Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS208328.roa
File: AS208328.roa (raw, json)
Hash identifier: sRy6IRD+rfEvzsLY6isqYjxZ7DVLsxeV2a/WgTYITUM=
Subject key identifier: A0:64:F2:ED:B0:3D:78:6F:9E:DA:7B:00:0B:CC:B1:DD:46:D8:04:5B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 244B0CFC13AD0AAE9DAC5744FE5B3287FDED8BD4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS208328.roa
Signing time: Mon 28 Jul 2025 05:52:52 +0000
ROA not before: Mon 28 Jul 2025 05:47:52 +0000
ROA not after: Mon 27 Jul 2026 05:52:52 +0000
asID: 208328
IP address blocks: 2a13:9500:4b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:4b:0c:fc:13:ad:0a:ae:9d:ac:57:44:fe:5b:32:87:fd:ed:8b:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 28 05:47:52 2025 GMT
Not After : Jul 27 05:52:52 2026 GMT
Subject: CN=A064F2EDB03D786F9EDA7B000BCCB1DD46D8045B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:71:84:d4:ae:7b:d3:00:0e:48:f0:b6:2d:ae:
67:ef:41:66:d5:c8:db:75:34:8f:ad:3b:4a:0f:56:
de:2a:34:24:9d:6d:76:46:ac:e1:86:f3:ce:11:0c:
45:21:3d:00:8a:4f:7a:45:0c:25:b1:fb:ed:c9:31:
06:be:f2:56:9e:4e:5e:0e:18:ff:0b:28:09:db:8b:
9a:85:79:69:26:f8:bc:f7:c9:b3:f2:8f:2b:3c:5f:
5a:9d:d1:e1:64:bd:1e:79:31:90:bb:6c:21:be:1f:
ac:54:70:e8:c3:b4:d5:58:b4:05:1e:28:0a:52:db:
16:e2:7a:0f:98:16:b5:0e:d9:c3:0a:11:5b:f7:fb:
75:4d:95:59:be:a3:b3:f4:bd:34:ed:0c:e3:24:e4:
83:e5:8d:b5:2a:0f:23:31:c0:56:09:dc:f4:e9:fd:
16:a5:95:79:33:20:28:95:7b:9e:69:d5:3c:75:bb:
6f:5d:45:67:31:7b:d0:9c:a0:11:e9:1a:24:f8:f2:
fd:07:da:a4:b7:26:21:f9:f5:7f:ac:2a:f6:a7:ba:
59:4e:55:7c:0a:a1:ac:f9:7d:0b:22:ce:f3:4c:ea:
cd:2d:5f:e6:25:67:39:ae:d1:26:e6:40:23:5d:3a:
69:81:70:50:f3:47:f9:05:11:bd:b8:d4:c2:ba:43:
5e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:64:F2:ED:B0:3D:78:6F:9E:DA:7B:00:0B:CC:B1:DD:46:D8:04:5B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS208328.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:4b::/48
Signature Algorithm: sha256WithRSAEncryption
18:57:01:e6:b1:2c:be:d1:ad:6f:5c:95:a2:c6:33:95:19:58:
f8:66:bb:9c:f8:80:7f:99:cf:ed:99:5e:db:d8:7d:27:25:7f:
5e:19:7f:32:fe:4d:5c:98:2c:75:aa:15:61:89:0c:4e:f9:22:
30:d9:0a:ad:8c:d3:80:4d:55:31:ec:28:d3:00:77:a5:1c:70:
b9:54:d1:da:fd:43:d7:9d:20:0c:b7:48:d7:c0:c9:cd:7b:7c:
f4:2b:37:40:c0:e4:18:a3:4c:6c:e3:26:f1:4a:63:c5:e2:51:
73:29:63:33:ab:04:cb:35:45:82:b9:30:3b:05:65:cf:49:09:
93:3e:4d:29:31:2f:bc:6f:9b:63:b5:67:53:6d:f7:a8:06:66:
be:53:6e:96:86:09:09:f1:cd:01:21:d7:be:a8:7e:6b:8c:a7:
34:2b:3d:1c:e8:77:c0:64:2b:97:83:0a:55:9c:6f:8b:cc:59:
7d:2e:7d:8c:ba:3f:90:bc:e0:01:06:f0:ad:fa:85:f3:2d:35:
75:f5:7e:81:d2:d1:b9:40:cb:33:84:d6:07:a9:a2:07:8f:45:
af:a8:4c:99:9f:b7:6d:19:ae:5e:27:dd:17:c4:6f:62:50:24:
19:60:3e:d2:72:f5:dd:36:1d:a8:cf:53:9a:81:d8:8e:42:9d:
10:bc:b6:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUJEsM/BOtCq6drFdE/lsyh/3ti9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjgwNTQ3NTJaFw0yNjA3MjcwNTUyNTJaMDMxMTAvBgNV
BAMTKEEwNjRGMkVEQjAzRDc4NkY5RURBN0IwMDBCQ0NCMURENDZEODA0NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtcYTUrnvTAA5I8LYtrmfvQWbV
yNt1NI+tO0oPVt4qNCSdbXZGrOGG884RDEUhPQCKT3pFDCWx++3JMQa+8laeTl4O
GP8LKAnbi5qFeWkm+Lz3ybPyjys8X1qd0eFkvR55MZC7bCG+H6xUcOjDtNVYtAUe
KApS2xbieg+YFrUO2cMKEVv3+3VNlVm+o7P0vTTtDOMk5IPljbUqDyMxwFYJ3PTp
/RallXkzICiVe55p1Tx1u29dRWcxe9CcoBHpGiT48v0H2qS3JiH59X+sKvanullO
VXwKoaz5fQsizvNM6s0tX+YlZzmu0SbmQCNdOmmBcFDzR/kFEb241MK6Q14VAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUoGTy7bA9eG+e2nsAC8yx3UbYBFswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA4MzI4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AABLMA0GCSqGSIb3DQEBCwUAA4IBAQAYVwHmsSy+0a1vXJWixjOVGVj4Zruc+IB/
mc/tmV7b2H0nJX9eGX8y/k1cmCx1qhVhiQxO+SIw2QqtjNOATVUx7CjTAHelHHC5
VNHa/UPXnSAMt0jXwMnNe3z0KzdAwOQYo0xs4ybxSmPF4lFzKWMzqwTLNUWCuTA7
BWXPSQmTPk0pMS+8b5tjtWdTbfeoBma+U26WhgkJ8c0BIde+qH5rjKc0Kz0c6HfA
ZCuXgwpVnG+LzFl9Ln2Muj+QvOABBvCt+oXzLTV19X6B0tG5QMszhNYHqaIHj0Wv
qEyZn7dtGa5eJ90XxG9iUCQZYD7ScvXdNh2oz1OagdiOQp0QvLYR
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:25 2025 by rpki-client