Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: OfkyOaQMVBxoaBhrHELE7RcbklasBOvOMin0MMVVMOU=
Subject key identifier: 87:EB:3E:AD:04:F8:9A:2E:DC:F0:26:E9:52:DB:60:B4:78:FC:91:FE
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 196EDC8239F25F53BB6CC561A3A0760A28630E5A
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Sat 28 Jun 2025 08:09:36 +0000
ROA not before: Sat 28 Jun 2025 08:04:36 +0000
ROA not after: Sat 27 Jun 2026 08:09:36 +0000
asID: 0
IP address blocks: 2a14:7580:7000::/36 maxlen: 48
2a14:7580:c000::/36 maxlen: 48
2a14:7581:f30::/44 maxlen: 48
2a14:7581:ffb::/48 maxlen: 48
2a14:7581:a000::/36 maxlen: 48
2a14:7582::/32 maxlen: 48
2a14:7583::/32 maxlen: 48
2a14:7586::/32 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:6e:dc:82:39:f2:5f:53:bb:6c:c5:61:a3:a0:76:0a:28:63:0e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 28 08:04:36 2025 GMT
Not After : Jun 27 08:09:36 2026 GMT
Subject: CN=87EB3EAD04F89A2EDCF026E952DB60B478FC91FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:72:92:cf:37:8a:79:e7:bb:9b:bf:ec:68:ab:
51:f3:10:57:a8:b6:a2:64:60:bc:04:4f:80:80:ed:
eb:5e:11:9e:e7:d7:d3:e9:33:38:a0:23:1c:b0:d0:
76:14:9f:0e:ac:34:18:ca:33:31:bc:c6:cb:fe:5b:
93:16:ff:aa:12:2d:98:5c:22:fa:3d:dd:d4:e4:93:
31:87:6f:9a:09:2a:08:64:ef:b1:97:df:18:6c:51:
ee:f1:52:b9:f5:fa:7c:50:73:85:e8:37:8e:8b:fb:
7f:3b:cd:60:32:c0:ce:38:3d:a7:a8:d5:56:87:28:
10:9e:ca:d5:b1:00:c2:f6:cd:dc:0d:8e:ed:9d:13:
06:f4:4a:a9:16:ad:1c:5c:06:1a:4e:31:c6:83:51:
92:b2:91:29:54:7c:0f:27:b5:1e:f9:42:31:dc:43:
96:65:21:c4:72:cf:4d:d7:13:21:f8:70:65:4a:c3:
b1:84:44:67:1f:fd:95:72:ba:65:86:b5:fc:ec:39:
1d:8e:a8:4a:8b:ff:3e:53:88:43:13:a9:69:e9:2c:
f3:cc:d2:94:2c:2d:4f:fb:88:2e:77:1f:a1:76:73:
d7:a4:e9:eb:c6:4b:41:e8:66:a7:88:c7:e6:c6:96:
ad:a5:2c:6a:e1:b5:18:02:e7:70:de:44:48:9f:8c:
84:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EB:3E:AD:04:F8:9A:2E:DC:F0:26:E9:52:DB:60:B4:78:FC:91:FE
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:7000::/36
2a14:7580:c000::/36
2a14:7581:f30::/44
2a14:7581:ffb::/48
2a14:7581:a000::/36
2a14:7582::/31
2a14:7586::/31
Signature Algorithm: sha256WithRSAEncryption
4a:36:43:a7:95:ba:25:de:b5:92:e5:0f:67:08:1f:a4:36:64:
ea:ea:60:6a:91:cc:23:4f:2a:f8:75:de:d6:c4:6b:fa:e1:ed:
3b:da:1a:90:94:df:d4:d7:21:c4:0f:a5:7d:e4:c9:1b:74:fb:
1f:fb:b1:af:a6:16:77:b6:da:62:95:b0:86:a3:b6:f6:68:02:
cf:fc:86:c5:13:32:3f:ee:f9:4d:c1:23:0e:07:36:6e:f0:bd:
bc:54:90:5d:18:8d:74:e4:c0:7e:aa:70:5a:53:86:7c:2f:54:
b3:94:c9:3c:15:45:86:a5:ce:d4:eb:64:ba:ca:90:ca:c7:ca:
48:07:49:2e:ca:1e:0d:2b:8d:b0:c8:eb:45:c6:b9:eb:6d:ca:
e2:06:21:43:f6:4a:26:48:fa:bb:f0:7d:84:fd:e4:77:bf:4d:
54:e2:87:cf:15:ba:bc:57:c8:ee:85:37:15:a4:2c:ad:be:be:
85:27:cd:61:ed:9b:df:54:4b:63:92:d2:72:16:9d:48:37:1b:
49:30:b0:eb:86:49:e6:d7:2f:71:d0:ab:c4:e3:93:4d:03:65:
f9:db:df:d2:db:19:e1:e6:ab:d0:eb:22:e9:81:fd:65:80:a9:
ac:de:9f:91:52:fb:71:9d:a5:36:73:49:2d:38:0a:3d:74:4d:
e8:5b:d4:40
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUGW7cgjnyX1O7bMVho6B2CihjDlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA2MjgwODA0MzZaFw0yNjA2MjcwODA5MzZaMDMxMTAvBgNV
BAMTKDg3RUIzRUFEMDRGODlBMkVEQ0YwMjZFOTUyREI2MEI0NzhGQzkxRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRcpLPN4p557ubv+xoq1HzEFeo
tqJkYLwET4CA7eteEZ7n19PpMzigIxyw0HYUnw6sNBjKMzG8xsv+W5MW/6oSLZhc
Ivo93dTkkzGHb5oJKghk77GX3xhsUe7xUrn1+nxQc4XoN46L+387zWAywM44Paeo
1VaHKBCeytWxAML2zdwNju2dEwb0SqkWrRxcBhpOMcaDUZKykSlUfA8ntR75QjHc
Q5ZlIcRyz03XEyH4cGVKw7GERGcf/ZVyumWGtfzsOR2OqEqL/z5TiEMTqWnpLPPM
0pQsLU/7iC53H6F2c9ek6evGS0HoZqeIx+bGlq2lLGrhtRgC53DeREifjIQnAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUh+s+rQT4mi7c8CbpUttgtHj8kf4wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBRBggrBgEFBQcBBwEB/wRCMEAwPgQCAAIwOAMGBCoUdYBwAwYE
KhR1gMADBwQqFHWBDzADBwAqFHWBD/sDBgQqFHWBoAMFASoUdYIDBQEqFHWGMA0G
CSqGSIb3DQEBCwUAA4IBAQBKNkOnlbol3rWS5Q9nCB+kNmTq6mBqkcwjTyr4dd7W
xGv64e072hqQlN/U1yHED6V95MkbdPsf+7GvphZ3ttpilbCGo7b2aALP/IbFEzI/
7vlNwSMOBzZu8L28VJBdGI105MB+qnBaU4Z8L1SzlMk8FUWGpc7U62S6ypDKx8pI
B0kuyh4NK42wyOtFxrnrbcriBiFD9komSPq78H2E/eR3v01U4ofPFbq8V8juhTcV
pCytvr6FJ81h7ZvfVEtjktJyFp1INxtJMLDrhknm1y9x0KvE45NNA2X529/S2xnh
5qvQ6yLpgf1lgKms3p+RUvtxnaU2c0ktOAo9dE3oW9RA
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:23 2025 by rpki-client