Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: BxjO9eQ0Xp/9DyiRxiNJ5u7S1CBgZiSUeulJAi/yx1M=
Subject key identifier: F3:72:EF:4A:C3:39:87:00:44:26:A6:C8:D8:26:77:4C:FA:5D:05:14
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 011D84947384D3562943DCE4CF91F6F09B123B6B
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Sat 23 Aug 2025 10:28:29 +0000
ROA not before: Sat 23 Aug 2025 10:23:29 +0000
ROA not after: Sat 22 Aug 2026 10:28:29 +0000
asID: 0
IP address blocks: 2a14:7580:b000::/36 maxlen: 48
2a14:7581:f30::/44 maxlen: 48
2a14:7581:f80::/44 maxlen: 48
2a14:7581:ffd::/48 maxlen: 48
2a14:7581:fff::/48 maxlen: 48
2a14:7581:a000::/36 maxlen: 48
2a14:7581:e000::/36 maxlen: 48
2a14:7581:e100::/40 maxlen: 48
2a14:7581:e200::/40 maxlen: 48
2a14:7581:e800::/40 maxlen: 48
2a14:7582::/32 maxlen: 48
2a14:7583::/32 maxlen: 32
2a14:7584:2000::/36 maxlen: 48
2a14:7584:d000::/36 maxlen: 48
2a14:7585::/32 maxlen: 48
2a14:7586::/32 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:1d:84:94:73:84:d3:56:29:43:dc:e4:cf:91:f6:f0:9b:12:3b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 23 10:23:29 2025 GMT
Not After : Aug 22 10:28:29 2026 GMT
Subject: CN=F372EF4AC33987004426A6C8D826774CFA5D0514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4b:a2:ac:5b:fd:60:4e:16:3e:00:ff:6a:b8:
85:3e:89:1f:91:f0:d8:9a:f6:ba:52:21:1f:6c:57:
7c:b6:e2:41:a3:94:77:41:dd:ae:b3:6f:71:e3:ed:
21:e2:a8:ef:57:14:07:33:4d:fa:a2:d8:d6:d3:72:
8b:93:ae:0b:9e:0d:91:07:ac:99:69:20:25:2c:ab:
14:28:da:2a:fe:23:f1:30:ee:7d:9a:f2:55:7e:53:
63:73:82:b0:3a:84:ec:a2:52:7c:db:5e:8f:f9:86:
ef:54:d8:cf:65:91:a6:11:99:cb:21:ff:31:bc:f4:
e4:5b:f7:57:0b:f4:57:74:a2:64:81:bc:05:29:fa:
e5:9e:a7:85:e0:86:8c:d2:20:4a:82:21:93:ba:7d:
c7:41:a9:06:f0:ca:1d:24:7c:dc:24:a4:be:c4:4d:
af:76:a7:6d:f7:97:0f:b9:fa:23:44:a7:84:17:2c:
19:4f:37:0c:81:a9:a1:b7:bb:d8:66:f0:e1:80:0f:
4a:60:14:f2:3b:1b:6f:2b:5e:6f:1e:b7:40:81:e5:
16:98:d5:a9:b0:3a:03:d3:22:ea:e1:fc:98:54:f5:
1a:2b:c8:7a:fb:8b:c7:c1:d2:5f:83:c9:22:5c:03:
65:b8:77:2a:da:60:8e:14:69:6a:32:df:6a:1d:5a:
d1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:72:EF:4A:C3:39:87:00:44:26:A6:C8:D8:26:77:4C:FA:5D:05:14
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:b000::/36
2a14:7581:f30::/44
2a14:7581:f80::/44
2a14:7581:ffd::/48
2a14:7581:fff::/48
2a14:7581:a000::/36
