Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS207695.roa
File: AS207695.roa (raw, json)
Hash identifier: Hpq/DaackGd54uaM76TKCiMg0ki5vP1YJCLsGiphs+A=
Subject key identifier: 6F:25:AA:DC:7A:77:BD:54:C0:A4:45:E6:8B:14:64:F3:4C:04:C8:D4
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 416BD9FEF457FE3E3EF294BDFB15C6721368E66C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS207695.roa
Signing time: Thu 12 Jun 2025 08:18:59 +0000
ROA not before: Thu 12 Jun 2025 08:13:59 +0000
ROA not after: Thu 11 Jun 2026 08:18:59 +0000
asID: 207695
IP address blocks: 2a13:9500:90::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:6b:d9:fe:f4:57:fe:3e:3e:f2:94:bd:fb:15:c6:72:13:68:e6:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 12 08:13:59 2025 GMT
Not After : Jun 11 08:18:59 2026 GMT
Subject: CN=6F25AADC7A77BD54C0A445E68B1464F34C04C8D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:45:68:63:97:03:6e:9d:df:f3:3b:b8:6a:c0:
20:b1:66:8e:e9:6d:86:97:02:72:44:40:87:bd:e2:
9f:60:f1:d4:4b:65:42:5a:6a:0b:cc:01:f0:69:2e:
9e:67:d5:c5:fe:2c:63:76:6a:af:3d:2c:98:ff:1f:
d0:d2:b7:e2:aa:ad:75:dd:fb:1b:be:5d:27:ce:15:
34:89:c1:ce:bd:1f:23:72:0c:4f:54:6f:49:50:2d:
10:69:a5:64:6a:2c:ad:f9:f2:f2:58:55:b5:1e:a4:
02:8f:6e:f6:bb:91:f9:24:17:fb:64:f6:c4:74:fc:
75:62:44:21:e7:e8:bc:1e:95:af:47:44:fb:4e:64:
1d:25:22:6d:f7:cc:2e:27:c0:61:1b:32:ad:7d:77:
4c:cd:0d:68:75:fc:4b:fd:0d:82:a4:b2:d5:d5:c0:
82:d4:fb:b8:b8:28:8f:8f:74:c7:21:5e:27:28:58:
d2:39:6c:6f:e6:72:89:4f:ad:5d:fa:fc:7b:8b:dc:
32:82:d2:81:5b:10:4b:88:7f:1e:7f:a8:0c:7d:2f:
b6:03:d0:f6:9c:3c:b4:62:dd:d4:f2:0a:7d:82:13:
f1:7a:a7:fb:38:98:ef:53:37:d8:e5:b0:f5:94:ba:
00:69:9f:a6:ec:70:f9:77:4f:4f:62:11:2b:99:67:
2e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:25:AA:DC:7A:77:BD:54:C0:A4:45:E6:8B:14:64:F3:4C:04:C8:D4
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS207695.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:90::/48
Signature Algorithm: sha256WithRSAEncryption
10:8b:41:63:a2:63:a9:4b:64:b0:c9:2d:46:39:fb:67:63:87:
77:b9:66:e2:51:a0:81:0a:5d:9f:1d:93:ad:d1:30:4a:f4:cc:
ef:ae:76:ef:95:9d:0d:64:51:05:42:1d:84:e9:3f:bb:d5:e8:
65:7c:a4:99:18:7d:20:dc:8c:c7:67:1c:aa:92:02:6a:a2:23:
a8:06:1b:69:d5:46:8a:a5:0b:f6:e1:24:ff:7b:1c:f7:13:80:
05:69:91:2f:51:d6:33:b0:b4:b3:68:84:87:21:8f:12:6d:d9:
7e:56:e3:e1:1b:66:b3:07:ba:07:98:01:e4:61:52:68:fe:3f:
91:3e:56:6e:df:64:9a:5d:4b:0d:bb:07:d0:43:95:5f:55:3a:
ea:d5:38:a0:3b:b5:7c:cf:f8:9b:33:cc:c6:0a:b7:30:2e:4a:
73:ef:d6:58:c4:d6:b7:1a:f8:71:ff:d5:2b:1b:ce:f1:d4:51:
83:68:fb:c3:97:35:09:96:e1:9f:d9:dd:41:1b:d5:e1:f5:36:
5f:1d:60:35:36:8b:7e:de:aa:f6:15:9c:23:34:b5:3d:23:3c:
6a:8e:1e:4f:b1:03:c4:2d:2c:02:1b:61:87:34:36:bb:9b:25:
32:8f:90:9a:02:e5:00:1b:d2:7c:15:f2:be:b8:eb:f5:ea:47:
6b:71:f0:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUQWvZ/vRX/j4+8pS9+xXGchNo5mwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTIwODEzNTlaFw0yNjA2MTEwODE4NTlaMDMxMTAvBgNV
BAMTKDZGMjVBQURDN0E3N0JENTRDMEE0NDVFNjhCMTQ2NEYzNEMwNEM4RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeRWhjlwNund/zO7hqwCCxZo7p
bYaXAnJEQIe94p9g8dRLZUJaagvMAfBpLp5n1cX+LGN2aq89LJj/H9DSt+KqrXXd
+xu+XSfOFTSJwc69HyNyDE9Ub0lQLRBppWRqLK358vJYVbUepAKPbva7kfkkF/tk
9sR0/HViRCHn6Lwela9HRPtOZB0lIm33zC4nwGEbMq19d0zNDWh1/Ev9DYKkstXV
wILU+7i4KI+PdMchXicoWNI5bG/mcolPrV36/HuL3DKC0oFbEEuIfx5/qAx9L7YD
0PacPLRi3dTyCn2CE/F6p/s4mO9TN9jlsPWUugBpn6bscPl3T09iESuZZy6TAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUbyWq3Hp3vVTApEXmixRk80wEyNQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA3Njk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AACQMA0GCSqGSIb3DQEBCwUAA4IBAQAQi0FjomOpS2SwyS1GOftnY4d3uWbiUaCB
Cl2fHZOt0TBK9MzvrnbvlZ0NZFEFQh2E6T+71ehlfKSZGH0g3IzHZxyqkgJqoiOo
Bhtp1UaKpQv24ST/exz3E4AFaZEvUdYzsLSzaISHIY8Sbdl+VuPhG2azB7oHmAHk
YVJo/j+RPlZu32SaXUsNuwfQQ5VfVTrq1TigO7V8z/ibM8zGCrcwLkpz79ZYxNa3
Gvhx/9UrG87x1FGDaPvDlzUJluGf2d1BG9Xh9TZfHWA1Not+3qr2FZwjNLU9Izxq
jh5PsQPELSwCG2GHNDa7myUyj5CaAuUAG9J8FfK+uOv16kdrcfCz
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:01 2025 by rpki-client