Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS152698.roa
File: AS152698.roa (raw, json)
Hash identifier: Vd9PLhCg1Kv5rW9acqjUP1h6dKohg4Fe7psCsjXsl+o=
Subject key identifier: 7B:F6:F5:51:11:66:0F:95:F8:0F:48:EF:F7:FE:85:D3:0B:E8:6E:50
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 25EEDA1805051E7481C4493749058461A6EF2D5B
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS152698.roa
Signing time: Mon 29 Sep 2025 03:48:40 +0000
ROA not before: Mon 29 Sep 2025 03:43:40 +0000
ROA not after: Mon 28 Sep 2026 03:48:40 +0000
asID: 152698
IP address blocks: 2a14:7581:9f44::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:ee:da:18:05:05:1e:74:81:c4:49:37:49:05:84:61:a6:ef:2d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Sep 29 03:43:40 2025 GMT
Not After : Sep 28 03:48:40 2026 GMT
Subject: CN=7BF6F55111660F95F80F48EFF7FE85D30BE86E50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:c0:5d:b3:d1:b5:8a:56:ec:b6:16:6b:80:
32:91:ea:31:e1:b4:99:0c:2b:27:0b:4b:cb:02:2b:
e5:9a:3a:a7:f0:3c:d3:a9:34:55:76:2e:a1:80:32:
e0:fc:09:67:05:00:18:3c:63:7c:c9:63:44:03:b0:
77:4f:0b:ac:c7:d1:5e:aa:f9:3b:c0:90:f0:97:0f:
46:d6:27:5d:1b:57:e0:1d:6f:ef:8d:de:8d:e8:47:
d3:8c:fd:6f:6c:12:93:f2:45:72:a0:5f:75:6d:f3:
9b:b1:c0:5e:39:86:39:c5:81:e5:0b:53:f2:7e:00:
3f:6b:88:67:c5:0f:80:32:a3:3c:bf:bf:cb:8e:04:
20:46:6d:58:e4:96:27:dd:b5:73:16:91:fa:00:d1:
a7:5d:ae:f2:ad:8a:6b:11:4a:83:81:76:c3:76:fc:
a6:f5:90:8a:b1:3f:05:8f:6e:60:5f:28:f3:f5:1f:
e2:5e:9b:3e:79:b1:1d:16:95:6c:42:4b:40:e7:d7:
2c:7a:b6:27:fa:b5:12:13:75:16:11:26:b7:e9:93:
38:7f:e5:da:18:ef:9f:c8:4c:ad:36:9c:12:f6:a5:
1d:06:db:46:ad:cf:8b:4c:cb:ca:03:e5:74:7e:1f:
7e:28:19:73:f4:9d:ed:c1:a5:4b:8d:ee:29:cd:03:
5c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F6:F5:51:11:66:0F:95:F8:0F:48:EF:F7:FE:85:D3:0B:E8:6E:50
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS152698.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9f44::/48
Signature Algorithm: sha256WithRSAEncryption
2e:a1:b6:da:6e:8a:ba:fc:a8:bc:ba:10:50:e7:5d:44:8c:e2:
37:c8:b7:d1:3f:e4:1a:35:ea:83:a7:b4:15:82:5c:48:b3:8e:
12:99:65:b5:42:64:ac:5f:75:c5:ae:d6:87:df:da:c7:26:75:
e2:68:55:82:27:e6:c7:9d:4a:47:34:d4:f5:6a:b3:dd:2d:ce:
1a:b8:f0:0f:72:24:bd:ac:a4:8c:ac:a5:ea:2f:b6:48:80:c9:
8b:4a:9b:92:4f:7b:2a:ff:ac:bc:1f:db:c9:5d:30:58:22:e6:
8b:ed:7e:70:c0:57:89:16:0f:9e:88:36:f6:87:d7:6a:c5:d1:
8b:57:86:e2:49:92:9c:82:b8:d7:1d:fa:ec:cd:1d:91:57:aa:
61:d6:f4:1b:73:bd:a8:44:37:9c:39:ac:bf:00:55:ae:d1:b3:
86:c3:fb:df:4a:22:3d:57:3d:20:ef:9c:eb:7e:e9:86:2b:2f:
1c:68:2e:4d:f6:0b:0c:95:24:f4:fe:f6:07:e8:ac:59:44:70:
86:c0:11:0a:d6:4f:42:84:80:d3:4a:07:9f:32:26:c0:0a:e9:
65:5d:81:d5:38:97:ea:4d:5a:35:60:cc:7c:6e:3c:3f:61:46:
ea:58:84:6c:bf:6a:9d:5d:24:e8:24:6a:4d:c2:a9:df:a2:df:
cd:fa:2e:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUJe7aGAUFHnSBxEk3SQWEYabvLVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA5MjkwMzQzNDBaFw0yNjA5MjgwMzQ4NDBaMDMxMTAvBgNV
BAMTKDdCRjZGNTUxMTE2NjBGOTVGODBGNDhFRkY3RkU4NUQzMEJFODZFNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw/8Bds9G1ilbsthZrgDKR6jHh
tJkMKycLS8sCK+WaOqfwPNOpNFV2LqGAMuD8CWcFABg8Y3zJY0QDsHdPC6zH0V6q
+TvAkPCXD0bWJ10bV+Adb++N3o3oR9OM/W9sEpPyRXKgX3Vt85uxwF45hjnFgeUL
U/J+AD9riGfFD4Ayozy/v8uOBCBGbVjklifdtXMWkfoA0addrvKtimsRSoOBdsN2
/Kb1kIqxPwWPbmBfKPP1H+Jemz55sR0WlWxCS0Dn1yx6tif6tRITdRYRJrfpkzh/
5doY75/ITK02nBL2pR0G20atz4tMy8oD5XR+H34oGXP0ne3BpUuN7inNA1y7AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUe/b1URFmD5X4D0jv9/6F0wvoblAwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMTUyNjk4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
gZ9EMA0GCSqGSIb3DQEBCwUAA4IBAQAuobbaboq6/Ki8uhBQ511EjOI3yLfRP+Qa
NeqDp7QVglxIs44SmWW1QmSsX3XFrtaH39rHJnXiaFWCJ+bHnUpHNNT1arPdLc4a
uPAPciS9rKSMrKXqL7ZIgMmLSpuST3sq/6y8H9vJXTBYIuaL7X5wwFeJFg+eiDb2
h9dqxdGLV4biSZKcgrjXHfrszR2RV6ph1vQbc72oRDecOay/AFWu0bOGw/vfSiI9
Vz0g75zrfumGKy8caC5N9gsMlST0/vYH6KxZRHCGwBEK1k9ChIDTSgefMibACull
XYHVOJfqTVo1YMx8bjw/YUbqWIRsv2qdXSToJGpNwqnfot/N+i7u
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:10:36 2025 by rpki-client