Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213734.roa
File: AS213734.roa (raw, json)
Hash identifier: HqpRWQYranoQQDxgvEKs982fCfj8xu/CrJJdpIDZG1Y=
Subject key identifier: 2C:CD:EE:E9:24:42:DC:6F:03:45:8B:74:45:E6:D7:F2:89:FC:42:E4
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 33D509707171330249E25A15931CA522BE549CD7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213734.roa
Signing time: Fri 13 Feb 2026 00:00:22 +0000
ROA not before: Thu 12 Feb 2026 23:55:22 +0000
ROA not after: Fri 12 Feb 2027 00:00:22 +0000
asID: 213734
IP address blocks: 155.117.118.0/24 maxlen: 24
155.117.138.0/24 maxlen: 24
155.117.143.0/24 maxlen: 24
167.148.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:d5:09:70:71:71:33:02:49:e2:5a:15:93:1c:a5:22:be:54:9c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 12 23:55:22 2026 GMT
Not After : Feb 12 00:00:22 2027 GMT
Subject: CN=2CCDEEE92442DC6F03458B7445E6D7F289FC42E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b4:16:10:5f:e8:9e:db:74:e7:bf:08:a1:cc:
a4:2f:6e:83:2c:7a:ce:54:22:66:f2:05:02:65:26:
c1:fc:25:09:2e:93:ff:b6:31:4c:0c:e6:10:56:0e:
4e:44:60:f2:63:a0:f8:eb:22:9d:6b:e3:c7:a1:49:
64:30:4e:47:27:3a:4a:7d:ac:e4:e6:a3:8b:b0:7d:
a8:38:7a:52:83:58:2d:84:09:43:40:fc:58:63:62:
e2:03:d6:2f:1a:a7:e5:00:34:6d:aa:d8:cb:7c:95:
d7:f3:28:c0:23:8b:bc:3f:72:c9:fc:9f:5d:f9:8c:
88:7e:ee:9d:96:ae:9e:11:11:6d:42:82:3f:83:2e:
77:08:d2:78:7e:1b:13:64:57:7f:9f:55:fd:f7:0d:
09:ed:06:21:32:fc:b3:47:92:aa:65:60:c9:ec:31:
2e:14:88:3f:1c:3e:ce:83:b2:dd:2a:1f:64:1a:33:
fb:ed:1e:a3:20:34:63:79:4d:af:96:9b:3c:f8:42:
21:73:e6:35:2b:1c:fd:47:7e:e2:5b:99:f2:63:d9:
50:00:73:13:a0:66:9a:62:cb:bd:e7:f7:a5:09:d8:
ee:35:09:9a:c4:da:66:fc:44:8f:0b:44:f1:f2:d8:
06:5a:88:7d:79:46:6d:34:19:0b:13:ec:15:79:88:
96:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CD:EE:E9:24:42:DC:6F:03:45:8B:74:45:E6:D7:F2:89:FC:42:E4
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.118.0/24
155.117.138.0/24
155.117.143.0/24
167.148.170.0/24
Signature Algorithm: sha256WithRSAEncryption
85:ae:d7:1e:13:b3:41:83:5d:96:48:40:11:18:a8:55:cb:2f:
c6:0f:14:46:5f:08:35:92:df:07:74:6d:3d:c8:a9:02:c0:9c:
c5:35:20:91:69:f7:8b:fe:cf:11:cf:f0:48:53:b8:72:c1:1a:
27:b8:8e:89:b5:cf:f5:2d:f3:21:df:f1:85:97:4d:3e:ea:c5:
8b:8d:7c:4f:07:c4:cc:3e:90:27:2f:25:5a:93:f4:d1:b2:d2:
71:98:45:0c:16:ed:4f:c6:88:26:b3:b9:39:4c:5e:ae:6c:e7:
0d:78:ec:8a:4f:a7:4b:31:59:4d:9f:93:08:af:27:39:89:26:
c3:97:5a:da:75:8a:4b:d4:3e:d0:19:0f:84:b4:db:2d:11:72:
cc:f0:68:bc:ad:60:92:cf:f5:ae:8e:97:af:99:3b:34:90:64:
41:2c:51:2d:b4:1f:5a:72:bc:14:f0:5e:40:eb:aa:12:4b:1a:
c5:f6:95:3b:d9:65:d3:5a:cd:d7:c1:85:97:c7:e9:98:a2:23:
e2:8d:a4:5c:d1:b8:ed:65:0a:33:20:f1:de:10:78:4f:08:30:
f4:af:ff:a3:8e:77:fe:5c:da:26:3e:73:4d:ec:2a:9b:68:f5:
2d:a7:8b:da:84:ef:83:7f:1c:09:71:04:d5:cf:c2:d9:3f:23:
ed:80:04:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUM9UJcHFxMwJJ4loVkxylIr5UnNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTIyMzU1MjJaFw0yNzAyMTIwMDAwMjJaMDMxMTAvBgNV
BAMTKDJDQ0RFRUU5MjQ0MkRDNkYwMzQ1OEI3NDQ1RTZEN0YyODlGQzQyRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQtBYQX+ie23TnvwihzKQvboMs
es5UImbyBQJlJsH8JQkuk/+2MUwM5hBWDk5EYPJjoPjrIp1r48ehSWQwTkcnOkp9
rOTmo4uwfag4elKDWC2ECUNA/FhjYuID1i8ap+UANG2q2Mt8ldfzKMAji7w/csn8
n135jIh+7p2Wrp4REW1Cgj+DLncI0nh+GxNkV3+fVf33DQntBiEy/LNHkqplYMns
MS4UiD8cPs6Dst0qH2QaM/vtHqMgNGN5Ta+Wmzz4QiFz5jUrHP1HfuJbmfJj2VAA
cxOgZppiy73n96UJ2O41CZrE2mb8RI8LRPHy2AZaiH15Rm00GQsT7BV5iJZ1AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQULM3u6SRC3G8DRYt0RebX8on8QuQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEzNzM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAm3V2
AwQAm3WKAwQAm3WPAwQAp5SqMA0GCSqGSIb3DQEBCwUAA4IBAQCFrtceE7NBg12W
SEARGKhVyy/GDxRGXwg1kt8HdG09yKkCwJzFNSCRafeL/s8Rz/BIU7hywRonuI6J
tc/1LfMh3/GFl00+6sWLjXxPB8TMPpAnLyVak/TRstJxmEUMFu1Pxogms7k5TF6u
bOcNeOyKT6dLMVlNn5MIryc5iSbDl1radYpL1D7QGQ+EtNstEXLM8Gi8rWCSz/Wu
jpevmTs0kGRBLFEttB9acrwU8F5A66oSSxrF9pU72WXTWs3XwYWXx+mYoiPijaRc
0bjtZQozIPHeEHhPCDD0r/+jjnf+XNomPnNN7CqbaPUtp4vahO+DfxwJcQTVz8LZ
PyPtgAQ0
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:58:06 2026 by rpki-client