Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214909.roa
File: AS214909.roa (raw, json)
Hash identifier: g/XBobuDGqwUwKUR9MeImI3J7XRX06Y1MF4J8FtUDpE=
Subject key identifier: 8B:62:91:98:CA:51:EB:11:18:3B:8A:5F:CD:7B:ED:9D:74:4F:33:2E
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 3050C6D6EB0A938D24EACF96D10BA53785615420
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214909.roa
Signing time: Fri 25 Jul 2025 08:07:36 +0000
ROA not before: Fri 25 Jul 2025 08:02:36 +0000
ROA not after: Fri 24 Jul 2026 08:07:36 +0000
asID: 214909
IP address blocks: 2a0f:85c1:3f7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:50:c6:d6:eb:0a:93:8d:24:ea:cf:96:d1:0b:a5:37:85:61:54:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:36 2025 GMT
Not After : Jul 24 08:07:36 2026 GMT
Subject: CN=8B629198CA51EB11183B8A5FCD7BED9D744F332E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:53:58:62:9c:f0:3a:9d:2a:30:d9:e0:54:5d:
63:68:51:55:70:0f:6c:67:c2:da:6b:96:67:9a:1c:
57:47:34:e5:0f:95:80:35:e3:f1:04:ae:31:2f:f4:
bc:1a:8a:14:94:b8:a3:4b:36:5e:f2:dd:0f:fe:29:
4d:38:11:72:4d:bc:bb:a7:0e:b4:d5:46:7c:da:16:
ae:b3:52:7e:46:13:c8:73:f1:0c:20:26:53:6d:4a:
8a:b2:74:c1:9e:d3:68:81:22:b4:06:4f:31:f9:47:
1a:39:5c:5c:66:66:d2:02:11:c5:63:f3:8a:04:b9:
0c:69:db:6a:9c:d0:5c:6e:79:73:cb:db:13:18:c2:
c8:62:99:29:d0:f2:c3:ba:e1:af:c3:56:e8:9a:42:
d8:ac:99:48:a4:bb:29:c8:07:c4:8d:14:56:9d:7c:
38:59:4d:b6:6c:25:69:89:3d:4e:53:97:d2:27:b1:
5c:79:be:e7:3c:a2:ec:e6:a8:d5:a1:5e:f8:d6:09:
66:8c:72:3e:57:34:6b:aa:80:d6:84:54:39:23:ed:
d8:ae:e7:5d:fd:9a:eb:d4:e2:4c:81:30:36:5d:5e:
0d:c0:0a:3a:6c:6b:16:8b:9e:7a:04:cc:8a:66:6a:
3e:a5:5a:ed:58:f7:1e:bc:d3:3f:1b:43:4d:5b:2d:
18:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:62:91:98:CA:51:EB:11:18:3B:8A:5F:CD:7B:ED:9D:74:4F:33:2E
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214909.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3f7::/48
Signature Algorithm: sha256WithRSAEncryption
01:d7:33:81:21:4c:f2:d9:9f:67:94:43:d6:75:45:cc:cb:c2:
20:05:8b:57:64:21:cb:7f:5b:19:e9:cd:0d:a6:af:7f:01:f9:
b1:05:b4:35:2f:da:9a:11:db:75:54:2d:32:87:f4:c6:1c:db:
07:6b:16:3e:ae:32:b0:a9:6b:28:94:d2:3b:3d:21:65:1f:7f:
86:9c:7c:04:97:5b:01:2d:4d:0c:15:a4:08:b4:97:ed:f6:6b:
89:c9:df:61:14:62:fb:db:5a:ce:b4:b5:fc:5e:88:11:7b:af:
d6:98:c2:b7:54:22:76:15:df:76:b0:7a:ad:8d:b6:48:55:c5:
40:8f:22:3b:c1:3c:d9:5f:68:06:a9:51:7e:ef:12:35:88:75:
21:96:72:15:50:7a:49:b7:a9:23:6f:6a:d2:61:cb:47:8f:07:
b2:d7:cb:51:e4:bc:47:9c:72:6c:be:ba:d6:af:48:62:2a:45:
8d:9b:97:12:04:75:37:c0:58:5d:78:65:17:a6:38:00:15:6f:
8d:6e:f7:1e:6f:7f:fb:23:01:b2:2d:4b:2d:76:11:e4:21:f7:
b3:5c:29:3b:05:9f:07:52:64:c7:7e:ab:0b:3d:0e:3e:26:d8:
6d:6b:45:48:4f:e2:bc:92:67:7f:e3:3c:eb:21:8a:6e:3a:09:
00:21:d4:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUMFDG1usKk40k6s+W0QulN4VhVCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyMzZaFw0yNjA3MjQwODA3MzZaMDMxMTAvBgNV
BAMTKDhCNjI5MTk4Q0E1MUVCMTExODNCOEE1RkNEN0JFRDlENzQ0RjMzMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1U1hinPA6nSow2eBUXWNoUVVw
D2xnwtprlmeaHFdHNOUPlYA14/EErjEv9LwaihSUuKNLNl7y3Q/+KU04EXJNvLun
DrTVRnzaFq6zUn5GE8hz8QwgJlNtSoqydMGe02iBIrQGTzH5Rxo5XFxmZtICEcVj
84oEuQxp22qc0FxueXPL2xMYwshimSnQ8sO64a/DVuiaQtismUikuynIB8SNFFad
fDhZTbZsJWmJPU5Tl9InsVx5vuc8ouzmqNWhXvjWCWaMcj5XNGuqgNaEVDkj7diu
5139muvU4kyBMDZdXg3ACjpsaxaLnnoEzIpmaj6lWu1Y9x680z8bQ01bLRhbAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUi2KRmMpR6xEYO4pfzXvtnXRPMy4wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0OTA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQP3MA0GCSqGSIb3DQEBCwUAA4IBAQAB1zOBIUzy2Z9nlEPWdUXMy8IgBYtXZCHL
f1sZ6c0Npq9/AfmxBbQ1L9qaEdt1VC0yh/TGHNsHaxY+rjKwqWsolNI7PSFlH3+G
nHwEl1sBLU0MFaQItJft9muJyd9hFGL721rOtLX8XogRe6/WmMK3VCJ2Fd92sHqt
jbZIVcVAjyI7wTzZX2gGqVF+7xI1iHUhlnIVUHpJt6kjb2rSYctHjwey18tR5LxH
nHJsvrrWr0hiKkWNm5cSBHU3wFhdeGUXpjgAFW+Nbvceb3/7IwGyLUstdhHkIfez
XCk7BZ8HUmTHfqsLPQ4+Jthta0VIT+K8kmd/4zzrIYpuOgkAIdSP
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:25:27 2025 by rpki-client