Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS270111.roa
File: AS270111.roa (raw, json)
Hash identifier: xoOBritpgJy5JMwlMDKKdOfQVtNhKmY+KLn9fJskTNc=
Subject key identifier: 08:77:7C:5C:3B:47:9B:FD:C1:EE:97:0B:0A:EC:B8:07:B4:72:37:F0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 21DA4B019C9BFBB049BF44B89288810DFF19BD32
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS270111.roa
Signing time: Thu 07 Aug 2025 09:01:09 +0000
ROA not before: Thu 07 Aug 2025 08:56:09 +0000
ROA not after: Thu 06 Aug 2026 09:01:09 +0000
asID: 270111
IP address blocks: 2a13:9500:be::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:da:4b:01:9c:9b:fb:b0:49:bf:44:b8:92:88:81:0d:ff:19:bd:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 7 08:56:09 2025 GMT
Not After : Aug 6 09:01:09 2026 GMT
Subject: CN=08777C5C3B479BFDC1EE970B0AECB807B47237F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8a:aa:29:0e:23:f9:94:a2:1b:84:b1:d4:93:
12:94:03:17:96:70:73:7b:5f:dc:cf:87:e6:76:6d:
50:9e:29:05:d1:61:8d:fb:84:66:67:02:0d:7c:56:
f6:8a:a5:ca:71:fd:c2:46:bf:6d:0e:c3:1a:97:5f:
76:9b:a1:58:1a:ff:80:62:98:2d:b6:2f:b6:a2:20:
b2:ff:62:d1:32:73:92:e8:6b:7e:76:de:67:a8:6d:
1d:1c:f2:4f:73:f6:6d:f2:49:4f:70:b9:96:0e:3b:
84:15:8a:e4:9c:f4:c5:e8:33:31:a6:b4:99:94:56:
9e:1f:a6:87:68:69:a4:f8:72:c8:8e:ef:23:c2:80:
74:37:06:a8:42:7f:01:6e:85:2a:fc:d6:77:9e:b7:
1d:53:c5:86:62:2e:ac:df:a0:e2:f6:9f:7f:db:a1:
c6:ac:cb:81:fc:ce:32:fd:23:61:02:2d:bb:1b:d8:
f3:8e:ae:66:ce:c2:7a:9c:9a:05:58:f9:34:89:1a:
a4:a1:ed:7d:71:17:72:87:1d:21:d4:f7:e0:1e:6f:
d9:31:31:12:28:d5:e4:89:e5:e3:19:64:5b:a1:ac:
63:03:e4:64:c9:6a:57:7b:60:30:a5:3a:5a:77:7e:
42:36:84:be:2c:99:e8:b8:4c:b7:c7:0e:f5:eb:1c:
a1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:77:7C:5C:3B:47:9B:FD:C1:EE:97:0B:0A:EC:B8:07:B4:72:37:F0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS270111.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:be::/48
Signature Algorithm: sha256WithRSAEncryption
56:82:87:f1:c8:5e:3c:59:d4:21:e6:53:89:09:45:cf:69:78:
5c:ac:07:1e:79:f0:17:7c:7d:30:0b:0c:89:1b:d1:39:50:ed:
28:9f:5e:60:04:aa:3b:01:19:52:b5:4a:38:43:b8:e8:96:c6:
42:8c:f7:40:f2:76:be:2e:10:73:53:81:8c:fe:b0:76:97:bc:
91:e8:e8:24:e1:f3:18:29:98:00:4f:6d:9d:93:5b:55:ae:5c:
61:b5:a9:32:3e:32:df:af:09:42:27:91:70:a9:b2:8b:47:ce:
0e:c2:9e:8a:32:49:d5:9c:71:23:b3:16:84:05:ff:49:a1:14:
c8:db:7d:89:47:3c:30:dc:9b:f0:28:b9:1c:41:b3:8e:c1:b7:
5e:b9:da:63:42:39:2a:1b:a5:51:20:53:92:ab:fb:f4:81:4e:
31:a9:b2:8a:7d:e8:da:a1:01:5e:54:ef:7a:10:ab:39:9a:ec:
86:b2:16:44:a3:2a:07:02:f1:10:6c:ae:6a:69:ac:86:59:61:
04:0a:6a:d6:16:ab:32:9e:ae:5f:57:31:07:8b:4a:5a:de:ce:
b6:1d:1a:a4:bf:a2:51:8c:ae:48:58:36:a0:31:7c:96:38:07:
3e:36:88:ee:8a:7e:cb:84:93:f2:de:4b:35:da:26:df:5b:b3:
29:3f:a0:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUIdpLAZyb+7BJv0S4koiBDf8ZvTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDcwODU2MDlaFw0yNjA4MDYwOTAxMDlaMDMxMTAvBgNV
BAMTKDA4Nzc3QzVDM0I0NzlCRkRDMUVFOTcwQjBBRUNCODA3QjQ3MjM3RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCViqopDiP5lKIbhLHUkxKUAxeW
cHN7X9zPh+Z2bVCeKQXRYY37hGZnAg18VvaKpcpx/cJGv20OwxqXX3aboVga/4Bi
mC22L7aiILL/YtEyc5Loa3523meobR0c8k9z9m3ySU9wuZYOO4QViuSc9MXoMzGm
tJmUVp4fpodoaaT4csiO7yPCgHQ3BqhCfwFuhSr81neetx1TxYZiLqzfoOL2n3/b
ocasy4H8zjL9I2ECLbsb2POOrmbOwnqcmgVY+TSJGqSh7X1xF3KHHSHU9+Aeb9kx
MRIo1eSJ5eMZZFuhrGMD5GTJald7YDClOlp3fkI2hL4smei4TLfHDvXrHKHNAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUCHd8XDtHm/3B7pcLCuy4B7RyN/AwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjcwMTExLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AAC+MA0GCSqGSIb3DQEBCwUAA4IBAQBWgofxyF48WdQh5lOJCUXPaXhcrAceefAX
fH0wCwyJG9E5UO0on15gBKo7ARlStUo4Q7jolsZCjPdA8na+LhBzU4GM/rB2l7yR
6Ogk4fMYKZgAT22dk1tVrlxhtakyPjLfrwlCJ5FwqbKLR84Owp6KMknVnHEjsxaE
Bf9JoRTI232JRzww3JvwKLkcQbOOwbdeudpjQjkqG6VRIFOSq/v0gU4xqbKKfeja
oQFeVO96EKs5muyGshZEoyoHAvEQbK5qaayGWWEECmrWFqsynq5fVzEHi0pa3s62
HRqkv6JRjK5IWDagMXyWOAc+Nojuin7LhJPy3ks12ibfW7MpP6CS
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:33:20 2025 by rpki-client