Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213690.roa
File: AS213690.roa (raw, json)
Hash identifier: h9rHfuzlyaCBd6whMrZNwvqksG3PYd9T+Tmgp6eLhf0=
Subject key identifier: AC:84:37:80:74:52:9F:C8:23:34:E9:6D:95:8B:26:4A:51:4C:F3:55
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3E00A0B2BD8A6E889DFA6FD601A82789EA90DD37
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213690.roa
Signing time: Thu 29 May 2025 16:25:08 +0000
ROA not before: Thu 29 May 2025 16:20:08 +0000
ROA not after: Thu 28 May 2026 16:25:08 +0000
asID: 213690
IP address blocks: 146.103.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:00:a0:b2:bd:8a:6e:88:9d:fa:6f:d6:01:a8:27:89:ea:90:dd:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 29 16:20:08 2025 GMT
Not After : May 28 16:25:08 2026 GMT
Subject: CN=AC84378074529FC82334E96D958B264A514CF355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c3:e3:60:0b:7f:ef:3a:bc:53:fb:60:39:5f:
3f:fc:f3:cd:3e:6e:f5:57:61:9f:85:e3:d4:a8:e5:
a3:b0:11:05:fc:39:d1:1a:cc:d5:ed:27:c3:06:12:
41:4e:3e:4a:47:0f:c8:1c:ee:00:e3:f3:62:be:69:
b4:57:05:34:cd:9e:69:4a:7f:f9:1d:9d:62:4b:85:
02:43:1f:5c:79:65:ec:3f:c1:3f:7c:4e:dd:64:4d:
21:e0:dc:07:61:89:68:1e:da:c7:bf:0e:40:95:00:
9b:e0:32:ab:45:27:c0:45:47:8d:d1:a8:1b:e6:f3:
9f:d5:a8:f7:ec:dd:8b:c0:da:94:2d:5c:18:6c:c8:
e7:6a:a6:c2:c9:9a:ef:d2:3a:ca:b3:14:08:64:54:
8c:0d:7b:11:3c:d9:68:64:4f:48:e7:16:58:f2:80:
2e:d1:ec:d3:0e:d0:ca:d3:4f:d0:d1:ae:52:15:c6:
54:87:49:d7:6e:85:75:61:79:32:69:a6:39:62:82:
73:4d:98:17:a2:cc:5e:3f:8a:28:8c:5a:05:1c:2e:
59:27:bf:00:a1:e0:06:8e:8f:a2:ea:df:5f:2d:3f:
73:87:5f:79:00:89:dc:87:7a:6e:0c:b8:2a:f1:71:
73:22:67:f1:79:2e:d3:76:60:b3:66:e2:83:a5:53:
7e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:84:37:80:74:52:9F:C8:23:34:E9:6D:95:8B:26:4A:51:4C:F3:55
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213690.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.34.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:e6:88:69:aa:51:80:6e:22:71:91:7b:b9:60:ea:ec:a3:bf:
e7:03:eb:e5:e7:1f:80:c2:0c:a3:82:ca:65:6c:07:26:97:33:
95:62:f6:84:f2:91:b4:e4:ef:f2:8d:7f:43:87:28:39:79:18:
af:5c:65:90:23:f6:e9:b3:fd:70:42:4a:f6:67:01:64:ce:e3:
16:d2:65:79:c2:f5:02:6e:40:b0:f1:3d:0c:53:06:62:ba:df:
8c:68:25:56:59:ad:a0:c0:89:c5:91:77:cb:17:51:6e:63:0d:
b7:a5:50:92:69:56:26:78:cd:b1:de:24:d5:49:22:c3:78:7d:
43:b8:68:cb:20:50:90:28:7b:66:d6:d1:b3:33:f5:b7:38:cc:
8a:0d:4f:e6:5e:19:d8:0b:18:9f:bd:36:fa:23:23:77:83:88:
ef:0f:d8:1e:e0:1d:6e:1d:ab:9f:ae:ac:9b:cd:98:5d:74:79:
82:05:42:1d:9d:bf:dd:b7:44:e9:67:78:79:fd:b2:47:96:81:
36:cd:1d:b4:cc:f3:f4:65:db:aa:71:1f:28:f3:41:e9:40:98:
b3:91:be:f9:52:98:12:90:f5:63:45:9f:fd:95:e7:c5:cf:10:
49:b0:ed:96:2b:07:94:b8:d6:75:cd:b5:6c:08:33:79:a7:b9:
ad:c4:09:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUPgCgsr2Kboid+m/WAagnieqQ3TcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MjkxNjIwMDhaFw0yNjA1MjgxNjI1MDhaMDMxMTAvBgNV
BAMTKEFDODQzNzgwNzQ1MjlGQzgyMzM0RTk2RDk1OEIyNjRBNTE0Q0YzNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiw+NgC3/vOrxT+2A5Xz/8880+
bvVXYZ+F49So5aOwEQX8OdEazNXtJ8MGEkFOPkpHD8gc7gDj82K+abRXBTTNnmlK
f/kdnWJLhQJDH1x5Zew/wT98Tt1kTSHg3AdhiWge2se/DkCVAJvgMqtFJ8BFR43R
qBvm85/VqPfs3YvA2pQtXBhsyOdqpsLJmu/SOsqzFAhkVIwNexE82WhkT0jnFljy
gC7R7NMO0MrTT9DRrlIVxlSHSdduhXVheTJppjlignNNmBeizF4/iiiMWgUcLlkn
vwCh4AaOj6Lq318tP3OHX3kAidyHem4MuCrxcXMiZ/F5LtN2YLNm4oOlU35pAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUrIQ3gHRSn8gjNOltlYsmSlFM81UwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEzNjkwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkmci
MA0GCSqGSIb3DQEBCwUAA4IBAQCe5ohpqlGAbiJxkXu5YOrso7/nA+vl5x+Awgyj
gsplbAcmlzOVYvaE8pG05O/yjX9Dhyg5eRivXGWQI/bps/1wQkr2ZwFkzuMW0mV5
wvUCbkCw8T0MUwZiut+MaCVWWa2gwInFkXfLF1FuYw23pVCSaVYmeM2x3iTVSSLD
eH1DuGjLIFCQKHtm1tGzM/W3OMyKDU/mXhnYCxifvTb6IyN3g4jvD9ge4B1uHauf
rqybzZhddHmCBUIdnb/dt0TpZ3h5/bJHloE2zR20zPP0ZduqcR8o80HpQJizkb75
UpgSkPVjRZ/9lefFzxBJsO2WKweUuNZ1zbVsCDN5p7mtxAnj
-----END CERTIFICATE-----
Generated at Mon Jun 16 03:24:35 2025 by rpki-client