Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS50917.roa
File: AS50917.roa (raw, json)
Hash identifier: 2CbGsnhMX2tqD/b30IaMJT4jrNdx3MsSbkm8X64lMpg=
Subject key identifier: 89:E9:DA:30:01:16:88:8C:A3:63:7C:4D:D6:79:5C:7F:4F:A8:4A:7E
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 6E3143F0100FBC0B12040D4BADC8D7C30F95C91D
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS50917.roa
Signing time: Sun 04 May 2025 12:54:05 +0000
ROA not before: Sun 04 May 2025 12:49:05 +0000
ROA not after: Sun 03 May 2026 12:54:05 +0000
asID: 50917
IP address blocks: 141.11.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:31:43:f0:10:0f:bc:0b:12:04:0d:4b:ad:c8:d7:c3:0f:95:c9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 4 12:49:05 2025 GMT
Not After : May 3 12:54:05 2026 GMT
Subject: CN=89E9DA300116888CA3637C4DD6795C7F4FA84A7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d6:54:8e:86:33:13:67:42:5f:8c:ef:be:be:
1c:c2:e5:58:44:9b:93:4a:1c:27:fe:01:03:54:b5:
d1:ef:7a:86:d0:4a:28:20:13:8d:76:0f:70:0b:f8:
98:9f:cc:0e:55:e4:3b:7a:a2:aa:67:6c:c9:60:27:
ca:8a:06:f9:8b:20:48:34:7f:9a:0f:0d:25:11:c7:
08:7e:34:fc:c0:e8:26:8e:eb:4a:cb:c4:e3:8d:4a:
f6:27:fd:3c:fe:95:ba:4c:23:88:30:c9:29:89:cd:
05:ba:34:f6:f1:4b:1b:7f:1e:e4:02:78:cb:20:d8:
c7:2b:93:d7:82:63:6f:cd:43:81:11:b1:20:8b:ae:
fa:f7:5a:7d:d4:58:9e:57:a2:14:a5:a7:2d:68:67:
22:5c:d5:09:94:18:38:b3:a5:62:df:e0:12:66:4c:
73:76:92:85:7f:b5:71:50:2e:90:74:78:4a:75:d8:
02:10:1e:0b:f8:10:1a:97:eb:84:90:1e:d5:c6:93:
d9:16:d3:c4:3f:8f:90:48:10:f7:86:5c:e4:24:fa:
c0:7d:4b:72:87:21:8b:20:d7:1b:5d:60:7e:c5:ca:
1b:d1:f2:98:03:75:c7:fe:15:59:fc:49:e2:d4:4b:
e0:7a:a3:dc:74:ae:3f:2b:0d:46:f7:84:fc:3c:24:
65:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E9:DA:30:01:16:88:8C:A3:63:7C:4D:D6:79:5C:7F:4F:A8:4A:7E
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS50917.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.49.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:3c:e2:15:bd:0a:df:e7:87:04:f9:fb:f0:ba:0d:f4:d0:a0:
43:7f:3f:a2:b6:69:44:8e:f3:87:9c:46:27:73:38:16:57:62:
d5:90:62:83:ae:88:51:d2:82:06:2c:fb:c3:c2:35:7c:82:34:
fc:3d:4e:a0:dd:c1:ca:f0:4a:41:28:d2:cc:8e:24:00:27:58:
bf:f2:38:fa:4b:69:c4:3e:23:4c:df:31:01:2d:f9:35:50:1c:
ce:96:f1:75:47:a7:82:f1:2b:21:09:53:7c:63:14:6e:08:ad:
69:c4:4b:22:8a:f1:cb:a4:33:f4:55:8d:ab:7d:0a:a8:43:b8:
f9:c3:b3:85:07:50:20:96:aa:d4:ec:90:79:88:39:8b:29:b9:
5f:b4:46:39:f0:80:33:cf:95:5d:4b:4b:4f:11:64:e0:8d:e0:
f6:fe:51:dd:4e:e5:01:09:7c:99:b5:9e:14:af:2d:23:78:e2:
89:b5:12:53:c3:8c:cb:14:28:d6:07:ac:d5:fe:46:73:31:61:
d3:42:83:a0:e9:a5:66:ff:6d:dd:87:e0:3e:21:b0:e2:ea:c9:
a2:81:13:68:84:9d:df:28:b7:19:ee:af:c8:e4:18:78:33:70:
9d:1e:3d:f6:7f:66:ea:5f:3e:b6:f4:ba:6a:c6:21:34:e7:27:
dc:bf:bd:50
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUbjFD8BAPvAsSBA1LrcjXww+VyR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA1MDQxMjQ5MDVaFw0yNjA1MDMxMjU0MDVaMDMxMTAvBgNV
BAMTKDg5RTlEQTMwMDExNjg4OENBMzYzN0M0REQ2Nzk1QzdGNEZBODRBN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd1lSOhjMTZ0JfjO++vhzC5VhE
m5NKHCf+AQNUtdHveobQSiggE412D3AL+JifzA5V5Dt6oqpnbMlgJ8qKBvmLIEg0
f5oPDSURxwh+NPzA6CaO60rLxOONSvYn/Tz+lbpMI4gwySmJzQW6NPbxSxt/HuQC
eMsg2Mcrk9eCY2/NQ4ERsSCLrvr3Wn3UWJ5XohSlpy1oZyJc1QmUGDizpWLf4BJm
THN2koV/tXFQLpB0eEp12AIQHgv4EBqX64SQHtXGk9kW08Q/j5BIEPeGXOQk+sB9
S3KHIYsg1xtdYH7FyhvR8pgDdcf+FVn8SeLUS+B6o9x0rj8rDUb3hPw8JGVRAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUienaMAEWiIyjY3xN1nlcf0+oSn4wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNTA5MTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNCzEw
DQYJKoZIhvcNAQELBQADggEBAAo84hW9Ct/nhwT5+/C6DfTQoEN/P6K2aUSO84ec
RidzOBZXYtWQYoOuiFHSggYs+8PCNXyCNPw9TqDdwcrwSkEo0syOJAAnWL/yOPpL
acQ+I0zfMQEt+TVQHM6W8XVHp4LxKyEJU3xjFG4IrWnESyKK8cukM/RVjat9CqhD
uPnDs4UHUCCWqtTskHmIOYspuV+0RjnwgDPPlV1LS08RZOCN4Pb+Ud1O5QEJfJm1
nhSvLSN44om1ElPDjMsUKNYHrNX+RnMxYdNCg6DppWb/bd2H4D4hsOLqyaKBE2iE
nd8otxnur8jkGHgzcJ0ePfZ/ZupfPrb0umrGITTnJ9y/vVA=
-----END CERTIFICATE-----
Generated at Tue May 6 17:34:29 2025 by rpki-client