Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS212470.roa
File: AS212470.roa (raw, json)
Hash identifier: ZhttxEJcfXClyVbMC4Z8f5O7wseFixIOhEv3NglIiB0=
Subject key identifier: 3F:64:17:E7:10:3F:F7:C9:EB:2F:40:2F:72:49:C6:C0:CF:D8:77:FC
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 0AF8F81E42CC8B009B3F31C62C47DB6B82166EF0
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS212470.roa
Signing time: Mon 09 Jun 2025 08:30:25 +0000
ROA not before: Mon 09 Jun 2025 08:25:25 +0000
ROA not after: Mon 08 Jun 2026 08:30:25 +0000
asID: 212470
IP address blocks: 2a14:7580:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:f8:f8:1e:42:cc:8b:00:9b:3f:31:c6:2c:47:db:6b:82:16:6e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 9 08:25:25 2025 GMT
Not After : Jun 8 08:30:25 2026 GMT
Subject: CN=3F6417E7103FF7C9EB2F402F7249C6C0CFD877FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7d:bf:86:29:8a:e1:3b:f1:04:21:7a:63:2e:
54:9b:2c:fd:06:d3:ac:79:ff:a3:c2:22:42:6f:39:
b9:5c:27:96:f5:f8:88:5b:05:af:2f:7f:83:e6:3e:
77:6c:21:4b:a5:8b:cb:a0:89:49:2e:2b:22:ec:b7:
73:c0:d7:ea:ec:b7:0c:99:b3:07:84:37:6c:c1:d7:
ce:55:59:55:e7:0a:cf:c1:59:5a:da:7d:90:3c:7d:
ce:ec:bd:44:8d:83:e5:46:86:a6:0e:99:fc:65:a4:
5b:15:9f:63:2b:f2:85:56:1e:c2:82:3a:46:73:29:
af:63:d1:52:9d:7c:c0:57:54:d8:8a:19:35:57:b3:
fc:e6:31:39:e7:26:9e:26:9c:0f:71:bc:16:73:98:
f6:a5:76:57:57:fd:b4:99:a5:2c:15:f6:a2:fb:e3:
a0:fb:7b:1f:3f:6c:94:9a:a9:b3:61:9e:c6:b0:81:
59:82:3b:ef:32:9a:50:ff:38:fb:14:eb:b3:c0:19:
c2:75:65:f0:9d:34:75:fa:47:77:65:d6:a7:b2:2f:
66:1b:dd:a1:da:ca:84:72:5d:2c:f3:dd:54:f8:20:
d5:5b:68:47:fc:d7:a7:ab:f0:1c:f7:99:98:6a:89:
b9:46:fa:d9:e2:77:d7:ae:8b:f4:fc:2b:e6:e3:7b:
38:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:64:17:E7:10:3F:F7:C9:EB:2F:40:2F:72:49:C6:C0:CF:D8:77:FC
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS212470.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:200::/40
Signature Algorithm: sha256WithRSAEncryption
94:b5:0f:de:82:6f:ee:d0:7c:5c:da:b0:16:87:1e:a1:44:24:
2e:3d:45:72:27:d4:b4:4d:68:ad:50:72:ab:4e:aa:8a:00:7b:
9b:f0:ac:ee:03:cc:b2:87:58:31:d0:bf:c8:54:2a:7a:73:11:
72:bf:d0:75:3b:28:1d:f1:45:2d:d0:44:91:3a:81:99:6c:ab:
44:50:43:86:93:de:32:66:16:d5:42:93:61:aa:ff:ed:29:d9:
bc:5c:0a:71:f8:3f:11:97:1f:28:98:68:30:88:4b:f0:00:cc:
a4:94:f3:73:70:3e:87:00:63:d0:3a:d9:83:3c:b3:49:1c:57:
05:1b:ec:f4:9d:71:1a:14:d1:e4:92:22:23:48:08:b4:46:6d:
2d:47:22:e1:75:1d:df:dd:c3:14:7c:63:12:c3:f2:1e:39:a1:
1a:f3:b7:aa:4b:c8:32:c1:a5:88:e8:e4:51:ed:38:95:a8:64:
71:6e:8b:16:ea:7b:77:6f:93:c0:6a:46:39:1b:d3:30:72:f7:
bf:b2:bd:86:45:61:0e:98:ef:3a:4c:a8:3b:f4:cd:53:b9:2b:
3e:3d:6a:45:8b:96:17:b8:2e:99:d7:75:e4:8f:7b:ca:60:7a:
82:ed:82:92:88:fa:6d:ca:bb:04:12:ba:ef:0e:f7:4d:01:ef:
29:0f:a2:f1
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUCvj4HkLMiwCbPzHGLEfba4IWbvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA2MDkwODI1MjVaFw0yNjA2MDgwODMwMjVaMDMxMTAvBgNV
BAMTKDNGNjQxN0U3MTAzRkY3QzlFQjJGNDAyRjcyNDlDNkMwQ0ZEODc3RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzfb+GKYrhO/EEIXpjLlSbLP0G
06x5/6PCIkJvOblcJ5b1+IhbBa8vf4PmPndsIUuli8ugiUkuKyLst3PA1+rstwyZ
sweEN2zB185VWVXnCs/BWVrafZA8fc7svUSNg+VGhqYOmfxlpFsVn2Mr8oVWHsKC
OkZzKa9j0VKdfMBXVNiKGTVXs/zmMTnnJp4mnA9xvBZzmPaldldX/bSZpSwV9qL7
46D7ex8/bJSaqbNhnsawgVmCO+8ymlD/OPsU67PAGcJ1ZfCdNHX6R3dl1qeyL2Yb
3aHayoRyXSzz3VT4INVbaEf816er8Bz3mZhqiblG+tnid9eui/T8K+bjezgfAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUP2QX5xA/98nrL0AvcknGwM/Yd/wwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjEyNDcwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1
gAIwDQYJKoZIhvcNAQELBQADggEBAJS1D96Cb+7QfFzasBaHHqFEJC49RXIn1LRN
aK1QcqtOqooAe5vwrO4DzLKHWDHQv8hUKnpzEXK/0HU7KB3xRS3QRJE6gZlsq0RQ
Q4aT3jJmFtVCk2Gq/+0p2bxcCnH4PxGXHyiYaDCIS/AAzKSU83NwPocAY9A62YM8
s0kcVwUb7PSdcRoU0eSSIiNICLRGbS1HIuF1Hd/dwxR8YxLD8h45oRrzt6pLyDLB
pYjo5FHtOJWoZHFuixbqe3dvk8BqRjkb0zBy97+yvYZFYQ6Y7zpMqDv0zVO5Kz49
akWLlhe4LpnXdeSPe8pgeoLtgpKI+m3KuwQSuu8O900B7ykPovE=
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:38:43 2025 by rpki-client