Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS211851.roa
File: AS211851.roa (raw, json)
Hash identifier: lijLJ4gXjsHC1PnXd1trs9EuGcqKwhGHoNGlzcdMGnc=
Subject key identifier: 13:0F:54:F6:30:06:AE:20:FA:52:F0:20:C1:DE:EA:34:ED:AE:D2:15
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 69A0A9563E26B9709730872377C1FD57F23FF424
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS211851.roa
Signing time: Mon 09 Feb 2026 23:08:22 +0000
ROA not before: Mon 09 Feb 2026 23:03:22 +0000
ROA not after: Mon 08 Feb 2027 23:08:22 +0000
asID: 211851
IP address blocks: 2a0f:85c1:bb6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:a0:a9:56:3e:26:b9:70:97:30:87:23:77:c1:fd:57:f2:3f:f4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Feb 9 23:03:22 2026 GMT
Not After : Feb 8 23:08:22 2027 GMT
Subject: CN=130F54F63006AE20FA52F020C1DEEA34EDAED215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b3:4e:d9:4c:02:94:2d:2d:11:f4:57:e2:36:
22:0b:81:59:1c:8d:84:ba:9d:12:e8:8f:0d:cb:bc:
40:28:13:a1:9f:87:f5:77:14:00:5c:ab:43:58:42:
d8:d2:0b:23:42:86:9f:60:e1:19:53:66:b6:6e:a4:
53:5a:f2:33:7c:90:a6:79:eb:5d:d8:23:11:7a:97:
87:df:8b:43:a8:4d:db:d1:57:d5:c0:a5:88:dd:06:
64:47:d8:cc:4d:ae:c7:28:22:44:7d:0d:f4:b9:50:
15:47:03:73:fd:97:b6:bf:2a:e7:43:bc:a4:1a:35:
7e:81:4d:58:90:03:d3:d7:20:f3:47:76:22:c3:e3:
d0:05:5c:24:34:a9:5e:b4:af:70:7e:da:07:9e:79:
f5:39:7b:90:df:0d:26:35:ce:1e:c8:e6:5c:ba:d7:
66:47:36:8c:73:29:81:2e:d4:53:24:63:11:64:54:
6f:49:b9:db:db:e2:b4:a7:6c:2d:cf:14:6a:ed:97:
43:0e:0f:68:93:44:f6:fd:00:10:88:77:31:30:24:
15:73:5b:7b:73:df:b2:50:d4:40:ee:3e:34:6d:5f:
a3:62:03:0b:05:45:e4:78:dd:2b:93:cb:9c:84:84:
fe:47:6d:fc:2f:8a:b8:f2:50:ae:b3:0e:dd:2c:97:
d2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:0F:54:F6:30:06:AE:20:FA:52:F0:20:C1:DE:EA:34:ED:AE:D2:15
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS211851.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:bb6::/48
Signature Algorithm: sha256WithRSAEncryption
43:9c:07:c2:d6:9e:41:57:48:73:a0:14:6e:65:8c:4c:a9:93:
ac:91:40:41:b0:ce:28:dc:e8:38:e1:b9:b8:98:c5:df:71:df:
3f:b0:77:05:7b:40:db:fe:44:b5:b9:82:70:fe:f3:52:23:d9:
c6:8d:9f:f1:d2:7d:ca:76:dc:48:02:42:8d:2e:4c:a1:2a:8b:
55:86:c9:c2:fe:23:f9:e8:cb:cd:4b:6c:2d:34:37:e1:c3:24:
04:ef:35:64:63:53:ed:41:8d:0a:5f:e1:02:e1:7a:74:57:7e:
36:44:8f:a8:f7:ec:f9:bf:ba:18:a4:29:65:5b:6e:7b:34:4b:
67:2f:02:ff:52:61:08:59:ba:32:3b:92:e0:09:2b:f0:93:76:
25:99:c3:6f:e3:0d:1e:00:95:d7:ee:2c:37:96:7a:61:c0:2b:
78:5c:44:ad:49:41:06:05:a5:6e:7a:40:aa:53:36:b8:67:67:
5a:1d:bc:24:fc:cb:4a:a5:03:ba:b0:69:82:f2:46:a3:9e:5f:
df:37:2a:28:32:c8:10:ed:49:2a:a6:a3:6d:a4:63:86:5e:d9:
20:66:d1:a0:bc:3c:8a:aa:73:9d:da:25:9d:89:4b:36:e2:87:
38:0b:c8:26:7f:ee:6f:33:4b:57:ed:86:39:74:3d:cd:77:f1:
4e:5d:0f:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUaaCpVj4muXCXMIcjd8H9V/I/9CQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjAyMDkyMzAzMjJaFw0yNzAyMDgyMzA4MjJaMDMxMTAvBgNV
BAMTKDEzMEY1NEY2MzAwNkFFMjBGQTUyRjAyMEMxREVFQTM0RURBRUQyMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1s07ZTAKULS0R9FfiNiILgVkc
jYS6nRLojw3LvEAoE6Gfh/V3FABcq0NYQtjSCyNChp9g4RlTZrZupFNa8jN8kKZ5
613YIxF6l4ffi0OoTdvRV9XApYjdBmRH2MxNrscoIkR9DfS5UBVHA3P9l7a/KudD
vKQaNX6BTViQA9PXIPNHdiLD49AFXCQ0qV60r3B+2geeefU5e5DfDSY1zh7I5ly6
12ZHNoxzKYEu1FMkYxFkVG9Judvb4rSnbC3PFGrtl0MOD2iTRPb9ABCIdzEwJBVz
W3tz37JQ1EDuPjRtX6NiAwsFReR43SuTy5yEhP5HbfwvirjyUK6zDt0sl9JLAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUEw9U9jAGriD6UvAgwd7qNO2u0hUwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjExODUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQu2MA0GCSqGSIb3DQEBCwUAA4IBAQBDnAfC1p5BV0hzoBRuZYxMqZOskUBBsM4o
3Og44bm4mMXfcd8/sHcFe0Db/kS1uYJw/vNSI9nGjZ/x0n3KdtxIAkKNLkyhKotV
hsnC/iP56MvNS2wtNDfhwyQE7zVkY1PtQY0KX+EC4Xp0V342RI+o9+z5v7oYpCll
W257NEtnLwL/UmEIWboyO5LgCSvwk3YlmcNv4w0eAJXX7iw3lnphwCt4XEStSUEG
BaVuekCqUza4Z2daHbwk/MtKpQO6sGmC8kajnl/fNyooMsgQ7UkqpqNtpGOGXtkg
ZtGgvDyKqnOd2iWdiUs24oc4C8gmf+5vM0tX7YY5dD3Nd/FOXQ/w
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:16:01 2026 by rpki-client