Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210732.roa
File: AS210732.roa (raw, json)
Hash identifier: H3Ek4u6wtfP3lQhVYG6z31iWFAu/FZq/jyWaaPq4AKw=
Subject key identifier: 00:DE:22:DE:88:30:62:05:FB:E3:D4:2F:FC:82:F9:C1:65:5F:76:02
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5D0E3CDE1D6D6549D13C21DD4A4E76880CB50ED3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210732.roa
Signing time: Fri 25 Jul 2025 11:24:06 +0000
ROA not before: Fri 25 Jul 2025 11:19:06 +0000
ROA not after: Fri 24 Jul 2026 11:24:06 +0000
asID: 210732
IP address blocks: 2a13:9500:4e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:0e:3c:de:1d:6d:65:49:d1:3c:21:dd:4a:4e:76:88:0c:b5:0e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 25 11:19:06 2025 GMT
Not After : Jul 24 11:24:06 2026 GMT
Subject: CN=00DE22DE88306205FBE3D42FFC82F9C1655F7602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f5:b3:4f:8c:cb:c8:d8:a2:ff:b7:cb:fc:4e:
51:03:e2:91:49:2d:3e:24:35:8e:f9:1a:60:21:28:
a6:6c:c9:4c:ba:67:99:cd:25:e3:21:78:2f:c7:cd:
37:5f:5b:f4:65:d0:d1:65:07:8c:1a:d0:01:3a:cd:
5e:b4:6e:05:42:35:0f:93:06:e3:41:d1:54:d3:86:
95:f9:e0:89:0a:a4:da:eb:4d:0b:de:af:fd:00:ff:
07:23:94:66:87:9e:7b:bd:b6:bf:ee:6f:ae:4d:59:
30:1a:55:6a:8c:74:3c:e5:2e:11:31:29:7b:be:36:
58:b0:d0:35:3e:60:fb:03:a4:7d:4b:78:cc:cb:12:
9e:86:82:50:b4:c1:42:ed:2a:df:1a:b1:eb:ea:7a:
98:23:5d:66:d3:ef:27:07:6c:8c:87:6b:4e:d5:78:
2b:63:57:a5:b3:0c:45:20:6d:39:28:05:56:8c:4a:
74:e1:f4:43:d5:09:25:ad:99:09:4b:74:39:07:b8:
e5:f7:fd:71:c9:3a:49:53:43:d6:b4:73:6c:09:58:
30:b4:4c:fb:25:74:3f:9e:8a:95:c7:36:ae:24:b2:
37:88:64:10:35:30:18:e9:de:03:86:ae:52:4e:d5:
79:cb:03:fe:d9:75:27:ab:ae:bc:56:f6:70:7f:29:
ab:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:DE:22:DE:88:30:62:05:FB:E3:D4:2F:FC:82:F9:C1:65:5F:76:02
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:4e::/48
Signature Algorithm: sha256WithRSAEncryption
91:24:0d:a8:ec:fd:c0:5f:b5:fb:b8:ec:b2:f0:ec:2e:b8:1f:
b0:6c:14:68:aa:27:69:1c:2f:9e:f4:95:cb:5a:75:3d:52:26:
db:3f:df:2f:7f:03:96:62:1e:3d:cb:7c:d8:01:8c:3e:3a:cd:
95:52:8e:33:ac:74:dd:d6:10:24:86:2d:b7:df:a0:eb:5d:af:
1c:ad:7c:c9:8d:b4:17:89:9b:d7:38:08:51:b5:83:a3:b0:25:
51:af:c8:0f:37:0a:2f:cf:9b:d5:c2:60:09:6c:dd:a8:72:c5:
23:8b:4d:65:0a:8f:72:d1:0b:4f:21:e1:b2:cc:98:41:44:81:
8f:70:05:2c:6b:da:4c:96:f6:1e:3e:79:af:87:a6:ff:98:4b:
9b:f9:9a:62:83:36:66:c7:e9:39:c8:a6:c7:d2:6c:86:be:b6:
49:f7:ab:57:de:ea:9c:bd:05:af:c0:ea:09:bf:9b:14:b7:4b:
d1:db:13:d8:55:76:7b:f6:8d:a5:6a:ac:78:dd:6e:42:e7:7f:
96:74:f3:1b:cf:35:69:15:18:89:5e:7f:de:bd:14:c9:86:7f:
1d:7a:52:63:27:46:da:23:e7:5c:e9:8f:c6:ad:bb:6c:a2:2c:
e5:e1:2b:17:26:5a:0c:cc:64:c6:cd:f5:1a:e4:bf:17:72:cc:
a1:7d:04:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUXQ483h1tZUnRPCHdSk52iAy1DtMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjUxMTE5MDZaFw0yNjA3MjQxMTI0MDZaMDMxMTAvBgNV
BAMTKDAwREUyMkRFODgzMDYyMDVGQkUzRDQyRkZDODJGOUMxNjU1Rjc2MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG9bNPjMvI2KL/t8v8TlED4pFJ
LT4kNY75GmAhKKZsyUy6Z5nNJeMheC/HzTdfW/Rl0NFlB4wa0AE6zV60bgVCNQ+T
BuNB0VTThpX54IkKpNrrTQver/0A/wcjlGaHnnu9tr/ub65NWTAaVWqMdDzlLhEx
KXu+Nliw0DU+YPsDpH1LeMzLEp6GglC0wULtKt8asevqepgjXWbT7ycHbIyHa07V
eCtjV6WzDEUgbTkoBVaMSnTh9EPVCSWtmQlLdDkHuOX3/XHJOklTQ9a0c2wJWDC0
TPsldD+eipXHNq4ksjeIZBA1MBjp3gOGrlJO1XnLA/7ZdSerrrxW9nB/KasvAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUAN4i3ogwYgX749Qv/IL5wWVfdgIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEwNzMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AABOMA0GCSqGSIb3DQEBCwUAA4IBAQCRJA2o7P3AX7X7uOyy8OwuuB+wbBRoqidp
HC+e9JXLWnU9UibbP98vfwOWYh49y3zYAYw+Os2VUo4zrHTd1hAkhi2336DrXa8c
rXzJjbQXiZvXOAhRtYOjsCVRr8gPNwovz5vVwmAJbN2ocsUji01lCo9y0QtPIeGy
zJhBRIGPcAUsa9pMlvYePnmvh6b/mEub+ZpigzZmx+k5yKbH0myGvrZJ96tX3uqc
vQWvwOoJv5sUt0vR2xPYVXZ79o2laqx43W5C53+WdPMbzzVpFRiJXn/evRTJhn8d
elJjJ0baI+dc6Y/Grbtsoizl4SsXJloMzGTGzfUa5L8XcsyhfQQk
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:19 2025 by rpki-client