Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213864.roa
File: AS213864.roa (raw, json)
Hash identifier: 8r74rrLBiXjJyq8pROKqlNtini+rdlaKn6HCW0EtN6Y=
Subject key identifier: 6F:19:11:21:05:32:4A:D1:49:E5:B7:64:5F:B6:79:05:A7:76:64:58
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 545EDA0F48E3B630CCF292859D8056DB8DA77FDC
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213864.roa
Signing time: Tue 28 Oct 2025 03:07:57 +0000
ROA not before: Tue 28 Oct 2025 03:02:57 +0000
ROA not after: Tue 27 Oct 2026 03:07:57 +0000
asID: 213864
IP address blocks: 2a0f:85c1:8f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:5e:da:0f:48:e3:b6:30:cc:f2:92:85:9d:80:56:db:8d:a7:7f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Oct 28 03:02:57 2025 GMT
Not After : Oct 27 03:07:57 2026 GMT
Subject: CN=6F19112105324AD149E5B7645FB67905A7766458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:60:f7:ec:5c:42:d7:d4:f4:5e:19:d2:00:72:
81:30:50:be:b1:1b:b6:2e:2a:d2:64:0c:df:e0:f2:
36:ab:a6:cb:e0:aa:fd:8f:65:51:54:f5:8d:11:f8:
c3:f8:49:5e:54:7f:9f:80:7b:f9:27:db:5d:d9:9e:
c9:94:9c:b3:41:c3:c5:47:9b:e2:aa:89:1b:aa:ac:
6f:ad:0a:30:79:e2:b2:86:b8:3e:80:45:f9:ac:78:
3f:08:04:c7:4b:73:4a:6a:3d:2c:33:e3:14:ab:6b:
06:96:1b:15:98:83:57:ef:6d:f7:ba:46:e4:2a:1a:
05:71:b8:1c:94:34:89:17:6c:3e:d4:3e:f4:5e:c8:
00:1a:74:55:15:9e:51:a9:77:a7:1f:d6:e1:15:1f:
fa:17:45:e3:22:fa:c0:ab:8e:a6:83:d7:86:75:f0:
15:fa:c1:a1:f2:4c:85:e5:fd:f9:d8:9a:75:57:da:
24:a7:6d:78:d6:9e:05:44:cf:9f:1f:77:07:1e:6e:
b3:25:c2:10:e1:77:de:e6:ab:78:22:b8:4f:61:70:
99:cc:55:4c:46:6d:84:69:61:3b:f2:34:ca:23:0b:
cd:be:de:06:11:76:32:d7:ca:f4:bc:0a:96:34:30:
d9:5a:24:cf:d2:d9:8e:f5:fd:62:66:d8:e3:61:29:
a4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:19:11:21:05:32:4A:D1:49:E5:B7:64:5F:B6:79:05:A7:76:64:58
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213864.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:8f0::/48
Signature Algorithm: sha256WithRSAEncryption
82:d1:07:2c:fb:0d:91:71:55:63:4b:57:68:3c:4c:1d:ce:99:
6e:b8:81:eb:e4:db:4c:d2:a3:e6:da:10:9c:96:b0:e3:27:19:
9a:1d:2a:85:83:19:58:0f:a5:0c:c8:fe:d3:48:99:fe:bb:d0:
a4:fb:32:4f:7d:7d:d6:77:86:e1:4a:7c:05:cf:50:3b:7a:a4:
89:3e:32:8c:40:52:13:58:9d:be:4d:0a:86:4a:39:a4:08:52:
66:8d:91:b5:7a:e1:70:5b:f2:ae:53:86:7c:47:d8:4e:97:d8:
af:54:19:d2:5f:e9:e5:51:e9:7a:f1:fb:70:d7:18:07:8d:fd:
5c:00:a7:a4:a1:3f:6f:f0:bb:50:03:fc:8f:df:ee:45:32:dc:
e2:8c:0a:a4:97:74:7b:83:4d:6e:57:91:24:25:0b:24:f6:21:
8c:01:89:48:a4:4d:9c:46:9d:18:4d:9f:8c:7a:64:e5:9a:b1:
94:00:b1:f2:87:a1:61:a4:5a:cb:df:a1:40:cb:04:70:cd:4b:
99:83:05:c5:59:d8:2d:4b:dc:fa:e5:63:f9:fb:6c:be:0f:8b:
d1:99:f1:38:ac:d8:81:04:73:62:53:84:ea:ec:ab:1f:11:2e:
f7:33:36:e8:bd:4c:ad:d1:2a:ad:02:a9:04:97:61:0b:63:24:
7c:c7:ad:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUVF7aD0jjtjDM8pKFnYBW242nf9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTEwMjgwMzAyNTdaFw0yNjEwMjcwMzA3NTdaMDMxMTAvBgNV
BAMTKDZGMTkxMTIxMDUzMjRBRDE0OUU1Qjc2NDVGQjY3OTA1QTc3NjY0NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuYPfsXELX1PReGdIAcoEwUL6x
G7YuKtJkDN/g8jarpsvgqv2PZVFU9Y0R+MP4SV5Uf5+Ae/kn213ZnsmUnLNBw8VH
m+KqiRuqrG+tCjB54rKGuD6ARfmseD8IBMdLc0pqPSwz4xSrawaWGxWYg1fvbfe6
RuQqGgVxuByUNIkXbD7UPvReyAAadFUVnlGpd6cf1uEVH/oXReMi+sCrjqaD14Z1
8BX6waHyTIXl/fnYmnVX2iSnbXjWngVEz58fdwcebrMlwhDhd97mq3giuE9hcJnM
VUxGbYRpYTvyNMojC82+3gYRdjLXyvS8CpY0MNlaJM/S2Y71/WJm2ONhKaQXAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUbxkRIQUyStFJ5bdkX7Z5Bad2ZFgwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEzODY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQjwMA0GCSqGSIb3DQEBCwUAA4IBAQCC0Qcs+w2RcVVjS1doPEwdzpluuIHr5NtM
0qPm2hCclrDjJxmaHSqFgxlYD6UMyP7TSJn+u9Ck+zJPfX3Wd4bhSnwFz1A7eqSJ
PjKMQFITWJ2+TQqGSjmkCFJmjZG1euFwW/KuU4Z8R9hOl9ivVBnSX+nlUel68ftw
1xgHjf1cAKekoT9v8LtQA/yP3+5FMtzijAqkl3R7g01uV5EkJQsk9iGMAYlIpE2c
Rp0YTZ+MemTlmrGUALHyh6FhpFrL36FAywRwzUuZgwXFWdgtS9z65WP5+2y+D4vR
mfE4rNiBBHNiU4Tq7KsfES73MzbovUyt0SqtAqkEl2ELYyR8x60a
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:02:01 2025 by rpki-client