Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS216052.roa
File: AS216052.roa (raw, json)
Hash identifier: irFLC3rGtWelUNOR/DnJD55ZJdz8F5fntrR1t+LlwTw=
Subject key identifier: FD:43:CD:E4:CB:9B:9A:7C:31:25:00:D5:22:F1:BC:8D:4A:15:4A:02
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: DDCA28F21F1181A32051E92B4038AB9CA2EB5B
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS216052.roa
Signing time: Sat 26 Apr 2025 03:08:29 +0000
ROA not before: Sat 26 Apr 2025 03:03:29 +0000
ROA not after: Sat 25 Apr 2026 03:08:29 +0000
asID: 216052
IP address blocks: 2a14:7581::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
dd:ca:28:f2:1f:11:81:a3:20:51:e9:2b:40:38:ab:9c:a2:eb:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 26 03:03:29 2025 GMT
Not After : Apr 25 03:08:29 2026 GMT
Subject: CN=FD43CDE4CB9B9A7C312500D522F1BC8D4A154A02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5e:4d:3e:f3:31:05:2c:63:f6:b4:17:d8:af:
0a:62:54:0e:5d:71:43:40:46:24:47:4f:3c:7a:fa:
af:b7:85:e0:73:09:86:85:17:32:22:09:23:f1:20:
b2:e2:dc:5b:b7:bf:9b:32:5a:8f:e6:34:5b:72:09:
71:58:c9:ed:3a:de:c9:38:4a:2c:4b:2c:64:4f:5b:
39:51:48:b6:d9:86:51:29:e8:97:3a:cf:c0:c8:95:
08:17:d6:7a:ad:21:9a:95:92:74:62:69:d9:d0:ec:
3e:6a:6c:78:4a:b1:db:46:ab:2d:6a:25:b4:96:fd:
69:5a:25:b2:41:ba:de:8b:ab:4a:ce:83:ca:c9:18:
9a:1a:8c:51:10:e3:92:6e:32:41:c1:da:09:15:54:
98:e0:1a:91:3c:0a:63:6f:6e:e5:f4:90:42:5b:92:
54:fb:da:b7:fc:e6:32:3b:86:c4:55:43:90:cc:a3:
5d:f1:b2:e5:08:54:39:1d:df:70:5a:24:16:2e:f9:
f4:ac:07:ad:e3:45:a1:a8:5f:16:5a:0f:27:8d:0c:
97:32:91:a9:4b:eb:7a:18:3f:66:f0:b3:b4:ce:fc:
dc:2b:28:8d:e4:a1:11:79:04:a8:b9:ec:3b:a6:aa:
6c:a1:31:cb:9b:ed:c9:d0:c0:3d:bd:dc:76:46:ee:
4c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:43:CD:E4:CB:9B:9A:7C:31:25:00:D5:22:F1:BC:8D:4A:15:4A:02
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS216052.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581::/40
Signature Algorithm: sha256WithRSAEncryption
01:28:1a:7f:c7:a5:05:8f:f0:67:4e:ac:b7:ea:68:30:af:58:
cb:c2:89:fa:d8:da:d6:30:0f:c3:77:0c:f0:47:ee:a5:d8:10:
4e:69:10:3d:6c:14:83:2f:4f:3b:a4:3e:0b:63:fe:bc:40:fe:
ee:1b:ed:c4:d2:53:e6:a7:be:81:dc:1b:78:f3:88:8e:a6:85:
d0:15:ad:16:54:38:e5:ac:53:88:95:b8:a8:69:68:b1:7b:b8:
fa:94:3b:05:79:c5:37:93:66:9b:d1:ea:7a:51:5b:3b:83:a2:
1e:b1:d0:f4:be:60:5f:cc:7f:86:39:86:05:b1:b8:75:46:83:
02:3c:f4:44:6f:40:ab:1f:74:6c:24:fd:5a:03:5d:31:c7:7c:
0e:81:99:ab:34:0a:00:c4:c3:3d:8b:71:20:2a:7a:4d:4d:34:
f0:7a:20:56:ed:c5:63:ce:39:b3:c5:af:8a:5d:0a:4c:e3:ff:
ea:26:06:8d:61:be:2a:d2:4f:7c:79:66:14:5e:bb:dd:ee:fb:
d9:92:2a:bb:18:11:ce:eb:f2:46:2d:ee:76:fb:1a:d4:7a:0b:
70:7b:f4:7d:61:27:65:e0:54:0e:13:35:98:4c:23:97:f6:b9:
38:27:22:ac:f8:73:a9:48:f6:3e:c4:c1:92:14:5b:22:83:28:
1d:ca:29:5c
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUAN3KKPIfEYGjIFHpK0A4q5yi61swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA0MjYwMzAzMjlaFw0yNjA0MjUwMzA4MjlaMDMxMTAvBgNV
BAMTKEZENDNDREU0Q0I5QjlBN0MzMTI1MDBENTIyRjFCQzhENEExNTRBMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUXk0+8zEFLGP2tBfYrwpiVA5d
cUNARiRHTzx6+q+3heBzCYaFFzIiCSPxILLi3Fu3v5syWo/mNFtyCXFYye063sk4
SixLLGRPWzlRSLbZhlEp6Jc6z8DIlQgX1nqtIZqVknRiadnQ7D5qbHhKsdtGqy1q
JbSW/WlaJbJBut6Lq0rOg8rJGJoajFEQ45JuMkHB2gkVVJjgGpE8CmNvbuX0kEJb
klT72rf85jI7hsRVQ5DMo13xsuUIVDkd33BaJBYu+fSsB63jRaGoXxZaDyeNDJcy
kalL63oYP2bws7TO/NwrKI3koRF5BKi57DumqmyhMcub7cnQwD293HZG7kwJAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU/UPN5MubmnwxJQDVIvG8jUoVSgIwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE2MDUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1
gQAwDQYJKoZIhvcNAQELBQADggEBAAEoGn/HpQWP8GdOrLfqaDCvWMvCifrY2tYw
D8N3DPBH7qXYEE5pED1sFIMvTzukPgtj/rxA/u4b7cTSU+anvoHcG3jziI6mhdAV
rRZUOOWsU4iVuKhpaLF7uPqUOwV5xTeTZpvR6npRWzuDoh6x0PS+YF/Mf4Y5hgWx
uHVGgwI89ERvQKsfdGwk/VoDXTHHfA6Bmas0CgDEwz2LcSAqek1NNPB6IFbtxWPO
ObPFr4pdCkzj/+omBo1hvirST3x5ZhReu93u+9mSKrsYEc7r8kYt7nb7GtR6C3B7
9H1hJ2XgVA4TNZhMI5f2uTgnIqz4c6lI9j7EwZIUWyKDKB3KKVw=
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:33:43 2025 by rpki-client