Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS43260.roa
File: AS43260.roa (raw, json)
Hash identifier: NqOT57VjKAYzTumnR0DiXH7U6MpSsJcZzDXVmqIlO9g=
Subject key identifier: CA:76:62:C0:D0:7F:7F:9C:7C:4E:6E:42:76:BF:1D:CC:E2:AF:F9:5F
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 555011AE9D1034FE9F0A6A2C961B885784CED9C0
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS43260.roa
Signing time: Mon 03 Mar 2025 15:44:57 +0000
ROA not before: Mon 03 Mar 2025 15:39:57 +0000
ROA not after: Mon 02 Mar 2026 15:44:57 +0000
asID: 43260
IP address blocks: 93.190.8.0/24 maxlen: 24
93.190.10.0/24 maxlen: 24
93.190.11.0/24 maxlen: 24
185.254.52.0/24 maxlen: 24
193.17.4.0/24 maxlen: 24
193.17.5.0/24 maxlen: 24
193.17.6.0/24 maxlen: 24
193.17.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:50:11:ae:9d:10:34:fe:9f:0a:6a:2c:96:1b:88:57:84:ce:d9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Mar 3 15:39:57 2025 GMT
Not After : Mar 2 15:44:57 2026 GMT
Subject: CN=CA7662C0D07F7F9C7C4E6E4276BF1DCCE2AFF95F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3b:53:ad:52:5c:e3:63:22:7c:3e:61:76:22:
5f:6e:26:3d:d7:cf:ca:e5:27:41:82:b1:1b:d8:7a:
e2:3f:4e:cc:05:4e:eb:cc:c4:37:8f:fb:52:08:d7:
36:11:84:76:da:3f:3c:65:ef:12:2f:0d:12:90:6e:
7c:e0:60:a4:66:15:76:37:0b:fc:f4:7e:fa:b4:3f:
76:7a:02:86:ea:14:c9:d6:04:33:93:b6:5b:9a:79:
04:ce:c4:41:4f:38:5a:2d:20:ec:f3:86:11:c7:28:
dc:a9:a1:60:90:71:03:12:3d:33:e4:fa:76:c0:ec:
30:01:3d:71:36:df:32:8e:35:93:e3:d7:87:01:34:
80:fe:a8:1e:b3:f0:9b:70:e7:1a:34:72:04:b7:51:
b5:c6:df:c8:f7:2e:95:0e:69:9c:0b:e9:f4:20:74:
a6:aa:96:4e:86:67:91:cb:99:f0:e3:12:58:de:f8:
6e:30:e7:5c:73:a3:83:d3:20:80:f1:90:98:46:65:
9b:3e:47:8e:d7:a7:72:ee:9e:7a:e4:07:06:ba:03:
e2:8a:ee:8a:10:d9:42:9c:a7:4a:88:a0:2f:1d:8f:
fe:9d:f8:f7:a9:11:da:e4:7a:14:33:f7:58:8d:58:
27:3e:30:71:f7:aa:a3:64:75:d3:97:f9:95:e9:b0:
d8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:76:62:C0:D0:7F:7F:9C:7C:4E:6E:42:76:BF:1D:CC:E2:AF:F9:5F
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS43260.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.8.0/24
93.190.10.0/23
185.254.52.0/24
193.17.4.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:16:2b:72:a8:76:13:ed:bd:05:57:95:7b:2a:66:04:cc:2b:
7b:d2:ed:2c:a1:9a:a3:39:24:c5:59:84:c8:c6:67:b7:d2:af:
6f:49:9a:07:fa:de:df:c6:f9:b5:2c:33:1f:84:f3:20:d3:38:
da:1a:3a:66:83:c6:02:61:46:6f:25:1e:3d:47:e7:b3:40:dc:
bc:ca:d7:e9:d1:1a:63:61:ae:6b:c0:5b:e0:94:e5:4f:b5:44:
70:33:be:a7:dd:c6:56:5d:ee:0b:98:07:97:0f:f9:25:7f:b8:
9d:49:f5:ed:f6:50:61:80:79:d9:10:5f:ac:e1:6e:af:26:d9:
a3:74:1f:7c:a3:11:60:f4:e0:d7:fe:71:0b:61:98:3d:ba:0f:
70:2d:e4:31:0b:0c:37:e6:1e:6e:34:b3:76:c4:a7:2c:40:b3:
47:ec:54:34:0c:ac:e7:0e:25:84:77:94:88:9b:9b:07:cb:92:
68:80:0e:37:a2:77:d9:2f:f8:ea:01:dd:d3:73:3d:8b:e6:95:
a9:c7:e8:65:f2:0f:98:b1:84:ea:75:ab:f5:97:e6:df:fb:81:
e1:bc:8e:d8:3c:ca:44:28:20:b4:3b:66:02:5f:e7:74:2e:e2:
16:d0:15:13:1e:74:e5:a9:44:9b:fd:98:fe:64:fe:c9:d4:2c:
e2:5d:07:52
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUVVARrp0QNP6fCmoslhuIV4TO2cAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAzMDMxNTM5NTdaFw0yNjAzMDIxNTQ0NTdaMDMxMTAvBgNV
BAMTKENBNzY2MkMwRDA3RjdGOUM3QzRFNkU0Mjc2QkYxRENDRTJBRkY5NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBO1OtUlzjYyJ8PmF2Il9uJj3X
z8rlJ0GCsRvYeuI/TswFTuvMxDeP+1II1zYRhHbaPzxl7xIvDRKQbnzgYKRmFXY3
C/z0fvq0P3Z6AobqFMnWBDOTtluaeQTOxEFPOFotIOzzhhHHKNypoWCQcQMSPTPk
+nbA7DABPXE23zKONZPj14cBNID+qB6z8Jtw5xo0cgS3UbXG38j3LpUOaZwL6fQg
dKaqlk6GZ5HLmfDjElje+G4w51xzo4PTIIDxkJhGZZs+R47Xp3LunnrkBwa6A+KK
7ooQ2UKcp0qIoC8dj/6d+PepEdrkehQz91iNWCc+MHH3qqNkddOX+ZXpsNhhAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUynZiwNB/f5x8Tm5Cdr8dzOKv+V8wHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDMyNjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABdvggD
BAFdvgoDBAC5/jQDBALBEQQwDQYJKoZIhvcNAQELBQADggEBAIoWK3KodhPtvQVX
lXsqZgTMK3vS7SyhmqM5JMVZhMjGZ7fSr29Jmgf63t/G+bUsMx+E8yDTONoaOmaD
xgJhRm8lHj1H57NA3LzK1+nRGmNhrmvAW+CU5U+1RHAzvqfdxlZd7guYB5cP+SV/
uJ1J9e32UGGAedkQX6zhbq8m2aN0H3yjEWD04Nf+cQthmD26D3At5DELDDfmHm40
s3bEpyxAs0fsVDQMrOcOJYR3lIibmwfLkmiADjeid9kv+OoB3dNzPYvmlanH6GXy
D5ixhOp1q/WX5t/7geG8jtg8ykQoILQ7ZgJf53Qu4hbQFRMedOWpRJv9mP5k/snU
LOJdB1I=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:29:46 2025 by rpki-client