Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206628.roa
File: AS206628.roa (raw, json)
Hash identifier: bRRzQ6yVe+ZNc9CmVCqsiVjVFB5QRDh3gZH0LOB67Sc=
Subject key identifier: 0F:3D:8D:71:81:37:54:4B:F1:3D:11:29:8D:42:40:EC:09:AD:3B:24
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 1A15B13E9BACD2317A3DE769B63E012AF78E0456
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206628.roa
Signing time: Fri 25 Jul 2025 08:07:41 +0000
ROA not before: Fri 25 Jul 2025 08:02:41 +0000
ROA not after: Fri 24 Jul 2026 08:07:41 +0000
asID: 206628
IP address blocks: 2a0f:85c1::/48 maxlen: 48
2a0f:85c1:21::/48 maxlen: 48
2a0f:85c1:22::/48 maxlen: 48
2a0f:85c1:30::/48 maxlen: 48
2a0f:85c1:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:15:b1:3e:9b:ac:d2:31:7a:3d:e7:69:b6:3e:01:2a:f7:8e:04:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:41 2025 GMT
Not After : Jul 24 08:07:41 2026 GMT
Subject: CN=0F3D8D718137544BF13D11298D4240EC09AD3B24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:91:dc:2b:54:c6:44:08:1f:a3:c2:24:89:53:
f1:91:e7:f9:b6:2c:06:41:8b:98:a6:63:1b:34:da:
db:9e:ab:07:c3:c6:95:36:fd:ff:60:60:5a:5a:63:
47:25:79:f9:01:bb:65:da:ec:5d:5a:5f:f7:5c:f8:
3e:25:e4:a7:de:b7:96:75:5e:9e:1d:df:29:7e:3c:
06:0c:fc:4a:b9:70:21:0e:15:8e:7d:8e:ad:5d:ea:
2a:dc:28:4e:29:de:df:b5:3f:a1:fc:4a:01:d9:82:
ad:e0:2c:dc:69:2f:44:5a:e0:4a:d0:9f:00:b8:09:
06:48:65:82:d6:c3:f5:f8:c0:7a:64:60:5e:23:77:
4e:ef:cc:8c:b2:ae:d1:2f:51:a7:f7:48:86:17:8a:
41:79:2f:7c:2e:c2:8f:50:b1:43:1e:44:9f:93:9f:
4c:28:c1:3f:64:ac:e1:e7:5c:09:8f:01:ec:28:b8:
c8:68:a7:b2:e6:51:5b:08:9e:1e:3a:de:63:52:15:
d6:63:d8:63:de:07:37:31:63:c5:cb:d4:53:25:9a:
05:f8:41:60:c0:aa:47:45:df:d8:b6:e3:a1:8a:83:
d8:16:b2:f5:1f:0e:21:4a:18:01:38:e0:85:51:6a:
f6:a8:83:43:ca:54:fb:8e:b9:cd:8e:b6:17:dc:0b:
49:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3D:8D:71:81:37:54:4B:F1:3D:11:29:8D:42:40:EC:09:AD:3B:24
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206628.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1::/48
2a0f:85c1:21::-2a0f:85c1:22:ffff:ffff:ffff:ffff:ffff
2a0f:85c1:30::/47
Signature Algorithm: sha256WithRSAEncryption
67:56:7a:fd:0e:5d:e5:18:aa:f5:15:f8:71:8f:f7:a0:58:b3:
9f:5c:f2:ae:18:1d:c6:b0:f1:24:29:6b:62:3b:00:62:e7:6b:
b2:3d:f9:c6:b8:62:34:61:de:37:41:a9:d6:c1:33:e0:86:1d:
55:93:e6:c2:ee:ac:2c:2e:1f:24:9d:2f:06:34:99:8a:83:f6:
1e:f2:7d:49:8b:33:1a:ef:a9:fa:4b:17:90:d0:df:9b:7b:45:
60:91:1a:14:90:9b:cc:22:6f:88:6a:8e:39:91:9f:fb:9a:31:
be:23:c3:e8:14:24:56:98:d9:c4:2b:0d:25:be:53:3f:8d:4a:
64:7d:15:9d:a2:6f:29:b6:a2:c8:4c:75:d9:21:d5:80:a5:43:
67:ea:ca:3a:8a:94:c3:83:c8:08:10:04:6d:23:c3:e4:81:c4:
22:0f:db:fa:b2:e8:ff:8b:ad:97:df:2b:dc:f5:8c:c6:31:60:
55:64:06:64:bc:1b:d6:ee:9b:e6:a5:43:72:4b:62:9d:c1:5b:
2d:8c:43:39:6d:be:51:a7:9d:e4:0a:18:bc:25:f0:b6:97:81:
b2:cf:36:ee:6b:e4:d1:3d:f0:d8:ce:e6:b3:97:3f:e5:8e:23:
a9:41:a6:9f:08:96:e7:b8:64:d7:a8:56:12:bd:18:c1:6c:62:
dc:b7:d4:a0
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUGhWxPpus0jF6Pedptj4BKveOBFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyNDFaFw0yNjA3MjQwODA3NDFaMDMxMTAvBgNV
BAMTKDBGM0Q4RDcxODEzNzU0NEJGMTNEMTEyOThENDI0MEVDMDlBRDNCMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCakdwrVMZECB+jwiSJU/GR5/m2
LAZBi5imYxs02tueqwfDxpU2/f9gYFpaY0clefkBu2Xa7F1aX/dc+D4l5Kfet5Z1
Xp4d3yl+PAYM/Eq5cCEOFY59jq1d6ircKE4p3t+1P6H8SgHZgq3gLNxpL0Ra4ErQ
nwC4CQZIZYLWw/X4wHpkYF4jd07vzIyyrtEvUaf3SIYXikF5L3wuwo9QsUMeRJ+T
n0wowT9krOHnXAmPAewouMhop7LmUVsInh463mNSFdZj2GPeBzcxY8XL1FMlmgX4
QWDAqkdF39i246GKg9gWsvUfDiFKGAE44IVRavaog0PKVPuOuc2OthfcC0kHAgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQUDz2NcYE3VEvxPREpjUJA7AmtOyQwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA2NjI4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg+F
wQAAMBIDBwAqD4XBACEDBwAqD4XBACIDBwEqD4XBADAwDQYJKoZIhvcNAQELBQAD
ggEBAGdWev0OXeUYqvUV+HGP96BYs59c8q4YHcaw8SQpa2I7AGLna7I9+ca4YjRh
3jdBqdbBM+CGHVWT5sLurCwuHySdLwY0mYqD9h7yfUmLMxrvqfpLF5DQ35t7RWCR
GhSQm8wib4hqjjmRn/uaMb4jw+gUJFaY2cQrDSW+Uz+NSmR9FZ2ibym2oshMddkh
1YClQ2fqyjqKlMODyAgQBG0jw+SBxCIP2/qy6P+LrZffK9z1jMYxYFVkBmS8G9bu
m+alQ3JLYp3BWy2MQzltvlGnneQKGLwl8LaXgbLPNu5r5NE98NjO5rOXP+WOI6lB
pp8Ilue4ZNeoVhK9GMFsYty31KA=
-----END CERTIFICATE-----
Generated at Wed Aug 6 06:05:17 2025 by rpki-client