Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212669.roa
File: AS212669.roa (raw, json)
Hash identifier: 1Mt4jYI8WcbOC5qExZtvY4xW5gEVvrJGhdd6rmW1BF8=
Subject key identifier: E7:3D:9A:15:DA:4E:80:58:C9:9C:31:BD:CF:C9:C4:95:84:C3:12:79
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6B351573B136415A7DC9C69DAEC2DAD754FAE08E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212669.roa
Signing time: Tue 24 Feb 2026 14:46:24 +0000
ROA not before: Tue 24 Feb 2026 14:41:24 +0000
ROA not after: Tue 23 Feb 2027 14:46:24 +0000
asID: 212669
IP address blocks: 179.61.191.0/24 maxlen: 24
179.61.249.0/24 maxlen: 24
181.214.11.0/24 maxlen: 24
191.101.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:35:15:73:b1:36:41:5a:7d:c9:c6:9d:ae:c2:da:d7:54:fa:e0:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 24 14:41:24 2026 GMT
Not After : Feb 23 14:46:24 2027 GMT
Subject: CN=E73D9A15DA4E8058C99C31BDCFC9C49584C31279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f4:af:aa:ba:eb:03:a0:8c:7a:e3:08:b3:0e:
a8:87:bd:23:9e:0e:19:70:61:48:df:1b:86:09:af:
e9:b4:7f:f8:42:87:1e:99:bb:a0:4c:ba:55:b0:d3:
f8:d2:1a:e7:cb:10:3a:85:0b:f0:11:43:79:22:09:
56:0e:d9:cb:15:38:92:9f:0e:ed:a6:47:58:e0:f4:
cd:32:13:f7:04:7c:f3:40:7e:8b:44:4a:e5:12:7e:
88:e5:28:f3:02:db:eb:aa:c4:b9:98:29:ea:58:db:
d1:cf:89:29:ad:df:52:bd:46:e1:e6:a8:7c:dc:39:
e9:77:9d:df:46:a7:c9:53:c6:b7:ec:55:59:dc:f7:
79:54:69:1e:69:08:59:ed:36:d1:00:a7:38:63:67:
05:04:d9:35:21:6c:bb:74:23:f8:a3:67:53:89:f3:
6f:f9:f4:6f:e6:7f:93:bf:ba:45:66:dd:e1:43:eb:
ac:40:d0:7b:c8:67:2e:e1:09:67:9f:fc:1f:ca:59:
92:79:3a:89:f2:b6:8b:07:cc:45:e2:ca:91:21:ee:
90:76:fd:06:1e:05:1e:69:11:db:05:24:95:2c:b3:
a4:5d:d7:1f:8f:da:99:51:49:d3:c6:ad:fc:8a:1c:
79:17:10:b6:52:d6:0f:21:27:f3:a9:0c:ed:a3:bd:
6e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3D:9A:15:DA:4E:80:58:C9:9C:31:BD:CF:C9:C4:95:84:C3:12:79
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212669.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.191.0/24
179.61.249.0/24
181.214.11.0/24
191.101.246.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:a5:e6:e2:51:14:b1:18:f9:a7:36:59:8b:5d:86:7b:ef:d8:
c9:8a:b8:0a:7a:64:46:3c:36:e2:2b:55:09:fc:ec:2a:28:a4:
33:64:ef:3c:3e:0e:f3:90:9e:fe:cc:19:8a:8e:22:d2:88:de:
d6:e8:3f:91:7a:07:9b:e3:92:ad:a2:77:31:c0:c0:ea:31:25:
de:8b:ec:36:67:ea:65:5c:7f:1e:66:b9:0d:89:ed:ea:8a:ad:
ff:43:14:82:f0:48:a4:39:d7:2a:0a:45:48:34:57:b0:83:da:
be:a9:e3:f2:83:4c:d1:37:7e:fe:bd:79:4c:52:08:17:a7:6f:
84:d1:a0:ef:a8:a1:39:be:e2:60:8a:93:6b:1d:d7:1f:b1:81:
e5:92:43:5e:8f:78:9b:4d:1a:a7:4e:26:6e:cd:ea:22:11:50:
4f:3d:af:38:26:c1:65:00:92:1c:85:07:93:33:8a:bc:6d:b7:
f5:d6:58:f3:20:6e:23:6a:69:8a:eb:8e:5b:be:39:e0:c8:4b:
99:3c:36:05:8c:d5:58:94:47:c5:cd:99:f7:8d:aa:97:ae:4e:
87:1f:ed:f5:86:6a:63:7d:a9:59:f5:e9:c6:32:92:6b:81:19:
90:85:82:a6:ba:bb:8f:02:ea:09:d3:c9:04:da:18:e6:95:ef:
f5:a5:bd:57
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUazUVc7E2QVp9ycadrsLa11T64I4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAyMjQxNDQxMjRaFw0yNzAyMjMxNDQ2MjRaMDMxMTAvBgNV
BAMTKEU3M0Q5QTE1REE0RTgwNThDOTlDMzFCRENGQzlDNDk1ODRDMzEyNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC79K+quusDoIx64wizDqiHvSOe
DhlwYUjfG4YJr+m0f/hChx6Zu6BMulWw0/jSGufLEDqFC/ARQ3kiCVYO2csVOJKf
Du2mR1jg9M0yE/cEfPNAfotESuUSfojlKPMC2+uqxLmYKepY29HPiSmt31K9RuHm
qHzcOel3nd9Gp8lTxrfsVVnc93lUaR5pCFntNtEApzhjZwUE2TUhbLt0I/ijZ1OJ
82/59G/mf5O/ukVm3eFD66xA0HvIZy7hCWef/B/KWZJ5OonytosHzEXiypEh7pB2
/QYeBR5pEdsFJJUss6Rd1x+P2plRSdPGrfyKHHkXELZS1g8hJ/OpDO2jvW7vAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU5z2aFdpOgFjJnDG9z8nElYTDEnkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyNjY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsz2/
AwQAsz35AwQAtdYLAwQAv2X2MA0GCSqGSIb3DQEBCwUAA4IBAQAspebiURSxGPmn
NlmLXYZ779jJirgKemRGPDbiK1UJ/OwqKKQzZO88Pg7zkJ7+zBmKjiLSiN7W6D+R
egeb45KtoncxwMDqMSXei+w2Z+plXH8eZrkNie3qiq3/QxSC8EikOdcqCkVINFew
g9q+qePyg0zRN37+vXlMUggXp2+E0aDvqKE5vuJgipNrHdcfsYHlkkNej3ibTRqn
TiZuzeoiEVBPPa84JsFlAJIchQeTM4q8bbf11ljzIG4jammK645bvjngyEuZPDYF
jNVYlEfFzZn3jaqXrk6HH+31hmpjfalZ9enGMpJrgRmQhYKmuruPAuoJ08kE2hjm
le/1pb1X
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:02:37 2026 by rpki-client