Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS210634.roa
File: AS210634.roa (raw, json)
Hash identifier: s+h+ZDOTlF+zGTLbswov4h11TbIukJC5oRqJn8Y84ZQ=
Subject key identifier: 3B:60:EE:17:32:13:AD:6B:80:93:73:E9:49:92:51:95:B1:84:0C:A7
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: C729E65B8008E0890262504BBD204A97B9AA00
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS210634.roa
Signing time: Mon 25 Aug 2025 20:40:37 +0000
ROA not before: Mon 25 Aug 2025 20:35:37 +0000
ROA not after: Mon 24 Aug 2026 20:40:37 +0000
asID: 210634
IP address blocks: 155.117.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
c7:29:e6:5b:80:08:e0:89:02:62:50:4b:bd:20:4a:97:b9:aa:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 25 20:35:37 2025 GMT
Not After : Aug 24 20:40:37 2026 GMT
Subject: CN=3B60EE173213AD6B809373E949925195B1840CA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:37:4f:51:0a:ae:ea:68:44:c9:3c:93:f8:d0:
99:0f:79:b6:36:8b:c1:fc:16:be:2f:e9:4a:30:f9:
84:3a:8b:6e:87:f8:bb:54:cd:8a:50:17:a1:3e:c7:
3e:5c:2e:3d:12:9f:e4:b0:b8:3f:c6:96:6e:6c:a9:
5c:c4:c6:3f:e0:c7:8c:cb:79:ff:76:01:8e:a7:26:
d9:47:5d:70:11:ca:ae:9e:87:35:57:75:ff:ed:34:
6c:5a:c0:4e:2c:57:e5:16:cb:63:cc:82:1d:60:21:
cb:59:1a:93:78:86:2a:6e:92:11:a1:69:4b:d3:67:
92:2f:46:91:7a:2a:f3:1a:55:44:20:46:4e:99:02:
94:e6:6e:10:a1:65:9f:b5:62:90:69:e5:e7:b4:41:
9a:4a:cf:42:72:d6:83:a6:fa:8e:49:25:04:d3:7e:
0b:26:70:dd:95:71:b7:db:a7:c0:c6:2d:28:e8:3f:
2d:fc:a9:db:37:32:91:6d:d9:32:f8:c8:75:f6:c1:
93:55:a9:1e:b1:19:37:d5:8c:0b:ad:77:c4:8b:e7:
d9:22:55:20:ef:9b:82:79:c7:d2:fb:cc:e1:6e:b5:
c4:cf:59:99:03:a7:dc:c5:50:08:ef:a4:76:f5:33:
5a:27:db:89:07:d1:5d:b0:76:44:5c:9c:6e:46:a7:
80:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:60:EE:17:32:13:AD:6B:80:93:73:E9:49:92:51:95:B1:84:0C:A7
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS210634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.188.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:18:8b:d6:3d:e9:0f:78:24:25:da:61:f3:9f:89:75:6a:22:
7d:8c:2a:d4:30:af:11:1c:02:18:c8:8a:e0:bd:5c:26:03:3f:
0d:35:82:b5:24:4b:9d:51:be:d7:8e:57:d3:9e:61:fa:b9:e4:
ff:12:6c:85:a8:d6:f4:8d:25:17:0c:8a:76:e6:73:83:a4:bc:
ee:e3:15:78:19:4a:1f:ec:0f:fc:73:4e:fe:ab:c4:40:27:2a:
c0:6b:21:3e:e6:49:4c:a2:88:39:d3:c3:4b:51:6a:43:8f:88:
07:fa:79:81:ca:b5:bb:eb:c4:4d:4d:55:08:01:9f:69:60:f1:
7c:94:95:1e:20:09:6c:f9:99:b2:5b:72:62:5a:76:0c:96:82:
1e:30:47:5a:1e:f0:0d:64:5f:9a:b1:7f:22:ab:8c:af:e8:91:
56:2d:b0:c8:0c:8b:b9:2b:72:06:b3:26:b2:7f:a7:38:53:59:
6c:cb:4f:ea:68:bc:66:e2:ec:2b:7e:2e:28:33:ed:33:c0:1a:
db:4b:9a:88:71:0d:49:c9:65:8e:b1:f9:1d:de:43:78:ae:f9:
e4:a7:df:d4:0c:9b:f8:ea:03:95:ac:c7:73:6c:68:85:4f:7b:
7a:fd:47:51:bd:62:02:11:b0:68:4c:b2:e0:72:48:17:e9:a5:
b0:82:7b:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUAMcp5luACOCJAmJQS70gSpe5qgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjUyMDM1MzdaFw0yNjA4MjQyMDQwMzdaMDMxMTAvBgNV
BAMTKDNCNjBFRTE3MzIxM0FENkI4MDkzNzNFOTQ5OTI1MTk1QjE4NDBDQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVN09RCq7qaETJPJP40JkPebY2
i8H8Fr4v6Uow+YQ6i26H+LtUzYpQF6E+xz5cLj0Sn+SwuD/Glm5sqVzExj/gx4zL
ef92AY6nJtlHXXARyq6ehzVXdf/tNGxawE4sV+UWy2PMgh1gIctZGpN4hipukhGh
aUvTZ5IvRpF6KvMaVUQgRk6ZApTmbhChZZ+1YpBp5ee0QZpKz0Jy1oOm+o5JJQTT
fgsmcN2Vcbfbp8DGLSjoPy38qds3MpFt2TL4yHX2wZNVqR6xGTfVjAutd8SL59ki
VSDvm4J5x9L7zOFutcTPWZkDp9zFUAjvpHb1M1on24kH0V2wdkRcnG5Gp4BpAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUO2DuFzITrWuAk3PpSZJRlbGEDKcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEwNjM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAm3W8
MA0GCSqGSIb3DQEBCwUAA4IBAQCnGIvWPekPeCQl2mHzn4l1aiJ9jCrUMK8RHAIY
yIrgvVwmAz8NNYK1JEudUb7XjlfTnmH6ueT/EmyFqNb0jSUXDIp25nODpLzu4xV4
GUof7A/8c07+q8RAJyrAayE+5klMoog508NLUWpDj4gH+nmByrW768RNTVUIAZ9p
YPF8lJUeIAls+ZmyW3JiWnYMloIeMEdaHvANZF+asX8iq4yv6JFWLbDIDIu5K3IG
syayf6c4U1lsy0/qaLxm4uwrfi4oM+0zwBrbS5qIcQ1JyWWOsfkd3kN4rvnkp9/U
DJv46gOVrMdzbGiFT3t6/UdRvWICEbBoTLLgckgX6aWwgnuG
-----END CERTIFICATE-----
Generated at Fri Sep 5 19:45:06 2025 by rpki-client