
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207609.roa
File: AS207609.roa (raw, json)
Hash identifier: OKwA6XRVlFfhslDM0W8OAuPtWAMu2LGpv6F1V7ENRTc=
Subject key identifier: 75:B7:74:FF:45:37:9A:D5:F9:E2:3D:A5:10:DA:AA:B4:69:E2:A2:BD
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 1B1F083F22449DF25EC934427FCFCA214C9C2A35
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207609.roa
Signing time: Fri 25 Jul 2025 08:07:37 +0000
ROA not before: Fri 25 Jul 2025 08:02:37 +0000
ROA not after: Fri 24 Jul 2026 08:07:37 +0000
asID: 207609
IP address blocks: 2a0f:85c1:c080::/41 maxlen: 48
2a0f:85c1:c0d0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:1f:08:3f:22:44:9d:f2:5e:c9:34:42:7f:cf:ca:21:4c:9c:2a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:37 2025 GMT
Not After : Jul 24 08:07:37 2026 GMT
Subject: CN=75B774FF45379AD5F9E23DA510DAAAB469E2A2BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:15:0e:d7:36:87:0b:04:86:7a:0c:ca:2b:ce:
b2:d4:c9:21:6f:99:1c:ab:1f:2a:e1:96:a4:45:cd:
b0:80:2a:c0:45:d7:15:ad:0a:f4:e1:29:a7:4d:4e:
32:b5:a7:6c:28:17:d9:b9:d2:8d:6f:d8:57:1a:c5:
92:37:77:f5:91:4b:76:85:5e:fb:83:a1:37:e9:50:
42:00:46:89:45:02:56:58:7c:2f:6a:08:28:10:f6:
28:94:a3:d7:6c:c7:a4:3c:2e:52:88:34:d1:3b:73:
ac:05:2f:2b:cc:33:07:a3:93:7f:77:26:d9:95:5d:
b5:e5:52:ef:b9:d9:13:f9:22:d9:ef:e0:b4:a5:c2:
32:71:b7:9a:76:ab:22:ff:24:f5:85:c2:ed:9f:a2:
93:f3:70:15:0d:a5:04:47:30:ac:5d:52:ff:4c:9c:
8f:ae:f8:1c:73:1e:72:01:0d:e7:41:6f:45:25:50:
a3:48:94:d3:5b:8b:00:a4:ff:9e:90:7c:b4:9b:5d:
75:a2:69:32:71:0b:fc:da:34:b7:0e:a7:b4:2b:79:
df:9d:a2:73:19:52:d9:3d:45:cb:1a:f3:59:44:4b:
a7:da:a4:2f:4b:33:0a:ee:79:53:f5:9a:d0:3f:95:
9b:e5:d8:2e:a2:4a:84:2b:78:32:5a:5a:3b:f8:54:
a7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B7:74:FF:45:37:9A:D5:F9:E2:3D:A5:10:DA:AA:B4:69:E2:A2:BD
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207609.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:c080::/41
Signature Algorithm: sha256WithRSAEncryption
49:29:7e:bd:63:d0:6e:cd:e2:70:73:ae:ec:10:42:87:1e:16:
93:1c:6b:92:c6:69:0b:d2:7e:75:bb:18:ce:18:12:60:11:e0:
8b:c2:30:f9:2e:b3:28:88:73:46:75:d5:7b:bc:9e:f7:74:e5:
66:60:cf:48:e1:36:9b:24:45:83:30:27:1e:3a:72:1b:d3:6c:
71:32:82:92:31:03:f2:a3:c8:18:d1:15:41:28:34:94:68:06:
95:d9:ca:ca:12:08:eb:55:25:6a:54:77:f3:16:6e:d5:9b:d6:
a2:80:61:a9:5b:03:cd:60:ff:ce:5a:a6:bc:dc:b1:a5:fc:c0:
31:1a:30:27:6e:d8:24:ba:78:b1:09:85:c6:5f:ba:8e:97:60:
dc:6a:c1:93:d6:ef:31:05:32:7c:e0:8c:23:8d:84:85:21:b3:
5a:33:47:d9:37:c3:ab:a9:2e:6d:95:cb:a5:68:32:a4:30:81:
49:56:2e:06:0f:2a:3a:a4:de:17:ca:29:90:94:c2:9e:ce:10:
10:fd:47:09:f3:43:fb:da:77:b3:e6:db:19:38:c5:2e:e8:5c:
64:14:85:2d:2e:da:af:6d:66:90:b8:d2:1c:6a:98:a4:ee:47:
6f:5d:bb:cc:77:8e:ce:29:86:c6:c4:c0:28:7b:ed:92:cc:fb:
40:69:83:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUGx8IPyJEnfJeyTRCf8/KIUycKjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyMzdaFw0yNjA3MjQwODA3MzdaMDMxMTAvBgNV
BAMTKDc1Qjc3NEZGNDUzNzlBRDVGOUUyM0RBNTEwREFBQUI0NjlFMkEyQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmFQ7XNocLBIZ6DMorzrLUySFv
mRyrHyrhlqRFzbCAKsBF1xWtCvThKadNTjK1p2woF9m50o1v2FcaxZI3d/WRS3aF
XvuDoTfpUEIARolFAlZYfC9qCCgQ9iiUo9dsx6Q8LlKINNE7c6wFLyvMMwejk393
JtmVXbXlUu+52RP5Itnv4LSlwjJxt5p2qyL/JPWFwu2fopPzcBUNpQRHMKxdUv9M
nI+u+BxzHnIBDedBb0UlUKNIlNNbiwCk/56QfLSbXXWiaTJxC/zaNLcOp7Qred+d
onMZUtk9Rcsa81lES6fapC9LMwrueVP1mtA/lZvl2C6iSoQreDJaWjv4VKdPAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUdbd0/0U3mtX54j2lENqqtGnior0wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA3NjA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcHKg+F
wcCAMA0GCSqGSIb3DQEBCwUAA4IBAQBJKX69Y9BuzeJwc67sEEKHHhaTHGuSxmkL
0n51uxjOGBJgEeCLwjD5LrMoiHNGddV7vJ73dOVmYM9I4TabJEWDMCceOnIb02xx
MoKSMQPyo8gY0RVBKDSUaAaV2crKEgjrVSVqVHfzFm7Vm9aigGGpWwPNYP/OWqa8
3LGl/MAxGjAnbtgkunixCYXGX7qOl2DcasGT1u8xBTJ84IwjjYSFIbNaM0fZN8Or
qS5tlculaDKkMIFJVi4GDyo6pN4XyimQlMKezhAQ/UcJ80P72nez5tsZOMUu6Fxk
FIUtLtqvbWaQuNIcapik7kdvXbvMd47OKYbGxMAoe+2SzPtAaYP4
-----END CERTIFICATE-----
Generated at Thu Aug 7 11:21:17 2025 by rpki-client