89:b5:33:f9:3d:bf:86:ee:
42:9a:d1:75:79:93:ac:84:a8:65:06:3e:a1:41:e8:b0:4a:e9:
52:2c:b2:da:c1:cd:ca:4b:9d:b3:bc:db:a6:84:e7:de:3a:4a:
ef:e8:39:fa:ae:c4:eb:7e:2d:0a:ce:a9:e1:27:07:9f:f9:f7:
a2:3f:bf:8d:38:d4:be:48:c2:67:5c:a8:50:0c:6a:dc:23:20:
56:eb:17:7e:e8:3d:f0:87:47:f0:a0:0e:dd:d0:61:6d:07:97:
bc:73:c8:45:f5:2e:ec:d1:09:c9:81:c4:84:a0:0f:48:5c:10:
82:2b:14:60:03:20:ad:90:d1:dc:f8:d3:31:40:c3:74:76:32:
15:b7:d3:40
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUQ1L4LeTGxWtASpOHXrUp7U5RMpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTExMDQxMTQ5NThaFw0yNjExMDMxMTU0NThaMDMxMTAvBgNV
BAMTKEQxRDQwQjAxMjFBQjU2MDVFOUEyQkFDRDI5MjA4OTg1RjdDQzkwMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVXEkGHkS7GSYyYqZ8lxodix6M
ZDIqxl6wfbmLjd7QAltgRgSWP/O6TM5QxHvmMPzA6dCnpWgVODf5S+0A+WGMF2DM
u6D/TRg5mnOxEtGX3bkk7jovO0JKajXI6M7h3GncNPc9wXhbXp0V9ldrYBSXHW+O
donkTEqVGWGM7+MCFEaLPDn3r6qTyNq7MpCdQqV5mfLo4xfjkJxfysEfsI77ZGhw
dxn/F3OXAeVM10aLQyuEAiF5d8btWDElBQ3Obv2zMi6jZULjdhicCbu0NUUIQgG3
TgEh5BQ3PDtzQhwZL+RGDo1AlTiyTg9IKDHIO43GMxDwkGKnO8q8Of1d9attAgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQU0dQLASGrVgXporrNKSCJhffMkC8wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCB6wYIKwYBBQUHAQcBAf8EgdswgdgwDAQCAAEwBgMEAMGWKDCB
xwQCAAIwgcADBwQqFHWAAFADBgQqFHWAkAMGBCoUdYDAAwYAKhR1gPEwEAMGAioU
dYD0AwYAKhR1gPoDBwQqFHWA/wADBwQqFHWA/zADBwQqFHWBD2AwEgMHBCoUdYEP
kAMHBSoUdYEPwAMHACoUdYEP5gMHACoUdYEP8gMHACoUdYEP+DAQAwYAKhR1gZsD
BgAqFHWBnDARAwYBKhR1gZ4DBwUqFHWBnwADBQEqFHWCAwYEKhR1hBADBgQqFHWE
YAMFASoUdYYwDQYJKoZIhvcNAQELBQADggEBAEJrRCaLxAv0MjddyJnGcz+15jIk
FfsSJca62xJhncjaKkeizuOFKQlaPNXVRxynlLbHDGL3IvvmQpE6OdGBRwnCpc51
6z414fqDDwXX1RQZEoODpYpEZwCUqrKn5niwyJHl6IkAYarzjFIolyQim7pIpOsc
CUuJtTP5Pb+G7kKa0XV5k6yEqGUGPqFB6LBK6VIsstrBzcpLnbO826aE5946Su/o
OfquxOt+LQrOqeEnB5/596I/v4041L5IwmdcqFAMatwjIFbrF37oPfCHR/CgDt3Q
YW0Hl7xzyEX1LuzRCcmBxISgD0hcEIIrFGADIK2Q0dz40zFAw3R2MhW300A=
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:01:47 2025 by rpki-client