Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213408.roa
File: AS213408.roa (raw, json)
Hash identifier: KlyY0+ik+xuRKMFBQcMtKHf8Z+qSVRMJjjMD3qAj/4s=
Subject key identifier: 76:E4:F8:62:37:98:01:CE:24:D8:87:71:C3:F8:64:EF:74:E1:BE:DF
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 4C2DA1002B970A8A51C57D11F4C3154F605DAC60
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213408.roa
Signing time: Tue 03 Feb 2026 18:08:21 +0000
ROA not before: Tue 03 Feb 2026 18:03:21 +0000
ROA not after: Tue 02 Feb 2027 18:08:21 +0000
asID: 213408
IP address blocks: 2a0f:85c1:ba2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:2d:a1:00:2b:97:0a:8a:51:c5:7d:11:f4:c3:15:4f:60:5d:ac:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Feb 3 18:03:21 2026 GMT
Not After : Feb 2 18:08:21 2027 GMT
Subject: CN=76E4F862379801CE24D88771C3F864EF74E1BEDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:03:a8:69:01:17:46:1b:be:27:4c:09:ca:da:
e5:e9:49:b8:33:f5:32:99:c5:0b:b1:11:3f:68:27:
83:66:07:fe:08:7a:89:73:f9:f1:0c:e8:39:07:fb:
22:b4:de:7f:16:36:f5:96:3f:ff:fa:d1:b9:39:7a:
ff:99:aa:5e:03:78:f3:c5:9c:3b:e8:6e:42:8e:9f:
b4:7c:db:f3:46:5b:51:a8:c1:6f:c5:63:4e:95:6b:
29:6a:5d:a0:c5:81:20:f1:8b:91:9c:01:7c:ef:f8:
aa:2a:b4:14:40:a6:18:a6:b2:1a:07:5a:81:9a:44:
48:7d:f2:cd:86:b0:83:96:fe:66:22:55:e8:c3:d3:
b5:c3:a3:44:f0:a8:3e:e2:ac:e8:07:13:d1:05:ed:
bb:b4:29:3c:7c:4d:35:ee:d7:98:ad:0a:3f:48:76:
1e:eb:0b:06:44:53:d6:f8:68:0f:cc:b3:4e:91:28:
44:60:85:ef:07:4b:66:67:4b:73:e1:d3:f0:b1:06:
db:8e:19:6e:e2:e7:50:eb:bb:99:1c:24:d2:85:3d:
10:d9:96:67:5d:2e:b6:7b:47:a5:4c:77:24:fa:80:
3b:b3:9f:8e:2f:3b:c8:11:e5:fc:25:1f:a7:7d:d2:
6c:e7:43:e4:f6:52:b2:bd:3a:c3:de:9c:6b:d8:27:
2b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E4:F8:62:37:98:01:CE:24:D8:87:71:C3:F8:64:EF:74:E1:BE:DF
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213408.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:ba2::/48
Signature Algorithm: sha256WithRSAEncryption
7e:ed:b7:8d:f5:c7:f4:ce:cf:fa:d1:a3:43:ce:13:1b:86:9f:
6b:77:2e:86:dc:b7:a2:9b:0a:4f:4d:2d:19:11:d0:7e:bc:de:
ff:cc:d4:9b:6b:7b:17:85:46:af:21:be:0e:48:6b:29:bd:99:
1f:46:c4:f8:b2:24:98:3e:7b:0e:f3:b7:94:b2:83:27:59:6c:
b1:87:18:cb:35:5d:c6:5f:a1:cf:b2:48:f8:71:d1:dd:65:d8:
72:e1:e0:59:a5:89:0f:1d:3a:c5:4d:da:44:64:1a:2a:20:8a:
dc:15:68:ff:4d:73:62:e5:87:5f:0b:21:3e:74:27:a8:50:72:
2a:66:b0:dc:f8:42:8a:74:b3:8f:af:fd:10:b3:4d:16:8a:f7:
0f:31:60:d5:3e:8f:48:be:9a:18:bd:b6:97:40:fb:1b:10:e5:
93:37:34:01:e0:b1:f9:c3:28:c8:95:d7:d0:5c:cb:83:dc:35:
62:e9:4e:39:c5:cc:84:1a:19:40:9a:07:1d:1c:0f:bf:b7:98:
6f:b9:7b:e7:4d:3b:14:40:fc:64:f2:c8:d8:0b:c9:2b:f5:ee:
0e:65:d1:d5:04:c2:2c:c4:52:67:42:0a:5a:61:5e:23:14:1b:
f3:a8:ec:63:b0:19:84:d6:aa:68:14:98:f1:47:4b:16:ab:e9:
04:e3:47:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUTC2hACuXCopRxX0R9MMVT2BdrGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjAyMDMxODAzMjFaFw0yNzAyMDIxODA4MjFaMDMxMTAvBgNV
BAMTKDc2RTRGODYyMzc5ODAxQ0UyNEQ4ODc3MUMzRjg2NEVGNzRFMUJFREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAA6hpARdGG74nTAnK2uXpSbgz
9TKZxQuxET9oJ4NmB/4Ieolz+fEM6DkH+yK03n8WNvWWP//60bk5ev+Zql4DePPF
nDvobkKOn7R82/NGW1GowW/FY06VaylqXaDFgSDxi5GcAXzv+KoqtBRAphimshoH
WoGaREh98s2GsIOW/mYiVejD07XDo0TwqD7irOgHE9EF7bu0KTx8TTXu15itCj9I
dh7rCwZEU9b4aA/Ms06RKERghe8HS2ZnS3Ph0/CxBtuOGW7i51Dru5kcJNKFPRDZ
lmddLrZ7R6VMdyT6gDuzn44vO8gR5fwlH6d90mznQ+T2UrK9OsPenGvYJyvFAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUduT4YjeYAc4k2Idxw/hk73Thvt8wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEzNDA4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQuiMA0GCSqGSIb3DQEBCwUAA4IBAQB+7beN9cf0zs/60aNDzhMbhp9rdy6G3Lei
mwpPTS0ZEdB+vN7/zNSba3sXhUavIb4OSGspvZkfRsT4siSYPnsO87eUsoMnWWyx
hxjLNV3GX6HPskj4cdHdZdhy4eBZpYkPHTrFTdpEZBoqIIrcFWj/TXNi5YdfCyE+
dCeoUHIqZrDc+EKKdLOPr/0Qs00WivcPMWDVPo9IvpoYvbaXQPsbEOWTNzQB4LH5
wyjIldfQXMuD3DVi6U45xcyEGhlAmgcdHA+/t5hvuXvnTTsUQPxk8sjYC8kr9e4O
ZdHVBMIsxFJnQgpaYV4jFBvzqOxjsBmE1qpoFJjxR0sWq+kE40en
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:48:14 2026 by rpki-client