Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS207432.roa
File: AS207432.roa (raw, json)
Hash identifier: VitaqKOBePGMj3vggINu+kC5gX+l06e5FJxfbnveeMQ=
Subject key identifier: 0E:F5:F5:BB:E3:8F:21:D6:88:B1:2C:4F:69:9C:9A:B6:3D:83:08:F2
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 03361067DB4F7E3EAB3CD35E2FE73B536968A333
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS207432.roa
Signing time: Tue 17 Jun 2025 02:57:25 +0000
ROA not before: Tue 17 Jun 2025 02:52:25 +0000
ROA not after: Tue 16 Jun 2026 02:57:25 +0000
asID: 207432
IP address blocks: 2a14:7580:fff3::/48 maxlen: 48
2a14:7581:3300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:55:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:36:10:67:db:4f:7e:3e:ab:3c:d3:5e:2f:e7:3b:53:69:68:a3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 17 02:52:25 2025 GMT
Not After : Jun 16 02:57:25 2026 GMT
Subject: CN=0EF5F5BBE38F21D688B12C4F699C9AB63D8308F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:45:c7:a2:45:a2:f7:70:12:be:a2:be:73:61:
43:38:54:32:ac:78:09:ea:29:bc:31:6c:a5:f3:6d:
0f:62:d2:af:ab:0b:4f:fd:9f:54:50:0e:9f:41:32:
b2:68:a8:60:d5:a9:cd:17:d7:2c:c8:cf:cd:76:d4:
7c:7b:a5:eb:a9:ba:2b:3c:3e:b2:47:b5:02:58:91:
92:69:73:56:10:57:be:ce:e5:b1:bf:23:89:83:73:
92:78:4e:c6:db:a0:45:fc:bc:83:29:26:d3:f8:a6:
c0:9a:fe:46:8c:32:c3:3f:dd:79:64:3f:34:78:74:
ae:01:1c:19:23:53:3e:06:c7:36:94:6e:ff:cc:4b:
3b:2d:4d:e1:90:62:4e:85:44:ed:0f:a9:db:85:16:
fe:be:99:84:a3:70:45:c0:a6:91:5b:56:24:c2:7b:
5e:6d:d3:d8:d1:20:10:74:26:cc:89:17:3a:11:c0:
0c:e7:35:83:c1:83:0a:a7:07:ae:01:4a:87:45:01:
10:a1:49:c8:26:d9:bf:7f:28:e3:1c:49:14:5b:f9:
19:1c:41:43:04:b4:d1:4d:da:14:da:c1:9a:14:4c:
9c:78:eb:02:65:1f:23:cf:a8:5c:0e:80:60:b9:ce:
b6:6d:6d:0b:27:85:95:9a:e3:db:e5:6f:50:29:65:
5f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:F5:F5:BB:E3:8F:21:D6:88:B1:2C:4F:69:9C:9A:B6:3D:83:08:F2
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS207432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:fff3::/48
2a14:7581:3300::/40
Signature Algorithm: sha256WithRSAEncryption
02:54:f5:a7:34:f5:5f:f7:18:86:a2:49:4d:ba:70:59:3c:df:
89:ce:d2:38:f2:a6:a1:15:6a:5b:04:a5:4f:1b:0b:84:c7:35:
3c:95:6f:7d:cc:ec:0a:be:2e:59:9f:93:f4:85:b9:32:6d:da:
4d:0b:82:84:96:46:3d:eb:51:f1:54:63:5f:f0:91:d8:a0:e3:
ed:37:6f:e0:2c:61:1f:cb:b2:a4:9b:13:d7:21:cd:f9:7d:97:
d5:31:4e:9d:0f:dd:69:bf:08:53:d0:ae:d8:6a:65:3a:c9:c8:
c3:e5:8f:7c:16:6c:2e:ba:5a:c6:11:5a:fa:87:e0:90:a3:83:
d3:41:83:f0:c5:27:2b:90:6f:23:f7:f0:cf:41:b9:78:24:e2:
21:02:6c:de:c3:92:07:14:1e:3f:31:e8:c4:04:b8:e4:27:a5:
f7:e3:4f:13:74:9d:64:42:9f:fb:c8:3f:5f:e2:f4:bf:17:cc:
8a:45:09:6b:79:21:71:26:0b:41:9d:17:98:6c:65:6a:88:a4:
cf:90:72:ae:6b:5f:06:13:40:2e:fd:bc:63:1f:cd:4f:41:dd:
23:ad:27:5b:87:0d:28:29:d5:6c:85:f8:5e:f8:c3:bb:0b:8d:
5f:71:2c:09:8a:d0:b0:dd:5c:ea:4c:0d:f1:6a:c6:73:ca:f0:
15:a2:98:a8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUAzYQZ9tPfj6rPNNeL+c7U2loozMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA2MTcwMjUyMjVaFw0yNjA2MTYwMjU3MjVaMDMxMTAvBgNV
BAMTKDBFRjVGNUJCRTM4RjIxRDY4OEIxMkM0RjY5OUM5QUI2M0Q4MzA4RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCRceiRaL3cBK+or5zYUM4VDKs
eAnqKbwxbKXzbQ9i0q+rC0/9n1RQDp9BMrJoqGDVqc0X1yzIz8121Hx7peupuis8
PrJHtQJYkZJpc1YQV77O5bG/I4mDc5J4TsbboEX8vIMpJtP4psCa/kaMMsM/3Xlk
PzR4dK4BHBkjUz4GxzaUbv/MSzstTeGQYk6FRO0PqduFFv6+mYSjcEXAppFbViTC
e15t09jRIBB0JsyJFzoRwAznNYPBgwqnB64BSodFARChScgm2b9/KOMcSRRb+Rkc
QUMEtNFN2hTawZoUTJx46wJlHyPPqFwOgGC5zrZtbQsnhZWa49vlb1ApZV8pAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUDvX1u+OPIdaIsSxPaZyatj2DCPIwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA3NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhR1
gP/zAwYAKhR1gTMwDQYJKoZIhvcNAQELBQADggEBAAJU9ac09V/3GIaiSU26cFk8
34nO0jjypqEValsEpU8bC4THNTyVb33M7Aq+Llmfk/SFuTJt2k0LgoSWRj3rUfFU
Y1/wkdig4+03b+AsYR/LsqSbE9chzfl9l9UxTp0P3Wm/CFPQrthqZTrJyMPlj3wW
bC66WsYRWvqH4JCjg9NBg/DFJyuQbyP38M9BuXgk4iECbN7DkgcUHj8x6MQEuOQn
pffjTxN0nWRCn/vIP1/i9L8XzIpFCWt5IXEmC0GdF5hsZWqIpM+Qcq5rXwYTQC79
vGMfzU9B3SOtJ1uHDSgp1WyF+F74w7sLjV9xLAmK0LDdXOpMDfFqxnPK8BWimKg=
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:10:20 2025 by rpki-client