Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: AN9Kgk+L8A8bcdlP8RoA+YbMGUSYiaajnuubzlGpTX8=
Subject key identifier: D4:91:A2:C3:4F:90:BD:CB:11:6E:E9:7C:F5:F7:E1:1E:C9:7D:57:DB
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 545CEA7F50543C091CE62584D7E3F4A16752450C
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Sat 18 Oct 2025 07:02:25 +0000
ROA not before: Sat 18 Oct 2025 06:57:25 +0000
ROA not after: Sat 17 Oct 2026 07:02:25 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:9000::/36 maxlen: 48
2a14:7580:c000::/36 maxlen: 48
2a14:7580:f100::/40 maxlen: 48
2a14:7580:f400::/40 maxlen: 48
2a14:7580:ff30::/44 maxlen: 48
2a14:7581:f60::/44 maxlen: 48
2a14:7581:f90::/44 maxlen: 48
2a14:7581:fa0::/44 maxlen: 48
2a14:7581:fb0::/44 maxlen: 48
2a14:7581:fc0::/44 maxlen: 48
2a14:7581:fd0::/44 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:9b00::/40 maxlen: 48
2a14:7581:9c00::/40 maxlen: 48
2a14:7581:9e00::/40 maxlen: 48
2a14:7581:9f00::/44 maxlen: 48
2a14:7581:9f10::/44 maxlen: 48
2a14:7582::/32 maxlen: 48
2a14:7583::/32 maxlen: 32
2a14:7583:3000::/36 maxlen: 48
2a14:7583:4000::/36 maxlen: 48
2a14:7583:5000::/36 maxlen: 48
2a14:7584:1000::/36 maxlen: 48
2a14:7584:6000::/36 maxlen: 48
2a14:7586::/32 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:5c:ea:7f:50:54:3c:09:1c:e6:25:84:d7:e3:f4:a1:67:52:45:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Oct 18 06:57:25 2025 GMT
Not After : Oct 17 07:02:25 2026 GMT
Subject: CN=D491A2C34F90BDCB116EE97CF5F7E11EC97D57DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6a:89:d0:82:f3:b9:d5:62:c7:93:9a:25:3b:
3b:40:2b:62:4c:14:ef:08:cd:67:b4:c7:bb:47:13:
3f:41:be:a0:d7:ec:87:e5:aa:39:74:f7:0a:1d:13:
39:60:e9:0f:de:fd:68:4d:1f:c9:71:d1:82:58:ac:
6c:40:1b:58:07:b2:c9:62:f2:85:73:a7:e8:c2:2a:
3a:f1:ba:95:f6:58:dc:3f:13:21:ee:b9:41:22:f2:
0b:79:18:18:d4:47:ec:93:ff:e8:c9:21:ad:7b:8f:
73:4a:43:63:20:19:8f:95:d5:42:85:03:35:07:87:
5c:31:de:c0:17:86:4a:26:52:7d:31:e1:c9:12:c7:
ce:8b:26:0d:63:96:8f:37:25:e9:48:c4:70:77:d3:
e8:44:09:1d:43:7e:09:ca:e0:05:e3:cf:ff:8a:a1:
06:e8:e3:50:ba:1d:95:27:a8:ce:a2:00:38:cc:0e:
db:55:0f:91:4c:d2:18:c7:fa:cf:19:5f:3c:f9:0c:
38:6b:65:ad:7f:29:82:9f:89:40:5a:24:b5:4f:8d:
95:bf:37:0c:a7:25:b0:73:3a:d4:2d:85:c9:bc:f2:
b7:11:12:a0:dd:0d:55:a7:2a:fa:9c:62:39:36:3c:
1e:06:65:63:c5:b6:40:f7:41:e1:ee:b0:00:0e:e9:
77:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:91:A2:C3:4F:90:BD:CB:11:6E:E9:7C:F5:F7:E1:1E:C9:7D:57:DB
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:9000::/36
2a14:7580:c000::/36
2a14:7580:f100::/40
2a14:7580:f400::/40