2a14:7581:e000::/36
2a14:7582::/31
2a14:7584:2000::/36
2a14:7584:d000::/36
2a14:7585::-2a14:7587:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9f:4b:3c:a9:b6:7c:49:89:8f:d4:0c:a8:67:53:60:df:bd:50:
f5:dd:f5:97:40:17:74:78:ad:aa:4b:e6:f6:72:e6:6c:ff:9a:
2b:89:27:06:70:ca:d5:ac:d2:e6:c5:ee:e4:78:50:c6:d4:41:
8e:65:77:db:1d:32:1d:54:ce:8c:36:36:54:ed:04:2e:91:c0:
86:fe:7d:c5:17:c0:3e:de:f4:39:cc:36:c8:e9:c5:57:5e:be:
f3:0b:67:0e:32:30:45:93:89:ef:ad:50:e5:67:ab:79:19:5b:
22:49:28:c3:06:d8:f3:9d:1e:49:b7:33:33:21:96:3a:fa:d7:
d3:39:0b:2f:f4:f0:f8:8e:19:3e:b3:46:4b:a4:3d:15:d9:b4:
c8:12:e2:0c:22:96:b8:11:c2:10:c4:8b:7d:bb:92:f2:b4:b3:
cb:c5:2e:e7:c9:91:7c:5f:e1:42:95:f7:a2:5a:2a:26:09:4a:
d8:50:fc:a9:67:4e:b0:82:c7:05:66:ce:8c:b3:c7:5d:49:bf:
90:3f:8f:73:d3:d5:ea:3d:92:f9:6d:4d:94:d7:b5:08:aa:43:
3a:92:14:9d:aa:5d:3b:a8:38:a0:17:4b:f7:d7:94:16:d0:09:
79:35:b6:ec:81:8c:be:f5:71:df:fa:6b:86:a2:9d:9a:a1:5b:
dc:18:ee:b9
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIUAR2ElHOE01YpQ9zkz5H28JsSO2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA4MjMxMDIzMjlaFw0yNjA4MjIxMDI4MjlaMDMxMTAvBgNV
BAMTKEYzNzJFRjRBQzMzOTg3MDA0NDI2QTZDOEQ4MjY3NzRDRkE1RDA1MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOS6KsW/1gThY+AP9quIU+iR+R
8Nia9rpSIR9sV3y24kGjlHdB3a6zb3Hj7SHiqO9XFAczTfqi2NbTcouTrgueDZEH
rJlpICUsqxQo2ir+I/Ew7n2a8lV+U2NzgrA6hOyiUnzbXo/5hu9U2M9lkaYRmcsh
/zG89ORb91cL9Fd0omSBvAUp+uWep4XghozSIEqCIZO6fcdBqQbwyh0kfNwkpL7E
Ta92p233lw+5+iNEp4QXLBlPNwyBqaG3u9hm8OGAD0pgFPI7G28rXm8et0CB5RaY
1amwOgPTIurh/JhU9RoryHr7i8fB0l+DySJcA2W4dyraYI4UaWoy32odWtFvAgMB
AAGjggJiMIICXjAdBgNVHQ4EFgQU83LvSsM5hwBEJqbI2CZ3TPpdBRQwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjB8BggrBgEFBQcBBwEB/wRtMGswaQQCAAIwYwMGBCoUdYCwAwcE
KhR1gQ8wAwcEKhR1gQ+AAwcAKhR1gQ/9AwcAKhR1gQ//AwYEKhR1gaADBgQqFHWB
4AMFASoUdYIDBgQqFHWEIAMGBCoUdYTQMA4DBQAqFHWFAwUDKhR1gDANBgkqhkiG
9w0BAQsFAAOCAQEAn0s8qbZ8SYmP1AyoZ1Ng371Q9d31l0AXdHitqkvm9nLmbP+a
K4knBnDK1azS5sXu5HhQxtRBjmV32x0yHVTOjDY2VO0ELpHAhv59xRfAPt70Ocw2
yOnFV16+8wtnDjIwRZOJ761Q5WereRlbIkkowwbY850eSbczMyGWOvrX0zkLL/Tw
+I4ZPrNGS6Q9Fdm0yBLiDCKWuBHCEMSLfbuS8rSzy8Uu58mRfF/hQpX3oloqJglK
2FD8qWdOsILHBWbOjLPHXUm/kD+Pc9PV6j2S+W1NlNe1CKpDOpIUnapdO6g4oBdL
99eUFtAJeTW27IGMvvVx3/prhqKdmqFb3BjuuQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:00:06 2025 by rpki-client