Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209188.roa
File: AS209188.roa (raw, json)
Hash identifier: K0I6EsfKBAEmAMXLFdMfhLdE9unRDna130sJkPpPQ6w=
Subject key identifier: 91:C1:0D:E4:1D:D7:68:48:AB:35:BE:4A:EF:23:A3:D5:8E:BC:BA:21
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 46C4C49B44461016C5353274F68E4B47E922E708
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209188.roa
Signing time: Fri 25 Jul 2025 08:07:36 +0000
ROA not before: Fri 25 Jul 2025 08:02:36 +0000
ROA not after: Fri 24 Jul 2026 08:07:36 +0000
asID: 209188
IP address blocks: 2a0f:85c1:200::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:c4:c4:9b:44:46:10:16:c5:35:32:74:f6:8e:4b:47:e9:22:e7:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:36 2025 GMT
Not After : Jul 24 08:07:36 2026 GMT
Subject: CN=91C10DE41DD76848AB35BE4AEF23A3D58EBCBA21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:48:bc:3e:55:9b:c4:ce:17:86:3c:7d:ea:
9d:c3:28:07:1b:fa:ca:d8:4b:0a:02:fa:b4:fa:66:
ed:25:b5:a6:9d:53:fe:30:2b:57:27:f7:56:94:08:
da:30:dd:b6:24:e7:00:2b:68:51:81:c0:13:e3:d5:
38:0c:2a:04:c8:3e:04:fb:f4:09:ef:81:28:1a:7c:
7d:3c:02:2f:82:89:fa:a3:74:72:4b:08:8f:7a:fd:
73:e8:de:75:e9:a9:09:02:c8:9a:91:9c:34:e7:b3:
af:4f:d2:b1:1c:5a:86:e6:53:8a:3b:5a:36:df:4b:
3d:1e:7b:f3:80:5b:79:a4:1d:a0:c4:fe:ca:6c:32:
d7:f0:3d:a9:1d:7f:91:e3:d4:5a:99:94:70:ed:0d:
52:0b:37:07:14:3f:71:2a:26:33:4d:ce:63:28:03:
6e:50:03:0d:e1:a5:f7:9b:88:45:6c:32:03:d2:d1:
c3:71:51:e9:ac:b1:b5:e5:79:fd:35:b6:05:27:44:
05:e0:57:59:de:49:4a:b0:48:4f:0a:93:8d:14:a1:
cd:52:fd:4a:a0:53:b8:26:bf:5f:8f:83:e5:01:d0:
5e:47:5b:b5:96:91:9f:67:ec:15:71:84:b4:bb:3b:
2e:eb:fb:b3:ad:61:35:b3:cd:8b:9b:c4:2c:a0:28:
1e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C1:0D:E4:1D:D7:68:48:AB:35:BE:4A:EF:23:A3:D5:8E:BC:BA:21
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209188.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:200::/44
Signature Algorithm: sha256WithRSAEncryption
02:a7:68:2a:3a:6a:81:5d:ec:02:58:89:81:0d:8f:74:ef:36:
d3:c3:c6:4a:2f:e8:ed:e8:c8:05:8a:8b:6e:56:e2:83:c5:c6:
e1:3c:a2:40:83:b2:1a:11:7b:ce:68:02:8f:fc:df:59:a3:01:
5c:fa:13:ff:6a:ea:96:e9:19:fc:f0:7c:44:04:1e:96:84:ed:
cb:2d:00:da:c2:a9:28:51:ee:2a:0d:35:23:6e:9b:b4:c7:99:
66:5c:58:b3:72:0c:6f:7f:2a:91:4a:72:19:7f:7c:b5:4c:63:
6f:81:db:e7:9b:e8:3d:67:7b:a9:ef:9d:61:21:ee:f1:1f:c3:
13:b6:cc:7e:5a:a0:a8:71:59:3a:c4:34:73:38:8f:d5:0a:a3:
77:9a:6a:c4:61:e2:11:a3:6f:97:c2:7e:b1:f4:fe:cd:fe:35:
0a:cb:97:c2:4f:f0:ee:53:5f:6c:48:92:82:12:9a:88:75:0b:
f2:04:52:46:38:e1:15:17:e9:28:cc:ea:c6:f0:9b:0b:13:61:
8b:49:cf:1e:23:32:88:fd:66:4a:b4:9c:4a:af:4c:77:45:59:
82:b7:a9:5b:eb:60:7b:3e:09:60:07:c8:1a:22:7d:ad:71:6c:
0b:d9:18:01:0a:39:a7:4d:db:d8:29:ad:26:81:e3:31:36:e7:
c9:13:4f:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIURsTEm0RGEBbFNTJ09o5LR+ki5wgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyMzZaFw0yNjA3MjQwODA3MzZaMDMxMTAvBgNV
BAMTKDkxQzEwREU0MURENzY4NDhBQjM1QkU0QUVGMjNBM0Q1OEVCQ0JBMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDISEi8PlWbxM4Xhjx96p3DKAcb
+srYSwoC+rT6Zu0ltaadU/4wK1cn91aUCNow3bYk5wAraFGBwBPj1TgMKgTIPgT7
9AnvgSgafH08Ai+CifqjdHJLCI96/XPo3nXpqQkCyJqRnDTns69P0rEcWobmU4o7
WjbfSz0ee/OAW3mkHaDE/spsMtfwPakdf5Hj1FqZlHDtDVILNwcUP3EqJjNNzmMo
A25QAw3hpfebiEVsMgPS0cNxUemssbXlef01tgUnRAXgV1neSUqwSE8Kk40Uoc1S
/UqgU7gmv1+Pg+UB0F5HW7WWkZ9n7BVxhLS7Oy7r+7OtYTWzzYubxCygKB4TAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUkcEN5B3XaEirNb5K7yOj1Y68uiEwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA5MTg4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+F
wQIAMA0GCSqGSIb3DQEBCwUAA4IBAQACp2gqOmqBXewCWImBDY907zbTw8ZKL+jt
6MgFiotuVuKDxcbhPKJAg7IaEXvOaAKP/N9ZowFc+hP/auqW6Rn88HxEBB6WhO3L
LQDawqkoUe4qDTUjbpu0x5lmXFizcgxvfyqRSnIZf3y1TGNvgdvnm+g9Z3up751h
Ie7xH8MTtsx+WqCocVk6xDRzOI/VCqN3mmrEYeIRo2+Xwn6x9P7N/jUKy5fCT/Du
U19sSJKCEpqIdQvyBFJGOOEVF+kozOrG8JsLE2GLSc8eIzKI/WZKtJxKr0x3RVmC
t6lb62B7PglgB8gaIn2tcWwL2RgBCjmnTdvYKa0mgeMxNufJE09J
-----END CERTIFICATE-----
Generated at Thu Aug 7 12:58:00 2025 by rpki-client