Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS213734.roa
File: AS213734.roa (raw, json)
Hash identifier: P5z2E0ialYX75QzDEDitb9eMXi9AiYyg414Ldf9wXcw=
Subject key identifier: 3C:BF:75:67:99:A7:ED:9F:39:C7:82:64:F7:CD:CB:55:02:F6:E7:4D
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 4B0723880116737269CBB3BF8E18F44694FFBBA9
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS213734.roa
Signing time: Sat 06 Jun 2026 08:15:08 +0000
ROA not before: Sat 06 Jun 2026 08:10:08 +0000
ROA not after: Sat 05 Jun 2027 08:15:08 +0000
asID: 213734
IP address blocks: 51.146.98.0/24 maxlen: 24
188.221.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:07:23:88:01:16:73:72:69:cb:b3:bf:8e:18:f4:46:94:ff:bb:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Jun 6 08:10:08 2026 GMT
Not After : Jun 5 08:15:08 2027 GMT
Subject: CN=3CBF756799A7ED9F39C78264F7CDCB5502F6E74D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d5:f0:eb:94:e7:16:b5:c9:a5:c0:16:54:60:
da:94:b3:86:23:11:65:52:85:8f:f2:c3:89:4e:9e:
c0:0f:ef:92:d0:a6:24:e8:5e:e3:23:a5:f3:fd:80:
51:2d:bc:c7:01:49:48:46:da:c9:15:c7:03:09:22:
ca:ac:13:53:50:3e:13:fb:01:4f:dc:04:f4:c4:29:
22:ce:ad:95:79:54:27:63:97:73:72:dd:81:03:b4:
10:fa:9c:d0:79:0e:b7:5f:8d:1c:23:e4:a7:ce:9c:
8e:b7:b6:a5:66:94:40:c2:b4:b4:d8:64:cd:12:34:
85:49:c8:4d:ff:1a:39:7b:ef:d7:e3:05:fc:f7:15:
38:f3:50:a2:a1:47:d1:99:5b:47:1f:00:59:08:a8:
1b:02:f9:c0:d7:13:be:f3:88:23:c5:64:6c:13:14:
d3:d2:18:ab:ba:10:b4:17:d6:46:86:86:64:a6:2d:
f2:78:75:fa:2b:15:ea:76:f3:c9:77:5e:7f:a2:44:
11:5a:ef:dd:68:9c:f4:e3:e7:66:ed:b5:3e:94:ad:
da:21:05:cd:16:29:a5:3b:8e:2a:ad:1d:e2:76:ea:
84:90:66:3a:37:34:1b:18:2b:8a:02:ce:2b:b0:b5:
0d:f4:55:62:f3:06:ed:9e:dd:ee:3e:b5:81:5d:c0:
a1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:BF:75:67:99:A7:ED:9F:39:C7:82:64:F7:CD:CB:55:02:F6:E7:4D
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS213734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.98.0/24
188.221.96.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:92:83:16:e3:e0:6e:c7:dc:f4:84:82:19:4a:0c:63:82:46:
7e:a3:05:9f:b0:5a:d6:f1:3a:eb:84:dd:11:0c:a8:87:32:39:
05:bf:08:41:a2:66:0e:23:a3:ca:e3:97:c7:88:86:17:43:19:
7c:f4:5e:b6:6f:3f:d8:71:60:38:36:f2:0e:f0:05:69:4c:db:
30:b5:80:ce:c3:c8:99:f4:25:f0:92:a8:2b:3c:0b:88:da:06:
58:80:16:b0:46:d1:b8:08:37:13:29:45:ae:73:3c:24:24:83:
d6:12:76:10:9c:fb:ac:21:db:11:58:7b:71:c9:bf:99:ff:3e:
a3:36:6b:3e:d5:89:1c:99:e9:49:0c:cf:0f:99:57:55:58:88:
bc:80:51:c2:4f:6c:7f:b2:d0:a7:b8:ab:ef:6f:0e:73:e3:73:
17:1c:a0:f8:90:64:93:ec:fb:bd:56:6f:67:05:2a:4d:79:32:
c0:06:fb:f7:1f:7c:44:ca:38:e6:bf:f2:a4:2c:06:bd:7f:6b:
ec:90:d8:9b:4e:dd:a9:81:c8:06:bb:ea:3e:57:53:73:c6:09:
23:2f:b7:bc:fd:6e:09:86:32:80:55:ec:04:5a:04:85:2c:4a:
c7:e0:68:a8:d9:56:85:79:2e:87:0f:d9:53:d9:bb:f4:db:4f:
d1:2d:13:77
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUSwcjiAEWc3Jpy7O/jhj0RpT/u6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA2MDYwODEwMDhaFw0yNzA2MDUwODE1MDhaMDMxMTAvBgNV
BAMTKDNDQkY3NTY3OTlBN0VEOUYzOUM3ODI2NEY3Q0RDQjU1MDJGNkU3NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB1fDrlOcWtcmlwBZUYNqUs4Yj
EWVShY/yw4lOnsAP75LQpiToXuMjpfP9gFEtvMcBSUhG2skVxwMJIsqsE1NQPhP7
AU/cBPTEKSLOrZV5VCdjl3Ny3YEDtBD6nNB5DrdfjRwj5KfOnI63tqVmlEDCtLTY
ZM0SNIVJyE3/Gjl779fjBfz3FTjzUKKhR9GZW0cfAFkIqBsC+cDXE77ziCPFZGwT
FNPSGKu6ELQX1kaGhmSmLfJ4dforFep288l3Xn+iRBFa791onPTj52bttT6Urdoh
Bc0WKaU7jiqtHeJ26oSQZjo3NBsYK4oCziuwtQ30VWLzBu2e3e4+tYFdwKEnAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUPL91Z5mn7Z85x4Jk983LVQL2500wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjEzNzM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAM5Ji
AwQAvN1gMA0GCSqGSIb3DQEBCwUAA4IBAQCOkoMW4+Bux9z0hIIZSgxjgkZ+owWf
sFrW8TrrhN0RDKiHMjkFvwhBomYOI6PK45fHiIYXQxl89F62bz/YcWA4NvIO8AVp
TNswtYDOw8iZ9CXwkqgrPAuI2gZYgBawRtG4CDcTKUWuczwkJIPWEnYQnPusIdsR
WHtxyb+Z/z6jNms+1YkcmelJDM8PmVdVWIi8gFHCT2x/stCnuKvvbw5z43MXHKD4
kGST7Pu9Vm9nBSpNeTLABvv3H3xEyjjmv/KkLAa9f2vskNibTt2pgcgGu+o+V1Nz
xgkjL7e8/W4JhjKAVewEWgSFLErH4Gio2VaFeS6HD9lT2bv020/RLRN3
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:34:57 2026 by rpki-client