Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213607.roa
File: AS213607.roa (raw, json)
Hash identifier: ipccJzVf2LC4xGwdrqJFuELhC6+3KgyKkia0n1gZbAY=
Subject key identifier: 17:F5:C2:2F:50:D9:37:71:1B:80:22:05:BC:F0:48:A3:74:0F:35:94
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 351A2288B41185316628193806ED8E747E60D810
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213607.roa
Signing time: Fri 18 Jul 2025 11:23:48 +0000
ROA not before: Fri 18 Jul 2025 11:18:48 +0000
ROA not after: Fri 17 Jul 2026 11:23:48 +0000
asID: 213607
IP address blocks: 143.14.149.0/24 maxlen: 24
155.117.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:1a:22:88:b4:11:85:31:66:28:19:38:06:ed:8e:74:7e:60:d8:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 18 11:18:48 2025 GMT
Not After : Jul 17 11:23:48 2026 GMT
Subject: CN=17F5C22F50D937711B802205BCF048A3740F3594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4b:9b:c2:83:28:7c:6a:58:6a:5a:32:1f:8f:
c2:d2:56:43:a2:95:37:1b:3d:24:91:46:49:da:3f:
39:35:54:f8:50:04:64:d0:35:43:f2:76:4a:db:06:
3e:ce:d9:2c:b8:9b:a0:11:d5:0b:96:7c:79:d6:0c:
59:1e:77:c0:19:6e:53:3c:8c:7a:07:8d:06:b7:f6:
68:19:a6:b5:3f:b5:c7:b2:35:3b:e8:e8:e9:0c:7e:
1d:64:c2:d4:20:56:cf:8a:f0:fe:c5:c9:20:c4:84:
c5:b9:86:ee:58:c7:51:01:e8:cd:24:47:e3:f3:b5:
e1:7e:53:57:fc:b7:fd:f2:0a:46:4c:fe:e8:a3:f0:
f1:17:57:ee:47:67:d0:30:69:01:93:f4:cd:70:d7:
08:4b:a9:65:34:15:15:ae:7c:10:ef:27:09:e0:f9:
ca:5f:97:1f:7c:d9:9e:cd:61:b1:30:7a:05:16:ef:
eb:c8:28:f4:07:f4:48:cd:db:31:b2:b6:e6:6b:f0:
3f:67:f7:0b:74:23:00:73:a8:f6:70:37:a3:f2:e5:
76:3e:67:29:0f:a7:d2:d2:95:5d:4d:da:f1:e7:c5:
da:90:8f:d5:b3:d4:f6:f1:53:68:57:07:3b:06:17:
37:0a:dd:af:40:90:30:cd:c9:14:f9:62:c3:fc:02:
3c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F5:C2:2F:50:D9:37:71:1B:80:22:05:BC:F0:48:A3:74:0F:35:94
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213607.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.149.0/24
155.117.193.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:9d:04:53:03:87:39:a2:a0:6d:5a:04:34:7e:98:aa:2e:7e:
1c:1e:49:6a:db:1f:df:be:c8:47:56:cb:bd:d4:ce:b8:aa:9b:
3a:52:dc:5e:5c:d0:95:24:b2:a6:cb:17:44:55:d5:3b:33:ab:
fb:6f:18:7b:76:72:62:bf:1a:c0:12:9e:e7:90:b7:1a:b3:e0:
f6:f7:07:3c:1d:90:c8:72:6b:ee:ef:90:85:b0:ed:aa:c5:6a:
9b:17:85:6b:51:db:da:72:3f:26:c7:47:2d:da:e8:89:ad:b8:
c0:2a:be:c1:ba:91:17:e0:00:3d:18:b7:ca:27:85:e6:36:d1:
de:09:1d:f5:33:dd:f8:1f:d4:a7:e0:12:47:83:86:43:9a:e4:
bd:da:b9:6a:c6:e1:7a:33:5f:ad:a7:b0:22:10:6e:1f:e2:6b:
60:53:eb:a0:97:36:34:db:d2:87:84:38:57:2b:74:da:ad:8c:
9f:ca:06:bc:48:db:7f:c2:67:ef:35:ea:3d:74:f1:38:01:a0:
3b:12:11:8e:4c:85:d3:9d:0b:8f:5d:e8:a9:ff:0f:a5:6d:c1:
4a:1c:e5:93:9f:81:29:95:a7:f3:d9:26:d4:bc:e2:7c:e5:ec:
1a:8c:f9:b4:7f:a8:77:cf:98:6c:df:de:78:97:c3:a1:45:3c:
bf:ec:82:32
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUNRoiiLQRhTFmKBk4Bu2OdH5g2BAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTgxMTE4NDhaFw0yNjA3MTcxMTIzNDhaMDMxMTAvBgNV
BAMTKDE3RjVDMjJGNTBEOTM3NzExQjgwMjIwNUJDRjA0OEEzNzQwRjM1OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYS5vCgyh8alhqWjIfj8LSVkOi
lTcbPSSRRknaPzk1VPhQBGTQNUPydkrbBj7O2Sy4m6AR1QuWfHnWDFked8AZblM8
jHoHjQa39mgZprU/tceyNTvo6OkMfh1kwtQgVs+K8P7FySDEhMW5hu5Yx1EB6M0k
R+PzteF+U1f8t/3yCkZM/uij8PEXV+5HZ9AwaQGT9M1w1whLqWU0FRWufBDvJwng
+cpflx982Z7NYbEwegUW7+vIKPQH9EjN2zGytuZr8D9n9wt0IwBzqPZwN6Py5XY+
ZykPp9LSlV1N2vHnxdqQj9Wz1PbxU2hXBzsGFzcK3a9AkDDNyRT5YsP8AjzBAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUF/XCL1DZN3EbgCIFvPBIo3QPNZQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEzNjA3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjw6V
AwQAm3XBMA0GCSqGSIb3DQEBCwUAA4IBAQBcnQRTA4c5oqBtWgQ0fpiqLn4cHklq
2x/fvshHVsu91M64qps6UtxeXNCVJLKmyxdEVdU7M6v7bxh7dnJivxrAEp7nkLca
s+D29wc8HZDIcmvu75CFsO2qxWqbF4VrUdvacj8mx0ct2uiJrbjAKr7BupEX4AA9
GLfKJ4XmNtHeCR31M934H9Sn4BJHg4ZDmuS92rlqxuF6M1+tp7AiEG4f4mtgU+ug
lzY029KHhDhXK3TarYyfyga8SNt/wmfvNeo9dPE4AaA7EhGOTIXTnQuPXeip/w+l
bcFKHOWTn4Eplafz2SbUvOJ85ewajPm0f6h3z5hs3954l8OhRTy/7IIy
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:00:31 2025 by rpki-client