Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS152020.roa
File: AS152020.roa (raw, json)
Hash identifier: ptI/7EVa/MllY3Vyd4a5vGy3jELOpwTDp5NRWqpRPUU=
Subject key identifier: 7A:92:30:2C:C9:C6:74:47:EA:CE:4D:BC:48:29:4D:68:57:D0:BB:CC
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 1B7D7FC28320DE684E5468FB3AF1EB055A049A14
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS152020.roa
Signing time: Wed 08 Oct 2025 12:26:53 +0000
ROA not before: Wed 08 Oct 2025 12:21:53 +0000
ROA not after: Wed 07 Oct 2026 12:26:53 +0000
asID: 152020
IP address blocks: 2a14:7583:c100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:7d:7f:c2:83:20:de:68:4e:54:68:fb:3a:f1:eb:05:5a:04:9a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Oct 8 12:21:53 2025 GMT
Not After : Oct 7 12:26:53 2026 GMT
Subject: CN=7A92302CC9C67447EACE4DBC48294D6857D0BBCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3c:da:35:66:b9:aa:60:28:95:69:da:fe:ee:
b2:7c:08:7c:55:1c:3c:93:04:04:bf:0b:d2:66:b0:
24:8d:07:9d:ae:27:14:13:c9:d4:5b:dc:13:02:5d:
ab:dc:17:50:79:67:2e:5f:33:fb:ec:c2:2e:a0:d2:
94:83:a2:8c:bf:0a:96:fb:15:98:25:8c:2e:f7:17:
a1:d0:e0:6a:5a:1f:7b:cd:ad:00:81:ef:52:89:0f:
40:5f:e0:69:70:e6:09:5d:6b:f1:ef:a4:65:2f:bc:
5a:77:4f:73:37:17:92:d6:29:94:9c:e2:ab:1c:82:
81:e3:2c:46:4a:2c:46:6c:2b:ab:03:10:81:73:9d:
82:37:9c:35:3a:af:32:51:f5:5c:21:2e:d5:82:ae:
cd:8f:88:34:13:cc:4d:75:86:e5:80:e5:55:34:cf:
a1:66:f5:2f:d7:bd:28:96:76:44:82:ed:82:18:f1:
af:b9:17:29:e0:85:86:a8:40:50:7e:83:a3:ba:aa:
e9:0e:ec:4f:22:5d:97:15:5f:6e:c1:9b:36:ef:f7:
51:bc:6b:17:2d:d8:eb:96:22:be:34:7f:3c:3a:76:
3b:5a:d6:be:f8:bf:59:59:79:0d:58:1d:19:4f:7b:
da:9f:53:78:fa:11:18:6b:83:85:04:f6:61:ca:5d:
26:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:92:30:2C:C9:C6:74:47:EA:CE:4D:BC:48:29:4D:68:57:D0:BB:CC
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS152020.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7583:c100::/48
Signature Algorithm: sha256WithRSAEncryption
04:d8:11:3a:4f:33:69:aa:ef:0d:b6:d8:ba:70:0a:37:8b:ea:
4a:7f:f8:c0:a2:d8:23:cf:56:08:f5:34:4f:3b:26:b7:46:ad:
4b:0f:6e:d3:19:b0:e7:8a:b5:5b:2c:06:24:cc:e9:18:bb:17:
5c:47:82:bf:fe:7e:7a:98:19:5a:5d:b6:7d:5e:e0:28:0e:6f:
53:09:9b:e3:9c:67:b1:fa:e7:db:5e:ac:f5:a4:c6:98:80:55:
ed:0d:56:53:75:b1:35:4e:3e:3d:d6:37:be:f6:06:32:c6:26:
1f:a6:b5:b0:1d:ed:db:59:2f:0b:ce:0a:6c:19:08:9b:d5:28:
a2:04:2a:00:77:1c:f8:36:57:e3:17:7b:c2:27:78:cf:70:80:
fc:56:90:e5:b5:78:c1:dd:7b:ad:6f:2e:6d:c7:5a:f8:f7:15:
1d:02:11:0f:25:e2:7c:73:8e:a2:41:00:78:7b:6a:17:9a:70:
d4:8e:59:ae:8a:52:9a:32:99:2f:a4:e1:c9:2d:1f:d5:54:a9:
b1:f7:33:48:49:69:01:33:ce:fc:67:2c:e9:94:65:b2:28:f1:
14:7a:71:d0:ea:d9:40:45:a4:fb:c3:ee:f0:9d:de:78:9b:34:
d1:42:0a:0e:98:37:f9:19:51:88:27:70:dd:24:67:36:0a:a7:
e4:09:69:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUG31/woMg3mhOVGj7OvHrBVoEmhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTEwMDgxMjIxNTNaFw0yNjEwMDcxMjI2NTNaMDMxMTAvBgNV
BAMTKDdBOTIzMDJDQzlDNjc0NDdFQUNFNERCQzQ4Mjk0RDY4NTdEMEJCQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaPNo1ZrmqYCiVadr+7rJ8CHxV
HDyTBAS/C9JmsCSNB52uJxQTydRb3BMCXavcF1B5Zy5fM/vswi6g0pSDooy/Cpb7
FZgljC73F6HQ4GpaH3vNrQCB71KJD0Bf4Glw5glda/HvpGUvvFp3T3M3F5LWKZSc
4qscgoHjLEZKLEZsK6sDEIFznYI3nDU6rzJR9VwhLtWCrs2PiDQTzE11huWA5VU0
z6Fm9S/XvSiWdkSC7YIY8a+5FynghYaoQFB+g6O6qukO7E8iXZcVX27Bmzbv91G8
axct2OuWIr40fzw6djta1r74v1lZeQ1YHRlPe9qfU3j6ERhrg4UE9mHKXSZXAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUepIwLMnGdEfqzk28SClNaFfQu8wwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMTUyMDIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
g8EAMA0GCSqGSIb3DQEBCwUAA4IBAQAE2BE6TzNpqu8Ntti6cAo3i+pKf/jAotgj
z1YI9TRPOya3Rq1LD27TGbDnirVbLAYkzOkYuxdcR4K//n56mBlaXbZ9XuAoDm9T
CZvjnGex+ufbXqz1pMaYgFXtDVZTdbE1Tj491je+9gYyxiYfprWwHe3bWS8Lzgps
GQib1SiiBCoAdxz4NlfjF3vCJ3jPcID8VpDltXjB3Xutby5tx1r49xUdAhEPJeJ8
c46iQQB4e2oXmnDUjlmuilKaMpkvpOHJLR/VVKmx9zNISWkBM878ZyzplGWyKPEU
enHQ6tlARaT7w+7wnd54mzTRQgoOmDf5GVGIJ3DdJGc2CqfkCWnE
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:16 2025 by rpki-client