
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214522.roa
File: AS214522.roa (raw, json)
Hash identifier: SF12HePRV2I0njLKq6S30mq3/ToEmRzzc1ZqBOya3lg=
Subject key identifier: DA:A8:54:1E:C6:CA:74:0B:41:3A:44:5F:75:E9:0B:E9:E3:3C:6A:0B
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 5A3E41078A992F071FC6A26FA956466310550098
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214522.roa
Signing time: Fri 25 Jul 2025 08:07:43 +0000
ROA not before: Fri 25 Jul 2025 08:02:43 +0000
ROA not after: Fri 24 Jul 2026 08:07:43 +0000
asID: 214522
IP address blocks: 2a0f:85c1:3f4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:3e:41:07:8a:99:2f:07:1f:c6:a2:6f:a9:56:46:63:10:55:00:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:43 2025 GMT
Not After : Jul 24 08:07:43 2026 GMT
Subject: CN=DAA8541EC6CA740B413A445F75E90BE9E33C6A0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:11:56:f2:67:e9:fe:20:7b:33:f2:73:aa:49:
a5:be:66:9a:ec:81:6a:a2:b5:43:c9:92:76:f1:49:
a5:3f:92:14:f6:06:8a:21:c6:7c:bc:f6:63:4d:d0:
7c:b9:36:2d:34:e8:a1:d5:95:8f:8b:aa:cf:b7:d8:
39:37:89:7b:ff:c8:3b:58:a7:31:00:52:ea:e8:84:
04:53:2d:de:28:63:85:6a:2d:f1:05:f0:55:bf:08:
ff:dc:78:82:d1:e0:e1:0a:45:db:3d:4d:c6:fb:5e:
73:ea:36:f6:26:ae:16:f2:58:a8:37:b3:c4:36:5f:
6b:14:88:09:68:ee:67:17:73:ea:08:0c:36:e7:41:
6b:e9:e6:03:90:08:64:63:d3:bc:b5:e7:3f:d0:eb:
86:99:a6:4f:b5:6f:b6:73:6a:b1:f6:3b:5c:49:02:
eb:98:ba:39:2a:a3:dd:ba:90:6f:bb:73:d0:c0:1e:
e5:a0:43:f3:15:4b:0a:c0:d6:2c:e8:60:a3:cc:12:
5b:d6:06:a0:f9:40:1e:49:14:1d:a9:96:a6:29:8c:
e7:be:f0:c2:cd:bd:88:89:47:e5:56:d4:c4:7a:9e:
0f:8b:75:e1:89:d1:06:ad:6d:0b:0b:f5:ae:a7:67:
3c:5e:f3:1f:4b:52:5c:3b:4f:4a:71:94:19:5e:33:
3e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A8:54:1E:C6:CA:74:0B:41:3A:44:5F:75:E9:0B:E9:E3:3C:6A:0B
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214522.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3f4::/48
Signature Algorithm: sha256WithRSAEncryption
50:c4:a8:c0:94:c7:c0:1c:00:70:b2:51:e0:cd:b2:52:ed:6d:
2d:4f:96:8a:d1:69:b3:2c:ac:15:95:88:87:26:fb:7f:61:86:
62:dd:4e:51:22:09:84:df:31:6a:26:ed:e7:e3:4b:51:93:62:
b5:20:f5:4e:5b:6b:11:af:48:77:c4:4c:69:e3:91:c0:3d:a4:
64:fd:b9:cb:2a:66:ec:38:d5:9c:dd:7a:80:f3:50:1c:d0:ef:
54:7d:ba:13:47:32:52:7f:5b:90:0d:08:c7:de:e9:7b:ce:d9:
d8:13:80:db:c1:aa:fb:37:48:c4:13:44:ec:50:ff:f1:25:82:
7c:43:c5:29:ad:9f:70:4f:d9:0c:7a:55:cb:79:5a:f9:53:f3:
60:c1:d6:30:e6:4e:f0:40:db:6e:56:fa:3f:06:a6:d7:b2:6f:
b7:56:1e:ad:7f:9e:d7:55:a4:a6:7f:76:c1:24:b3:bc:f6:4f:
03:b3:0a:c4:ff:d9:bf:fb:4f:3c:12:89:29:56:08:be:d4:cf:
de:b0:c3:f9:65:e2:41:4a:ae:4c:e1:09:a1:8c:15:bf:8b:2e:
63:33:6e:6f:44:62:15:59:22:4c:14:20:2f:b3:b2:24:11:49:
06:1a:20:c3:76:12:90:9a:76:4d:36:d0:d3:97:bd:4b:e9:4c:
79:af:c6:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUWj5BB4qZLwcfxqJvqVZGYxBVAJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyNDNaFw0yNjA3MjQwODA3NDNaMDMxMTAvBgNV
BAMTKERBQTg1NDFFQzZDQTc0MEI0MTNBNDQ1Rjc1RTkwQkU5RTMzQzZBMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuEVbyZ+n+IHsz8nOqSaW+Zprs
gWqitUPJknbxSaU/khT2Boohxny89mNN0Hy5Ni006KHVlY+Lqs+32Dk3iXv/yDtY
pzEAUurohARTLd4oY4VqLfEF8FW/CP/ceILR4OEKRds9Tcb7XnPqNvYmrhbyWKg3
s8Q2X2sUiAlo7mcXc+oIDDbnQWvp5gOQCGRj07y15z/Q64aZpk+1b7ZzarH2O1xJ
AuuYujkqo926kG+7c9DAHuWgQ/MVSwrA1izoYKPMElvWBqD5QB5JFB2plqYpjOe+
8MLNvYiJR+VW1MR6ng+LdeGJ0QatbQsL9a6nZzxe8x9LUlw7T0pxlBleMz75AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU2qhUHsbKdAtBOkRfdekL6eM8agswHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NTIyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQP0MA0GCSqGSIb3DQEBCwUAA4IBAQBQxKjAlMfAHABwslHgzbJS7W0tT5aK0Wmz
LKwVlYiHJvt/YYZi3U5RIgmE3zFqJu3n40tRk2K1IPVOW2sRr0h3xExp45HAPaRk
/bnLKmbsONWc3XqA81Ac0O9UfboTRzJSf1uQDQjH3ul7ztnYE4Dbwar7N0jEE0Ts
UP/xJYJ8Q8UprZ9wT9kMelXLeVr5U/NgwdYw5k7wQNtuVvo/BqbXsm+3Vh6tf57X
VaSmf3bBJLO89k8DswrE/9m/+088EokpVgi+1M/esMP5ZeJBSq5M4QmhjBW/iy5j
M25vRGIVWSJMFCAvs7IkEUkGGiDDdhKQmnZNNtDTl71L6Ux5r8bB
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:13:10 2025 by rpki-client