Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS53667.roa
File: AS53667.roa (raw, json)
Hash identifier: 1kn3LEHIdWNCUR28EGSXguclKwALrz4Popjz04RCaH4=
Subject key identifier: D1:E0:CA:C9:56:1F:D5:10:21:46:F5:FA:E6:CE:6E:B3:D1:72:72:8B
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 2B37FDDD3DCA3FC87B48C4FF3027F55ACEFDA37D
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS53667.roa
Signing time: Sat 16 Aug 2025 13:51:09 +0000
ROA not before: Sat 16 Aug 2025 13:46:09 +0000
ROA not after: Sat 15 Aug 2026 13:51:09 +0000
asID: 53667
IP address blocks: 2a14:7581:f90::/44 maxlen: 48
2a14:7581:fa0::/44 maxlen: 48
2a14:7581:fb0::/44 maxlen: 48
2a14:7581:fd0::/44 maxlen: 48
2a14:7581:9e00::/40 maxlen: 48
2a14:7581:9f10::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:25:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:37:fd:dd:3d:ca:3f:c8:7b:48:c4:ff:30:27:f5:5a:ce:fd:a3:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 16 13:46:09 2025 GMT
Not After : Aug 15 13:51:09 2026 GMT
Subject: CN=D1E0CAC9561FD5102146F5FAE6CE6EB3D172728B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d1:84:97:31:5b:6a:56:32:14:c1:52:0d:a6:
73:39:65:38:af:75:fe:30:40:0d:c9:ab:21:d0:99:
fb:d7:74:51:02:6c:40:e5:fe:6e:9a:61:42:d4:86:
20:f5:89:7f:0f:d0:50:ac:b1:58:a1:fb:63:a0:7c:
50:0e:f4:4a:f4:c0:ac:16:17:01:8f:cb:2d:cf:22:
55:d6:79:91:7b:9b:df:ad:c4:7e:05:74:c6:1a:3c:
ad:b4:77:7a:f8:4a:40:58:20:6a:1c:7b:df:c2:22:
aa:11:5e:41:04:7f:5a:1b:10:71:a1:01:2a:0c:25:
b4:f8:8b:d5:dc:6b:f8:e1:45:ff:78:4f:87:c6:39:
7f:44:46:d1:b4:bc:ef:fd:2f:bf:ac:1d:27:78:89:
05:08:a4:4b:aa:43:8b:5e:31:dc:76:bc:6d:7f:cb:
09:d0:80:ca:88:8b:29:0b:4e:1d:72:f0:52:11:be:
dd:20:a4:e8:c1:ef:dc:be:af:c4:cd:00:da:4f:07:
91:f8:f5:3c:00:02:dd:3b:db:f0:4a:fe:f4:43:ca:
53:f7:08:55:a2:83:da:5e:fa:77:45:ed:69:ab:c1:
cf:68:d4:82:a1:cd:60:07:5d:85:60:20:13:c4:c6:
76:6a:7b:7a:c2:e6:7b:c3:f5:e5:8d:de:64:20:79:
66:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E0:CA:C9:56:1F:D5:10:21:46:F5:FA:E6:CE:6E:B3:D1:72:72:8B
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS53667.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f90::-2a14:7581:fbf:ffff:ffff:ffff:ffff:ffff
2a14:7581:fd0::/44
2a14:7581:9e00::/40
2a14:7581:9f10::/44
Signature Algorithm: sha256WithRSAEncryption
50:ab:3e:e3:e2:91:be:03:6d:ff:fb:9b:fa:2c:18:b8:eb:6e:
66:2f:74:78:3a:d7:5c:2f:79:d0:f5:86:82:83:86:0a:76:fd:
66:65:4b:6e:7f:80:dd:a5:ec:81:58:04:c6:79:ef:f9:54:2b:
13:c1:b5:44:1a:f4:eb:ef:0e:e6:a6:52:f5:46:9e:e9:26:55:
79:76:de:ea:fd:ff:fe:57:73:4c:5a:aa:3a:54:c5:a5:4a:09:
79:0c:f7:40:34:41:37:9f:d9:aa:3c:11:01:36:8a:d1:81:26:
29:25:c8:d8:5e:b4:71:d6:e6:7d:b0:94:45:09:f4:bd:9f:cd:
f2:2f:ee:26:aa:c1:d3:8a:58:01:a5:93:86:04:c2:ba:0c:2f:
db:5e:74:d3:ce:98:dd:cf:ef:df:eb:2e:c5:5a:e8:f6:39:e8:
7f:3d:eb:3c:61:a0:24:9c:3e:d2:30:a5:dc:a8:d4:98:61:35:
62:e0:a7:34:d1:5e:de:7d:5a:da:c3:97:46:77:0a:2e:45:76:
48:52:90:c6:bf:23:e7:99:68:71:29:aa:3a:ac:85:9f:4b:dd:
96:33:71:53:61:1e:12:b7:ea:ac:df:7c:f7:10:8f:c8:43:22:
06:f7:a5:78:f6:30:36:56:3d:ea:7b:8d:fc:80:bf:44:fd:18:
11:17:2a:e1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUKzf93T3KP8h7SMT/MCf1Ws79o30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA4MTYxMzQ2MDlaFw0yNjA4MTUxMzUxMDlaMDMxMTAvBgNV
BAMTKEQxRTBDQUM5NTYxRkQ1MTAyMTQ2RjVGQUU2Q0U2RUIzRDE3MjcyOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu0YSXMVtqVjIUwVINpnM5ZTiv
df4wQA3JqyHQmfvXdFECbEDl/m6aYULUhiD1iX8P0FCssVih+2OgfFAO9Er0wKwW
FwGPyy3PIlXWeZF7m9+txH4FdMYaPK20d3r4SkBYIGoce9/CIqoRXkEEf1obEHGh
ASoMJbT4i9Xca/jhRf94T4fGOX9ERtG0vO/9L7+sHSd4iQUIpEuqQ4teMdx2vG1/
ywnQgMqIiykLTh1y8FIRvt0gpOjB79y+r8TNANpPB5H49TwAAt072/BK/vRDylP3
CFWig9pe+ndF7Wmrwc9o1IKhzWAHXYVgIBPExnZqe3rC5nvD9eWN3mQgeWa9AgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQU0eDKyVYf1RAhRvX65s5us9FycoswHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTNTM2Njcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRwYIKwYBBQUHAQcBAf8EODA2MDQEAgACMC4wEgMHBCoU
dYEPkAMHBioUdYEPgAMHBCoUdYEP0AMGACoUdYGeAwcEKhR1gZ8QMA0GCSqGSIb3
DQEBCwUAA4IBAQBQqz7j4pG+A23/+5v6LBi4625mL3R4OtdcL3nQ9YaCg4YKdv1m
ZUtuf4DdpeyBWATGee/5VCsTwbVEGvTr7w7mplL1Rp7pJlV5dt7q/f/+V3NMWqo6
VMWlSgl5DPdANEE3n9mqPBEBNorRgSYpJcjYXrRx1uZ9sJRFCfS9n83yL+4mqsHT
ilgBpZOGBMK6DC/bXnTTzpjdz+/f6y7FWuj2Oeh/Pes8YaAknD7SMKXcqNSYYTVi
4Kc00V7efVraw5dGdwouRXZIUpDGvyPnmWhxKao6rIWfS92WM3FTYR4St+qs33z3
EI/IQyIG96V49jA2Vj3qe438gL9E/RgRFyrh
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:40:32 2025 by rpki-client