Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214223.roa
File: AS214223.roa (raw, json)
Hash identifier: 5nyjzl/Xkr9+/yfia6IEa64klhL2lsv15vNVvvXM+X8=
Subject key identifier: 61:70:EC:2D:F0:4C:F6:27:02:28:B5:2C:9B:9E:63:13:84:7B:57:2A
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 3F468ED9407713D941233FC3EF1DBE2FEA6F1F02
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214223.roa
Signing time: Sun 13 Jul 2025 00:57:54 +0000
ROA not before: Sun 13 Jul 2025 00:52:54 +0000
ROA not after: Sun 12 Jul 2026 00:57:54 +0000
asID: 214223
IP address blocks: 2a14:7580:c000::/36 maxlen: 48
2a14:7581:3700::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:46:8e:d9:40:77:13:d9:41:23:3f:c3:ef:1d:be:2f:ea:6f:1f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jul 13 00:52:54 2025 GMT
Not After : Jul 12 00:57:54 2026 GMT
Subject: CN=6170EC2DF04CF6270228B52C9B9E6313847B572A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ae:28:ea:65:fa:5c:59:2f:df:fe:de:d1:32:
b6:40:21:81:dd:33:cc:f0:77:df:08:3f:3c:b1:96:
41:50:93:06:96:ad:b7:8f:21:2f:94:ef:21:89:9d:
b3:30:20:89:20:ea:fb:f3:f4:47:1e:c1:3b:bc:f1:
6b:db:65:98:26:41:ee:59:1e:50:ad:8f:a2:59:0f:
0b:63:ab:4f:ae:be:04:01:da:7e:e8:58:84:7e:65:
f7:5d:80:7b:34:44:c7:54:ab:d6:bf:6e:49:4f:8d:
1b:25:39:9e:a1:cf:5d:f7:b6:a9:29:c4:c6:ed:2a:
db:5c:63:34:ae:ac:b4:55:0f:be:ec:d9:01:f4:40:
6f:09:a2:de:c7:ac:1e:b0:8a:4a:28:d7:3e:0b:02:
70:c3:e7:1e:d6:0a:81:48:89:a6:3d:18:f2:54:80:
8b:92:66:9d:f7:a7:cb:08:12:69:8e:4c:c2:f1:76:
b7:c9:99:3d:a2:cc:98:3c:42:0a:69:26:20:cb:92:
85:1f:1f:bb:f1:1f:c9:24:c4:cd:99:ba:06:c6:b6:
95:42:35:33:c2:35:cb:43:14:4f:d6:f8:41:7b:ec:
08:2c:63:f9:e7:4e:f4:b6:08:8d:d6:22:f4:62:54:
ab:78:15:3a:83:62:f8:1c:3e:41:67:76:54:2a:2a:
9f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:70:EC:2D:F0:4C:F6:27:02:28:B5:2C:9B:9E:63:13:84:7B:57:2A
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214223.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:c000::/36
2a14:7581:3700::/40
Signature Algorithm: sha256WithRSAEncryption
11:a5:59:ba:92:56:cc:98:c4:2b:e0:6a:58:64:7e:98:55:70:
1c:08:6e:3e:d2:92:fc:5b:6f:87:8a:d7:e3:70:21:23:70:b0:
40:a1:fe:97:74:81:a9:7e:f0:87:6c:14:14:25:d3:39:00:80:
da:99:e5:d1:1f:6a:a6:cd:99:e6:01:1e:04:e9:12:f9:9c:c4:
4b:43:3a:2c:6f:bc:73:6c:49:c0:ef:c6:1b:f7:7e:8d:76:c8:
38:6b:53:14:e8:27:e0:b9:08:5d:af:3a:ff:4e:ca:fc:a8:62:
a6:94:32:f4:c5:5f:52:21:14:70:97:4d:ba:58:58:dc:92:a8:
5c:b0:16:76:bb:cf:b4:1f:60:3e:26:f2:a4:09:c4:50:41:ba:
23:04:04:79:84:6a:7b:34:6f:d6:c4:1e:3a:9b:ae:7b:f3:80:
9f:3d:3e:23:ff:3a:fa:07:01:4d:4b:a9:77:65:5d:70:6f:58:
2b:e4:99:c7:2b:de:7b:64:a2:fa:f3:a3:6e:98:eb:42:fd:04:
e2:39:8d:95:5d:a9:af:52:15:99:bc:43:3b:e1:f9:10:8c:09:
3a:a4:7f:d4:01:16:a1:6e:9a:36:54:8b:21:08:16:ee:95:f2:
c7:e3:48:7c:9f:b4:af:f6:65:fa:08:d4:89:8c:85:18:4e:09:
e6:29:01:e2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUP0aO2UB3E9lBIz/D7x2+L+pvHwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA3MTMwMDUyNTRaFw0yNjA3MTIwMDU3NTRaMDMxMTAvBgNV
BAMTKDYxNzBFQzJERjA0Q0Y2MjcwMjI4QjUyQzlCOUU2MzEzODQ3QjU3MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyrijqZfpcWS/f/t7RMrZAIYHd
M8zwd98IPzyxlkFQkwaWrbePIS+U7yGJnbMwIIkg6vvz9EcewTu88WvbZZgmQe5Z
HlCtj6JZDwtjq0+uvgQB2n7oWIR+ZfddgHs0RMdUq9a/bklPjRslOZ6hz133tqkp
xMbtKttcYzSurLRVD77s2QH0QG8Jot7HrB6wikoo1z4LAnDD5x7WCoFIiaY9GPJU
gIuSZp33p8sIEmmOTMLxdrfJmT2izJg8QgppJiDLkoUfH7vxH8kkxM2ZugbGtpVC
NTPCNctDFE/W+EF77AgsY/nnTvS2CI3WIvRiVKt4FTqDYvgcPkFndlQqKp+ZAgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQUYXDsLfBM9icCKLUsm55jE4R7VyowHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0MjIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKhR1
gMADBgAqFHWBNzANBgkqhkiG9w0BAQsFAAOCAQEAEaVZupJWzJjEK+BqWGR+mFVw
HAhuPtKS/Ftvh4rX43AhI3CwQKH+l3SBqX7wh2wUFCXTOQCA2pnl0R9qps2Z5gEe
BOkS+ZzES0M6LG+8c2xJwO/GG/d+jXbIOGtTFOgn4LkIXa86/07K/KhippQy9MVf
UiEUcJdNulhY3JKoXLAWdrvPtB9gPibypAnEUEG6IwQEeYRqezRv1sQeOpuue/OA
nz0+I/86+gcBTUupd2VdcG9YK+SZxyvee2Si+vOjbpjrQv0E4jmNlV2pr1IVmbxD
O+H5EIwJOqR/1AEWoW6aNlSLIQgW7pXyx+NIfJ+0r/Zl+gjUiYyFGE4J5ikB4g==
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:11:13 2025 by rpki-client