Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
File: AS43641.roa (raw, json)
Hash identifier: Iaxt92z9ZFS0Qr/jzmIwdDszORtbdxw9wGF9j427aMg=
Subject key identifier: 6B:64:F3:B4:05:A6:61:F4:E3:0D:82:1A:6B:47:B7:F5:EC:B5:A1:82
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 76432F5411C673BD36620A12D7AF188550376B5A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
Signing time: Thu 26 Jun 2025 10:09:19 +0000
ROA not before: Thu 26 Jun 2025 10:04:19 +0000
ROA not after: Thu 25 Jun 2026 10:09:19 +0000
asID: 43641
IP address blocks: 2.57.20.0/23 maxlen: 24
181.215.31.0/24 maxlen: 24
181.215.55.0/24 maxlen: 24
181.215.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:43:2f:54:11:c6:73:bd:36:62:0a:12:d7:af:18:85:50:37:6b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 26 10:04:19 2025 GMT
Not After : Jun 25 10:09:19 2026 GMT
Subject: CN=6B64F3B405A661F4E30D821A6B47B7F5ECB5A182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f7:56:53:18:1e:3b:22:ae:3f:29:90:cf:f1:
f1:95:ed:90:e7:ec:4c:cc:3e:29:7d:43:2b:b5:1c:
92:f3:48:62:21:a5:9a:7f:45:f0:33:62:df:a7:0d:
0b:71:f3:a0:45:13:1f:e4:3d:c5:82:bf:2a:b8:9e:
6f:fa:ce:2c:cc:f7:a9:32:80:ea:63:58:74:82:6b:
9e:ba:5b:f0:a8:af:1e:75:77:54:7d:a8:c8:2c:38:
74:d7:6d:94:d7:4d:00:79:90:94:2a:9c:4d:8b:7b:
d5:22:9e:81:9b:36:a3:b4:29:be:93:90:94:4c:e7:
dc:4a:3f:71:3d:a3:dc:35:d5:c3:83:d2:a5:4c:68:
8c:aa:eb:b4:4d:6e:ad:fb:fa:4f:e5:22:47:3d:c1:
13:fa:d9:6a:6d:ab:9c:38:fa:86:00:e3:aa:c3:1e:
b4:75:b9:48:d5:50:15:f2:f5:ae:6f:0a:53:13:01:
90:d1:be:41:b9:70:db:13:f1:9d:4f:9f:bb:d1:7b:
b4:af:4f:04:8b:c5:6a:2c:4e:2c:e6:69:0f:6d:b4:
d5:c9:ea:d6:15:47:74:ba:8a:fb:2c:c7:28:c8:79:
55:01:ab:e1:d5:ce:67:0a:60:d8:1b:10:0a:77:c0:
8a:a0:f1:f3:0f:15:2d:96:5d:48:fb:8f:1b:64:04:
b1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:64:F3:B4:05:A6:61:F4:E3:0D:82:1A:6B:47:B7:F5:EC:B5:A1:82
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.20.0/23
181.215.31.0/24
181.215.55.0/24
181.215.62.0/24
Signature Algorithm: sha256WithRSAEncryption
74:86:50:30:a3:3e:f7:e5:c2:52:e0:06:23:02:66:fd:2f:4d:
58:d5:c3:df:42:7d:f5:f5:02:72:4d:1f:d5:95:ca:d2:a1:68:
93:a3:17:ca:00:e0:47:ef:89:88:d2:2e:1a:82:ae:5b:4d:ee:
e6:b8:8f:37:f4:b3:05:18:fe:2e:a8:cd:14:d5:2e:a7:6b:7c:
51:f1:ec:86:03:30:9f:f4:24:74:63:34:aa:83:3c:85:cb:f2:
c5:88:56:58:dd:89:01:42:4e:dd:39:c9:6d:6f:8c:d2:56:52:
a7:38:83:38:24:9c:26:42:f1:6a:7a:44:75:b8:fa:68:2a:9c:
80:94:7b:42:05:7f:aa:91:f5:27:bb:8d:08:80:24:0f:81:98:
1e:e3:fc:fd:43:dc:47:71:8c:5b:ea:55:19:78:b4:f7:10:d4:
ce:c2:a9:a4:71:98:04:44:15:ac:c9:b7:0c:9c:cd:af:52:8b:
24:82:f7:05:c9:c7:93:33:9b:57:fa:b2:c1:0a:84:be:97:7e:
0a:0e:cb:f2:5a:03:3d:fe:75:e0:ef:c4:cb:58:5a:99:65:31:
e0:ca:a0:ab:d2:b2:9c:10:03:6e:71:5b:e6:b8:01:48:04:6a:
0e:17:c5:dc:53:28:70:14:2d:ff:21:f4:8d:48:05:53:34:fb:
71:6a:8d:b0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUdkMvVBHGc702YgoS168YhVA3a1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MjYxMDA0MTlaFw0yNjA2MjUxMDA5MTlaMDMxMTAvBgNV
BAMTKDZCNjRGM0I0MDVBNjYxRjRFMzBEODIxQTZCNDdCN0Y1RUNCNUExODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW91ZTGB47Iq4/KZDP8fGV7ZDn
7EzMPil9Qyu1HJLzSGIhpZp/RfAzYt+nDQtx86BFEx/kPcWCvyq4nm/6zizM96ky
gOpjWHSCa566W/Corx51d1R9qMgsOHTXbZTXTQB5kJQqnE2Le9UinoGbNqO0Kb6T
kJRM59xKP3E9o9w11cOD0qVMaIyq67RNbq37+k/lIkc9wRP62Wptq5w4+oYA46rD
HrR1uUjVUBXy9a5vClMTAZDRvkG5cNsT8Z1Pn7vRe7SvTwSLxWosTizmaQ9ttNXJ
6tYVR3S6ivssxyjIeVUBq+HVzmcKYNgbEAp3wIqg8fMPFS2WXUj7jxtkBLEdAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUa2TztAWmYfTjDYIaa0e39ey1oYIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDM2NDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAECORQD
BAC11x8DBAC11zcDBAC11z4wDQYJKoZIhvcNAQELBQADggEBAHSGUDCjPvflwlLg
BiMCZv0vTVjVw99CffX1AnJNH9WVytKhaJOjF8oA4EfviYjSLhqCrltN7ua4jzf0
swUY/i6ozRTVLqdrfFHx7IYDMJ/0JHRjNKqDPIXL8sWIVljdiQFCTt05yW1vjNJW
Uqc4gzgknCZC8Wp6RHW4+mgqnICUe0IFf6qR9Se7jQiAJA+BmB7j/P1D3EdxjFvq
VRl4tPcQ1M7CqaRxmAREFazJtwycza9SiySC9wXJx5Mzm1f6ssEKhL6XfgoOy/Ja
Az3+deDvxMtYWpllMeDKoKvSspwQA25xW+a4AUgEag4XxdxTKHAULf8h9I1IBVM0
+3FqjbA=
-----END CERTIFICATE-----
Generated at Sat Jun 28 16:40:31 2025 by rpki-client