Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS52041.roa
File: AS52041.roa (raw, json)
Hash identifier: F669wyHxvtsX4aDiPLzCTnVtQ6EoUbuFARaE0MN+NJo=
Subject key identifier: B2:96:FA:54:1C:22:C4:1F:4F:21:4B:6C:F7:76:C4:A5:35:CD:1D:BD
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 13D4BDE558245BD2703D126DC87C09E7F089BA58
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS52041.roa
Signing time: Mon 03 Nov 2025 10:42:55 +0000
ROA not before: Mon 03 Nov 2025 10:37:55 +0000
ROA not after: Mon 02 Nov 2026 10:42:55 +0000
asID: 52041
IP address blocks: 141.98.48.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:d4:bd:e5:58:24:5b:d2:70:3d:12:6d:c8:7c:09:e7:f0:89:ba:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Nov 3 10:37:55 2025 GMT
Not After : Nov 2 10:42:55 2026 GMT
Subject: CN=B296FA541C22C41F4F214B6CF776C4A535CD1DBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1b:be:cb:7c:6a:fa:86:12:45:bc:b8:26:3b:
84:0f:3a:d7:31:8b:fa:62:18:cb:46:ec:68:0d:8d:
fa:fa:11:78:fa:eb:5d:a1:21:5e:57:ca:8f:d9:66:
49:30:95:a3:fe:11:8e:b0:69:6c:df:d6:0c:3f:c9:
a5:d9:14:cd:97:6c:d8:28:4d:a6:69:60:e7:6e:7d:
08:b0:a5:02:27:a7:da:c1:99:5f:f4:0f:3b:b7:a8:
82:ce:a1:45:bc:61:5d:a9:cc:2a:4d:82:af:60:a0:
71:d5:46:61:08:95:69:ff:6a:29:8e:4f:9c:64:cc:
35:45:c7:dd:4b:4c:ea:8c:d7:62:dc:dc:49:2a:88:
85:23:99:0f:bc:35:9b:c1:ab:5c:dc:72:b6:28:92:
6d:05:c5:39:d9:c7:40:2b:59:15:39:cb:e6:e8:a0:
63:38:77:3b:86:21:63:26:3a:a6:e5:0c:9b:bc:1c:
7d:c6:3e:51:6a:3f:de:10:42:0b:07:a9:53:3f:82:
75:69:ed:9c:d8:2e:fb:0d:4f:10:9c:5e:ca:f8:8d:
36:a2:21:80:90:57:96:c9:38:3d:c2:61:62:22:83:
57:52:c9:6c:dd:10:ee:01:38:2b:f4:7b:51:1f:1c:
7b:59:93:df:74:b3:e7:92:90:df:9a:2b:88:28:f3:
5e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:96:FA:54:1C:22:C4:1F:4F:21:4B:6C:F7:76:C4:A5:35:CD:1D:BD
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS52041.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.48.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:c5:b3:4d:e6:09:4c:9e:58:86:e9:93:87:d2:29:79:f1:33:
f3:4b:83:21:7e:03:6c:9e:66:ef:65:23:70:8b:e8:b6:36:a7:
4e:d3:8d:7a:a6:a6:88:05:49:4d:83:5b:3f:b7:ca:72:0d:cb:
92:f6:a2:65:f5:ea:2b:4f:ac:da:d8:bf:a5:a7:9d:6c:4b:2e:
72:b4:15:45:54:fe:14:00:53:17:17:db:6d:6e:00:d6:2a:e6:
b8:fa:aa:93:95:58:f8:d1:4a:50:77:ca:ef:eb:eb:f1:3e:c3:
b2:ab:c3:bd:5e:68:2e:e9:b7:44:5c:8e:99:83:7c:81:95:a0:
ae:02:e0:5e:f7:58:8f:5b:7c:6b:b4:29:58:9f:ca:36:43:14:
8d:64:c2:b0:9a:13:c9:e7:7a:f6:66:de:6e:87:61:25:04:57:
0f:75:cb:59:f8:0d:9a:d3:96:13:ef:20:ed:f6:9b:b3:8c:8e:
15:20:6c:d4:0d:c9:7e:03:30:9b:da:b7:e5:3f:bb:31:bd:f2:
8c:f5:a7:70:ad:21:a2:cf:58:03:5c:b3:30:c6:79:1c:eb:1b:
6d:f4:73:f8:69:f7:1e:da:46:f3:34:f8:71:08:04:4e:a5:28:
27:6a:4e:7e:c5:66:58:79:75:68:e2:f5:e7:8a:fa:76:16:8b:
4e:0a:5c:da
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUE9S95VgkW9JwPRJtyHwJ5/CJulgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTExMDMxMDM3NTVaFw0yNjExMDIxMDQyNTVaMDMxMTAvBgNV
BAMTKEIyOTZGQTU0MUMyMkM0MUY0RjIxNEI2Q0Y3NzZDNEE1MzVDRDFEQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEG77LfGr6hhJFvLgmO4QPOtcx
i/piGMtG7GgNjfr6EXj6612hIV5Xyo/ZZkkwlaP+EY6waWzf1gw/yaXZFM2XbNgo
TaZpYOdufQiwpQInp9rBmV/0Dzu3qILOoUW8YV2pzCpNgq9goHHVRmEIlWn/aimO
T5xkzDVFx91LTOqM12Lc3EkqiIUjmQ+8NZvBq1zccrYokm0FxTnZx0ArWRU5y+bo
oGM4dzuGIWMmOqblDJu8HH3GPlFqP94QQgsHqVM/gnVp7ZzYLvsNTxCcXsr4jTai
IYCQV5bJOD3CYWIig1dSyWzdEO4BOCv0e1EfHHtZk990s+eSkN+aK4go815nAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUspb6VBwixB9PIUts93bEpTXNHb0wHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNTIwNDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKNYjAw
DQYJKoZIhvcNAQELBQADggEBAAvFs03mCUyeWIbpk4fSKXnxM/NLgyF+A2yeZu9l
I3CL6LY2p07TjXqmpogFSU2DWz+3ynINy5L2omX16itPrNrYv6WnnWxLLnK0FUVU
/hQAUxcX221uANYq5rj6qpOVWPjRSlB3yu/r6/E+w7Krw71eaC7pt0RcjpmDfIGV
oK4C4F73WI9bfGu0KVifyjZDFI1kwrCaE8nnevZm3m6HYSUEVw91y1n4DZrTlhPv
IO32m7OMjhUgbNQNyX4DMJvat+U/uzG98oz1p3CtIaLPWANcszDGeRzrG230c/hp
9x7aRvM0+HEIBE6lKCdqTn7FZlh5dWji9eeK+nYWi04KXNo=
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:29:22 2025 by rpki-client