Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS401103.roa
File: AS401103.roa (raw, json)
Hash identifier: prf5CLEmduauqYL7idD8No1UzDyDhbifh38khGCDEXI=
Subject key identifier: 5E:80:0A:D0:BB:F3:DB:E9:FC:D7:6B:6A:A7:2A:58:7D:D3:43:F4:84
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5528780C75DD9FF8AAA0AE812749B0687D440E03
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS401103.roa
Signing time: Thu 01 May 2025 13:54:04 +0000
ROA not before: Thu 01 May 2025 13:49:04 +0000
ROA not after: Thu 30 Apr 2026 13:54:04 +0000
asID: 401103
IP address blocks: 146.103.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 03:40:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:28:78:0c:75:dd:9f:f8:aa:a0:ae:81:27:49:b0:68:7d:44:0e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 1 13:49:04 2025 GMT
Not After : Apr 30 13:54:04 2026 GMT
Subject: CN=5E800AD0BBF3DBE9FCD76B6AA72A587DD343F484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0a:62:05:06:1f:03:39:85:61:26:d4:32:d1:
36:2c:99:e2:51:12:26:1f:b5:f1:44:6f:fd:18:0f:
8b:34:c6:7e:06:50:36:88:79:8d:0d:6f:5e:1a:d4:
d4:c9:24:f3:e0:e4:4b:e6:e5:ee:08:2b:4c:97:fa:
9b:95:ca:3c:33:7f:2e:db:20:71:eb:81:dd:a8:db:
8c:10:da:7d:ec:a1:3a:fa:2a:7b:46:ce:f7:5b:90:
79:58:b2:4f:52:8b:3a:67:44:5a:8d:fe:e6:ac:dd:
1b:9b:34:34:06:d3:b2:85:ab:de:1f:c6:c8:3d:98:
40:98:55:0b:8b:1b:f9:bd:fe:33:3f:cb:7d:bd:c6:
99:59:20:1d:ce:bd:86:6d:e8:db:9f:01:5b:47:99:
91:39:d0:0e:69:2b:70:fb:78:c1:da:88:ba:b6:77:
5b:62:2e:af:4b:81:06:3a:b6:af:43:17:66:5b:7c:
3f:a7:78:94:cb:0a:f6:2a:c3:4d:01:01:74:e8:ca:
c4:4c:df:1e:39:d5:9c:b5:25:b5:ea:08:34:ee:a8:
ea:47:16:ea:4d:98:e7:1a:25:4c:8d:a3:67:17:72:
c3:89:e5:88:00:b4:ff:7f:b6:98:5d:65:44:e2:2e:
18:2b:85:dc:13:19:a5:d7:3a:f0:11:81:39:7d:ed:
78:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:80:0A:D0:BB:F3:DB:E9:FC:D7:6B:6A:A7:2A:58:7D:D3:43:F4:84
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS401103.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.58.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:8e:e1:66:f1:b1:05:6e:d9:fa:45:6f:be:3e:3e:65:8e:da:
ac:80:b2:86:d9:46:fc:c8:b3:6f:29:a8:bf:a6:09:37:2d:d5:
55:b6:41:fd:70:bf:f8:5e:a5:86:80:e5:74:55:73:2d:a3:dc:
17:75:26:84:37:31:69:71:fa:7f:2e:44:d3:74:93:5a:20:f2:
8d:4a:b6:e5:47:88:93:f8:15:0c:09:19:51:40:c1:d0:d6:58:
93:2d:cf:d4:7f:f8:79:58:09:10:22:42:cd:01:d9:99:00:c5:
ad:92:94:fe:eb:8a:d2:79:37:27:7d:e6:31:d9:02:71:78:60:
a5:4c:6b:92:5c:ee:04:13:4e:cb:49:cf:ab:fa:01:72:8f:9b:
ca:7b:01:81:05:03:2f:99:e5:d9:4e:11:e2:40:19:ab:7c:5d:
eb:f3:e7:b9:e5:ef:5b:57:5f:43:c6:c6:d4:a2:00:da:0e:a2:
76:49:5c:6b:44:2a:d7:4e:ad:83:8c:40:9e:cf:ed:34:06:43:
49:e4:f4:00:7f:57:bb:e0:91:ec:ab:69:13:56:9a:37:77:b5:
d8:58:37:d1:7c:2b:50:23:60:0f:ab:df:b1:61:a4:35:76:17:
4f:07:d7:3a:fb:bb:2b:d9:fe:c0:31:00:22:83:c9:9e:34:61:
63:92:89:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVSh4DHXdn/iqoK6BJ0mwaH1EDgMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDExMzQ5MDRaFw0yNjA0MzAxMzU0MDRaMDMxMTAvBgNV
BAMTKDVFODAwQUQwQkJGM0RCRTlGQ0Q3NkI2QUE3MkE1ODdERDM0M0Y0ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZCmIFBh8DOYVhJtQy0TYsmeJR
EiYftfFEb/0YD4s0xn4GUDaIeY0Nb14a1NTJJPPg5Evm5e4IK0yX+puVyjwzfy7b
IHHrgd2o24wQ2n3soTr6KntGzvdbkHlYsk9SizpnRFqN/uas3RubNDQG07KFq94f
xsg9mECYVQuLG/m9/jM/y329xplZIB3OvYZt6NufAVtHmZE50A5pK3D7eMHaiLq2
d1tiLq9LgQY6tq9DF2ZbfD+neJTLCvYqw00BAXToysRM3x451Zy1JbXqCDTuqOpH
FupNmOcaJUyNo2cXcsOJ5YgAtP9/tphdZUTiLhgrhdwTGaXXOvARgTl97XivAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUXoAK0Lvz2+n812tqpypYfdND9IQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDAxMTAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkmc6
MA0GCSqGSIb3DQEBCwUAA4IBAQCijuFm8bEFbtn6RW++Pj5ljtqsgLKG2Ub8yLNv
Kai/pgk3LdVVtkH9cL/4XqWGgOV0VXMto9wXdSaENzFpcfp/LkTTdJNaIPKNSrbl
R4iT+BUMCRlRQMHQ1liTLc/Uf/h5WAkQIkLNAdmZAMWtkpT+64rSeTcnfeYx2QJx
eGClTGuSXO4EE07LSc+r+gFyj5vKewGBBQMvmeXZThHiQBmrfF3r8+e55e9bV19D
xsbUogDaDqJ2SVxrRCrXTq2DjECez+00BkNJ5PQAf1e74JHsq2kTVpo3d7XYWDfR
fCtQI2APq9+xYaQ1dhdPB9c6+7sr2f7AMQAig8meNGFjkomO
-----END CERTIFICATE-----
Generated at Fri May 9 11:22:44 2025 by rpki-client