Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS207317.roa
File: AS207317.roa (raw, json)
Hash identifier: Oe8QiwJybMWb6haOGIz17i8yKn3O+2X2E8KMV+gDPCA=
Subject key identifier: 8C:2F:EC:12:9E:C3:9F:6D:82:4E:56:E1:5F:50:14:10:5C:9E:FA:83
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 489AB5090B27CF438A9C0B3D0071F82A28D4F052
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS207317.roa
Signing time: Tue 10 Jun 2025 11:51:05 +0000
ROA not before: Tue 10 Jun 2025 11:46:05 +0000
ROA not after: Tue 09 Jun 2026 11:51:05 +0000
asID: 207317
IP address blocks: 2a14:7580:fff4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:9a:b5:09:0b:27:cf:43:8a:9c:0b:3d:00:71:f8:2a:28:d4:f0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 10 11:46:05 2025 GMT
Not After : Jun 9 11:51:05 2026 GMT
Subject: CN=8C2FEC129EC39F6D824E56E15F5014105C9EFA83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:24:f4:ff:e8:72:66:f2:8b:e5:91:ff:5d:29:
f6:a8:a4:cd:0a:7c:ed:a5:33:44:13:56:09:b6:c6:
07:6c:8a:90:0a:d9:29:6a:db:00:77:2f:e4:6b:f7:
34:a0:89:88:1e:29:44:55:fe:6d:03:27:75:87:93:
ce:ee:f0:76:95:d2:e0:89:9b:61:b7:02:54:08:49:
99:51:47:cd:11:b2:13:a8:47:14:e3:97:86:36:7d:
45:76:c1:f1:6c:15:2a:38:cd:a3:54:c1:64:c3:60:
44:48:79:26:5b:5c:b1:57:39:37:2d:dc:e9:be:f3:
b4:95:c1:03:87:4d:8e:b1:da:d8:5f:61:bd:95:bf:
62:bc:4b:25:08:28:e3:d9:71:56:d1:81:18:68:8b:
f0:01:49:e7:7c:b7:67:26:da:6f:d1:dd:af:36:1e:
b6:0d:43:a1:7b:02:c6:02:ab:87:c1:8f:8c:02:4a:
b0:a8:d5:13:66:b7:12:a1:df:26:ad:72:56:a6:2c:
b2:9f:86:6a:ca:9b:3e:9d:02:33:b1:22:6d:35:33:
92:36:0b:b5:f8:a9:84:60:19:d4:fc:47:e6:1c:07:
99:40:09:b9:e2:3a:7d:1d:61:84:22:52:f4:fd:7d:
4a:40:40:aa:d3:cf:6a:29:34:e8:dd:6e:20:c2:f3:
17:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:2F:EC:12:9E:C3:9F:6D:82:4E:56:E1:5F:50:14:10:5C:9E:FA:83
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS207317.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:fff4::/48
Signature Algorithm: sha256WithRSAEncryption
2f:75:90:ab:16:b3:40:eb:77:e1:ea:f9:c9:32:0e:08:ea:d7:
e0:cc:ba:f7:93:84:9c:26:fa:4c:33:32:f5:60:b8:cb:60:f6:
58:3e:2d:a8:87:fd:68:c1:84:95:b0:59:bf:5a:86:37:28:e9:
82:55:84:3c:da:03:79:c4:b4:1a:54:e2:70:9b:f1:6c:77:4f:
64:df:cf:68:ee:0d:2f:2e:85:44:51:2e:f6:f6:e9:6b:35:40:
49:a7:aa:3c:f3:2d:a9:2c:d9:60:ee:20:19:be:4e:7a:79:cd:
d2:c5:cb:1e:f9:29:3d:a9:2d:17:75:eb:a6:58:f9:f4:01:a2:
d0:54:3d:6f:01:05:13:69:10:60:8f:cf:af:ed:82:83:d7:a5:
33:ee:c3:5b:75:14:f4:49:d2:c3:e8:fe:d9:0b:02:e2:63:5f:
88:61:c2:2f:74:dc:75:0e:8f:3c:92:b4:e6:58:4e:a6:5a:97:
c0:42:df:c7:4f:c6:de:3e:73:83:c5:a8:a8:a0:80:6e:c8:b1:
de:f8:27:75:ac:5a:e5:e5:d5:3a:46:d5:17:9d:dc:1c:10:bf:
9c:81:f1:e8:9c:5c:c5:08:85:82:08:86:87:58:74:5b:67:c6:
e2:da:3a:9a:b0:f1:ba:c0:69:bd:af:0d:84:0c:6c:45:9c:32:
f8:67:a8:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUSJq1CQsnz0OKnAs9AHH4KijU8FIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA2MTAxMTQ2MDVaFw0yNjA2MDkxMTUxMDVaMDMxMTAvBgNV
BAMTKDhDMkZFQzEyOUVDMzlGNkQ4MjRFNTZFMTVGNTAxNDEwNUM5RUZBODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbJPT/6HJm8ovlkf9dKfaopM0K
fO2lM0QTVgm2xgdsipAK2Slq2wB3L+Rr9zSgiYgeKURV/m0DJ3WHk87u8HaV0uCJ
m2G3AlQISZlRR80RshOoRxTjl4Y2fUV2wfFsFSo4zaNUwWTDYERIeSZbXLFXOTct
3Om+87SVwQOHTY6x2thfYb2Vv2K8SyUIKOPZcVbRgRhoi/ABSed8t2cm2m/R3a82
HrYNQ6F7AsYCq4fBj4wCSrCo1RNmtxKh3yatclamLLKfhmrKmz6dAjOxIm01M5I2
C7X4qYRgGdT8R+YcB5lACbniOn0dYYQiUvT9fUpAQKrTz2opNOjdbiDC8xeJAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUjC/sEp7Dn22CTlbhX1AUEFye+oMwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA3MzE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
gP/0MA0GCSqGSIb3DQEBCwUAA4IBAQAvdZCrFrNA63fh6vnJMg4I6tfgzLr3k4Sc
JvpMMzL1YLjLYPZYPi2oh/1owYSVsFm/WoY3KOmCVYQ82gN5xLQaVOJwm/Fsd09k
389o7g0vLoVEUS729ulrNUBJp6o88y2pLNlg7iAZvk56ec3Sxcse+Sk9qS0Xdeum
WPn0AaLQVD1vAQUTaRBgj8+v7YKD16Uz7sNbdRT0SdLD6P7ZCwLiY1+IYcIvdNx1
Do88krTmWE6mWpfAQt/HT8bePnODxaiooIBuyLHe+Cd1rFrl5dU6RtUXndwcEL+c
gfHonFzFCIWCCIaHWHRbZ8bi2jqasPG6wGm9rw2EDGxFnDL4Z6iE
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:38:30 2025 by rpki-client