Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS210337.roa
File: AS210337.roa (raw, json)
Hash identifier: tsE2gN7lUHmSzfJG+R8i+T9+Sqoqg9P+jC4dWqCimg4=
Subject key identifier: 35:3E:3E:87:6A:2C:58:21:DE:AC:C2:04:92:86:08:E8:25:82:0E:3B
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 60BC96CC14215032F082B00AD5F9F8C810014CE3
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS210337.roa
Signing time: Tue 06 May 2025 01:20:04 +0000
ROA not before: Tue 06 May 2025 01:15:04 +0000
ROA not after: Tue 05 May 2026 01:20:04 +0000
asID: 210337
IP address blocks: 2a14:7581:fed::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:bc:96:cc:14:21:50:32:f0:82:b0:0a:d5:f9:f8:c8:10:01:4c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 6 01:15:04 2025 GMT
Not After : May 5 01:20:04 2026 GMT
Subject: CN=353E3E876A2C5821DEACC204928608E825820E3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b8:5c:bb:66:f9:af:21:88:ec:a7:93:4c:43:
6b:89:20:09:bc:eb:7a:9e:70:b7:21:6d:df:0f:3b:
ed:ad:e6:b9:71:e7:37:71:ee:84:a1:44:1f:df:25:
d4:fc:8a:1d:cd:f8:cc:d7:a4:84:4e:cb:b0:03:e2:
74:82:7f:64:e2:e2:d8:62:54:d7:3a:0f:2c:56:23:
d1:26:62:e5:ec:6d:01:3c:23:24:06:9c:17:6e:2e:
d7:60:bf:46:74:8f:d0:ce:fe:b7:cb:04:5f:bc:07:
a0:a9:ad:87:b6:db:68:f5:95:07:0c:b8:2a:2e:ad:
a5:e6:38:94:8a:69:5a:03:b8:13:21:11:33:5e:32:
68:9b:68:93:bd:7b:f8:d2:e6:ab:61:1e:c9:cf:e4:
37:1e:b9:b5:54:c4:39:cc:5c:be:0a:5b:50:6a:ec:
30:a0:a9:ed:d1:ff:4b:38:4c:9e:67:ef:bb:ba:91:
ea:81:cf:bf:33:d7:8e:42:47:5d:29:10:ed:e7:d2:
65:e0:54:da:3d:d2:1c:bb:89:df:7e:ac:0d:76:be:
d8:0e:c3:65:83:02:22:66:bf:7a:50:4f:0e:d0:a7:
af:b7:6f:5e:ae:4b:55:71:c3:8b:7d:18:4e:62:3b:
00:b9:14:b4:4e:c2:ed:7e:f3:8b:de:ae:36:bf:01:
97:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3E:3E:87:6A:2C:58:21:DE:AC:C2:04:92:86:08:E8:25:82:0E:3B
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS210337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:fed::/48
Signature Algorithm: sha256WithRSAEncryption
35:f8:0d:4a:d6:c5:8f:1d:c0:a1:b2:d6:fe:f9:7e:d7:9e:b2:
48:85:d4:99:6e:7c:0d:e0:23:2a:3f:73:76:9d:74:36:08:ad:
f5:ec:78:6c:07:8f:37:b9:ff:8d:ef:84:52:3f:01:a7:41:ea:
28:e4:7b:13:2b:cf:d4:52:09:03:ad:bf:05:8f:32:87:6a:47:
6b:4b:a2:0f:98:0e:ea:f0:d2:31:90:23:06:f8:77:43:0d:e4:
4b:cf:1d:cc:44:ea:88:b8:a0:af:dc:23:a7:e4:4e:b9:cf:2f:
29:54:0a:1b:7a:f1:d2:fb:98:7b:1c:51:59:58:05:0c:23:3b:
c9:84:b8:a5:c8:89:f8:23:cf:8d:7b:78:89:ed:4d:01:94:a2:
28:75:3d:92:6f:5d:89:24:15:27:64:9c:79:83:c2:16:93:b4:
b3:a2:82:9e:9b:b3:aa:e2:b2:f7:3d:43:ac:ed:9c:d5:10:e0:
ab:3e:51:44:37:a4:ab:5f:77:d8:e3:f9:eb:fb:ff:78:8e:da:
0b:c9:d2:f6:cc:e5:d5:b9:07:82:41:11:c5:e4:b5:a6:dd:da:
a8:72:66:49:bb:bf:04:11:6d:3b:c7:c9:d4:5c:6d:fe:09:06:
8e:3c:83:68:ad:8a:d8:7e:b2:e5:e9:a1:56:22:f6:b3:f6:9f:
10:e6:be:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUYLyWzBQhUDLwgrAK1fn4yBABTOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA1MDYwMTE1MDRaFw0yNjA1MDUwMTIwMDRaMDMxMTAvBgNV
BAMTKDM1M0UzRTg3NkEyQzU4MjFERUFDQzIwNDkyODYwOEU4MjU4MjBFM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbuFy7ZvmvIYjsp5NMQ2uJIAm8
63qecLchbd8PO+2t5rlx5zdx7oShRB/fJdT8ih3N+MzXpIROy7AD4nSCf2Ti4thi
VNc6DyxWI9EmYuXsbQE8IyQGnBduLtdgv0Z0j9DO/rfLBF+8B6CprYe222j1lQcM
uCouraXmOJSKaVoDuBMhETNeMmibaJO9e/jS5qthHsnP5DceubVUxDnMXL4KW1Bq
7DCgqe3R/0s4TJ5n77u6keqBz78z145CR10pEO3n0mXgVNo90hy7id9+rA12vtgO
w2WDAiJmv3pQTw7Qp6+3b16uS1Vxw4t9GE5iOwC5FLROwu1+84verja/AZdxAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUNT4+h2osWCHerMIEkoYI6CWCDjswHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjEwMzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
gQ/tMA0GCSqGSIb3DQEBCwUAA4IBAQA1+A1K1sWPHcChstb++X7XnrJIhdSZbnwN
4CMqP3N2nXQ2CK317HhsB483uf+N74RSPwGnQeoo5HsTK8/UUgkDrb8FjzKHakdr
S6IPmA7q8NIxkCMG+HdDDeRLzx3MROqIuKCv3COn5E65zy8pVAobevHS+5h7HFFZ
WAUMIzvJhLilyIn4I8+Ne3iJ7U0BlKIodT2Sb12JJBUnZJx5g8IWk7SzooKem7Oq
4rL3PUOs7ZzVEOCrPlFEN6SrX3fY4/nr+/94jtoLydL2zOXVuQeCQRHF5LWm3dqo
cmZJu78EEW07x8nUXG3+CQaOPINorYrYfrLl6aFWIvaz9p8Q5r6h
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:28:02 2025 by rpki-client