2a14:7580:ff30::/44
2a14:7581:f60::/44
2a14:7581:f90::-2a14:7581:fdf:ffff:ffff:ffff:ffff:ffff
2a14:7581:fe6::/48
2a14:7581:9b00::-2a14:7581:9cff:ffff:ffff:ffff:ffff:ffff
2a14:7581:9e00::-2a14:7581:9f1f:ffff:ffff:ffff:ffff:ffff
2a14:7582::/31
2a14:7584:1000::/36
2a14:7584:6000::/36
2a14:7586::/31
Signature Algorithm: sha256WithRSAEncryption
8b:25:d4:73:53:97:c3:3b:2a:43:91:f9:ba:da:76:cd:ef:a8:
88:92:e9:d5:5b:1d:ed:0f:61:b0:fc:0e:08:df:03:5a:4d:2b:
4b:22:ba:f1:33:6a:1c:8f:8c:16:e9:d9:03:c7:61:25:41:d8:
83:0e:b8:ee:0d:07:05:7d:ed:58:1a:47:aa:a5:62:5e:4b:8d:
83:4f:7d:be:87:96:5b:aa:cb:1e:c2:71:f2:cb:34:25:90:74:
0b:0d:08:7b:6d:8e:16:50:e3:82:dc:6b:a7:44:b8:63:fa:fc:
a3:05:9a:25:c3:12:50:5e:46:6b:bb:b5:33:c8:80:3a:d1:d3:
96:19:3c:91:c0:18:25:0b:52:07:68:00:2c:8f:2b:f3:53:c8:
55:7a:bd:3e:17:96:65:57:26:40:0b:7a:45:7a:cd:94:76:52:
48:84:03:44:81:84:26:2f:eb:40:6f:3f:4c:cd:f9:a3:a4:2a:
87:ee:95:68:15:d9:e3:25:7a:22:f7:64:9b:cd:ca:1f:5d:54:
0d:e5:82:24:b2:08:42:92:3d:ea:72:8d:64:d8:ee:68:eb:51:
a5:45:f6:d7:86:05:d6:ef:ef:46:59:c0:f1:b4:39:9c:30:4b:
7c:66:b0:2c:46:15:70:dc:73:25:2e:16:53:15:ee:a6:75:ed:
53:88:19:6f
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIUVFzqf1BUPAkc5iWE1+P0oWdSRQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTEwMTgwNjU3MjVaFw0yNjEwMTcwNzAyMjVaMDMxMTAvBgNV
BAMTKEQ0OTFBMkMzNEY5MEJEQ0IxMTZFRTk3Q0Y1RjdFMTFFQzk3RDU3REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjaonQgvO51WLHk5olOztAK2JM
FO8IzWe0x7tHEz9BvqDX7Iflqjl09wodEzlg6Q/e/WhNH8lx0YJYrGxAG1gHssli
8oVzp+jCKjrxupX2WNw/EyHuuUEi8gt5GBjUR+yT/+jJIa17j3NKQ2MgGY+V1UKF
AzUHh1wx3sAXhkomUn0x4ckSx86LJg1jlo83JelIxHB30+hECR1DfgnK4AXjz/+K
oQbo41C6HZUnqM6iADjMDttVD5FM0hjH+s8ZXzz5DDhrZa1/KYKfiUBaJLVPjZW/
NwynJbBzOtQthcm88rcREqDdDVWnKvqcYjk2PB4GZWPFtkD3QeHusAAO6XclAgMB
AAGjggKkMIICoDAdBgNVHQ4EFgQU1JGiw0+QvcsRbul89ffhHsl9V9swHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCBvQYIKwYBBQUHAQcBAf8Ega0wgaowDAQCAAEwBgMEAMGWKDCB
mQQCAAIwgZIDBgQqFHWAkAMGBCoUdYDAAwYAKhR1gPEDBgAqFHWA9AMHBCoUdYD/
MAMHBCoUdYEPYDASAwcEKhR1gQ+QAwcFKhR1gQ/AAwcAKhR1gQ/mMBADBgAqFHWB
mwMGACoUdYGcMBEDBgEqFHWBngMHBSoUdYGfAAMFASoUdYIDBgQqFHWEEAMGBCoU
dYRgAwUBKhR1hjANBgkqhkiG9w0BAQsFAAOCAQEAiyXUc1OXwzsqQ5H5utp2ze+o
iJLp1Vsd7Q9hsPwOCN8DWk0rSyK68TNqHI+MFunZA8dhJUHYgw647g0HBX3tWBpH
qqViXkuNg099voeWW6rLHsJx8ss0JZB0Cw0Ie22OFlDjgtxrp0S4Y/r8owWaJcMS
UF5Ga7u1M8iAOtHTlhk8kcAYJQtSB2gALI8r81PIVXq9PheWZVcmQAt6RXrNlHZS
SIQDRIGEJi/rQG8/TM35o6Qqh+6VaBXZ4yV6Ivdkm83KH11UDeWCJLIIQpI96nKN
ZNjuaOtRpUX214YF1u/vRlnA8bQ5nDBLfGawLEYVcNxzJS4WUxXupnXtU4gZbw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:38:52 2025 by rpki-client