Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214763.roa
File: AS214763.roa (raw, json)
Hash identifier: vfFDb7U88D3EzardLx51aAPldx1jYmfqOCi60f83o0s=
Subject key identifier: 3E:CF:98:DD:84:B2:3C:EF:EB:08:E0:92:AD:5C:53:B2:22:6E:24:D5
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2587A787B4A711BE579F08327BB9358E8F7F4E0D
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214763.roa
Signing time: Fri 25 Jul 2025 08:07:37 +0000
ROA not before: Fri 25 Jul 2025 08:02:37 +0000
ROA not after: Fri 24 Jul 2026 08:07:37 +0000
asID: 214763
IP address blocks: 2a0f:85c1:811::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:87:a7:87:b4:a7:11:be:57:9f:08:32:7b:b9:35:8e:8f:7f:4e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:37 2025 GMT
Not After : Jul 24 08:07:37 2026 GMT
Subject: CN=3ECF98DD84B23CEFEB08E092AD5C53B2226E24D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:33:37:53:e1:35:f3:58:13:50:fa:08:cd:80:
dc:96:86:a1:a0:08:3e:08:f3:f3:6b:3c:ca:a6:af:
d2:9c:b0:1d:66:19:8d:01:3c:9c:c4:4c:77:50:0d:
86:d9:46:24:d3:6b:63:65:00:4f:bc:4f:de:26:75:
53:9e:d7:80:89:17:7a:c4:27:10:20:e8:14:0a:0b:
40:eb:c7:5d:54:6b:36:b8:b2:10:7f:64:d9:53:6d:
b2:0a:1b:a1:45:9e:de:2e:ad:34:89:66:65:73:35:
2d:d8:64:cb:c4:12:45:eb:8d:a0:89:96:2f:eb:0b:
61:70:f3:92:be:fb:89:53:b8:2b:ae:08:a8:11:95:
64:54:c9:55:4f:c9:a3:98:6b:75:b1:7b:31:22:c3:
7c:17:0b:09:19:e4:ab:ad:ea:d7:9c:fd:ff:8c:c2:
08:00:74:cb:db:f9:98:28:c2:9f:33:3c:35:5e:cb:
6a:1a:be:b0:34:55:75:2c:8a:41:6f:97:24:6f:8b:
ff:92:a8:f2:ad:9e:65:a9:c2:30:1d:d8:d2:3c:34:
87:c7:14:4f:a3:d7:4f:a8:27:9e:72:92:b5:96:4c:
0c:62:19:e3:51:41:3c:e7:bd:77:d7:35:dd:15:e5:
31:4f:92:b2:21:24:2c:b1:c3:36:c6:dc:ac:85:36:
d3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:CF:98:DD:84:B2:3C:EF:EB:08:E0:92:AD:5C:53:B2:22:6E:24:D5
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214763.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:811::/48
Signature Algorithm: sha256WithRSAEncryption
79:9c:d9:4f:1e:1a:66:9c:85:6e:4c:0d:ad:f8:75:fc:ff:ff:
a1:69:a5:9d:d7:41:aa:6b:9f:f5:81:c6:1a:2e:35:f2:3c:59:
d5:82:34:8c:8f:7b:7d:a5:ed:72:70:f5:fb:22:23:25:7c:c8:
a0:92:df:6f:9c:3a:9c:60:62:67:10:76:01:61:d0:3e:8f:d3:
70:6f:8e:09:99:d8:53:91:a1:f1:07:5f:ef:e1:46:ab:31:31:
36:84:9c:dd:f1:ae:81:56:28:6c:de:df:f3:29:c2:30:e3:70:
ba:32:1c:a2:88:3c:f6:ce:38:03:f5:89:46:48:54:3d:96:d5:
46:e2:45:a1:9e:86:e3:06:f2:9c:ee:e6:f0:5d:45:58:09:51:
f3:35:38:8b:50:e7:c8:b2:9b:f4:f1:92:e5:6e:92:d3:c2:67:
9f:25:9b:49:e4:54:0b:e1:cf:b4:21:c0:1d:63:47:c9:ac:1f:
e3:6a:43:de:28:41:ae:95:08:02:59:5f:ad:9f:89:43:d5:76:
18:60:4c:5d:76:be:98:e8:60:19:3f:fa:16:ad:59:2c:2a:86:
39:b8:57:40:a2:12:68:4c:e6:44:3b:d9:53:a2:8c:ad:35:60:
41:cc:f7:41:72:4f:20:6b:3a:73:60:e6:f6:29:e2:d0:4a:de:
c5:10:2e:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUJYenh7SnEb5Xnwgye7k1jo9/Tg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyMzdaFw0yNjA3MjQwODA3MzdaMDMxMTAvBgNV
BAMTKDNFQ0Y5OEREODRCMjNDRUZFQjA4RTA5MkFENUM1M0IyMjI2RTI0RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEMzdT4TXzWBNQ+gjNgNyWhqGg
CD4I8/NrPMqmr9KcsB1mGY0BPJzETHdQDYbZRiTTa2NlAE+8T94mdVOe14CJF3rE
JxAg6BQKC0Drx11Uaza4shB/ZNlTbbIKG6FFnt4urTSJZmVzNS3YZMvEEkXrjaCJ
li/rC2Fw85K++4lTuCuuCKgRlWRUyVVPyaOYa3WxezEiw3wXCwkZ5Kut6tec/f+M
wggAdMvb+Zgowp8zPDVey2oavrA0VXUsikFvlyRvi/+SqPKtnmWpwjAd2NI8NIfH
FE+j10+oJ55ykrWWTAxiGeNRQTznvXfXNd0V5TFPkrIhJCyxwzbG3KyFNtO/AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUPs+Y3YSyPO/rCOCSrVxTsiJuJNUwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NzYzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgRMA0GCSqGSIb3DQEBCwUAA4IBAQB5nNlPHhpmnIVuTA2t+HX8//+haaWd10Gq
a5/1gcYaLjXyPFnVgjSMj3t9pe1ycPX7IiMlfMigkt9vnDqcYGJnEHYBYdA+j9Nw
b44JmdhTkaHxB1/v4UarMTE2hJzd8a6BVihs3t/zKcIw43C6MhyiiDz2zjgD9YlG
SFQ9ltVG4kWhnobjBvKc7ubwXUVYCVHzNTiLUOfIspv08ZLlbpLTwmefJZtJ5FQL
4c+0IcAdY0fJrB/jakPeKEGulQgCWV+tn4lD1XYYYExddr6Y6GAZP/oWrVksKoY5
uFdAohJoTOZEO9lTooytNWBBzPdBck8gazpzYOb2KeLQSt7FEC7n
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:19:08 2025 by rpki-client