Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
File: AS212335.roa (raw, json)
Hash identifier: qborTvyVy+18FBfPX+64Uv8FPrQhz85lgXZ8uuLUoPE=
Subject key identifier: F1:38:B2:FB:8B:C3:23:08:8C:1C:DE:90:DC:F4:CC:03:89:F3:6C:93
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 64652F3AD2E3EECC1A92A3E9B98A349106E22E4D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
Signing time: Thu 29 May 2025 09:54:08 +0000
ROA not before: Thu 29 May 2025 09:49:08 +0000
ROA not after: Thu 28 May 2026 09:54:08 +0000
asID: 212335
IP address blocks: 45.137.157.0/24 maxlen: 24
185.170.56.0/24 maxlen: 24
191.96.18.0/24 maxlen: 24
191.96.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:65:2f:3a:d2:e3:ee:cc:1a:92:a3:e9:b9:8a:34:91:06:e2:2e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 29 09:49:08 2025 GMT
Not After : May 28 09:54:08 2026 GMT
Subject: CN=F138B2FB8BC323088C1CDE90DCF4CC0389F36C93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b3:44:fe:8f:40:5b:1c:42:a0:5a:5b:f3:05:
3b:99:32:20:53:e6:78:9b:3d:64:4e:92:b4:5c:74:
09:a7:01:ad:7b:c4:ea:dc:03:0a:86:43:11:c2:ab:
ea:d4:5e:cb:f6:25:ed:d7:90:7d:7d:95:3a:19:14:
38:d1:f6:05:86:1b:b0:0f:98:f9:55:45:d3:a0:c5:
2b:4c:c1:d7:ad:8f:ea:77:af:06:93:74:f3:19:a1:
57:32:6a:1a:85:12:27:55:58:63:95:ac:bc:35:c0:
6b:96:28:ce:f4:08:00:7b:b0:90:42:d1:d1:d8:38:
09:eb:52:08:d9:73:d4:a6:4c:24:81:e4:36:c6:e1:
7a:d8:1d:ee:3e:e8:71:b1:4a:71:5b:d8:aa:32:2f:
84:8b:d0:e1:ef:49:ca:15:24:d5:15:37:d9:d3:cb:
55:86:4d:34:74:2e:e1:9d:9c:f1:99:6e:24:51:3d:
ec:6e:75:67:ab:b1:6b:7b:72:a4:f0:c4:5e:fe:e4:
3f:fa:eb:91:37:c1:3f:c9:e7:00:2f:b4:86:54:eb:
19:72:7a:ad:f6:86:60:fa:3c:e3:ca:b2:65:aa:62:
38:20:37:ed:ed:cc:d3:74:03:c4:40:cd:7c:b7:ad:
a3:11:08:4a:22:42:4f:74:70:34:2a:a9:11:a3:a9:
6a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:38:B2:FB:8B:C3:23:08:8C:1C:DE:90:DC:F4:CC:03:89:F3:6C:93
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.157.0/24
185.170.56.0/24
191.96.18.0/24
191.96.187.0/24
Signature Algorithm: sha256WithRSAEncryption
58:5b:81:0e:18:32:2a:8b:f8:9d:be:53:b5:67:e4:29:d0:4e:
12:e1:21:5d:a0:60:ad:34:02:47:aa:26:e5:28:31:d1:ec:d9:
73:44:4d:59:b4:e4:ce:5e:7c:82:98:1a:09:ca:6c:51:53:a0:
ce:a5:90:e0:6f:97:a5:77:d4:78:ad:d1:70:1c:02:3b:78:1c:
05:fb:fc:ae:84:be:e6:dd:5f:34:46:f9:66:d2:f3:09:aa:b7:
14:27:2e:7b:40:96:0a:66:45:ac:fb:48:ef:bd:db:f5:bc:9a:
9b:8e:9e:fe:36:02:60:3d:42:97:7b:2c:ff:3e:43:bc:0c:6f:
0b:0c:36:ec:c4:87:60:fc:fd:be:9b:54:e8:0c:2b:a1:0c:e4:
16:09:f0:b2:ff:14:f5:32:94:c5:a8:77:71:ce:bf:2a:9d:0f:
32:da:b5:d9:65:46:fe:83:0e:d2:86:69:23:47:d4:82:44:87:
91:92:e9:04:83:4f:93:42:e4:ec:32:ff:ee:15:df:15:b2:d0:
09:09:71:48:58:01:01:1c:2f:b6:1c:f2:b8:86:96:70:bc:a4:
1e:1f:e4:9e:29:b9:0e:e6:55:2a:af:ba:65:c1:2f:e3:68:01:
19:e1:67:f7:f2:ce:dd:78:3c:e8:3e:28:99:d7:3c:1f:60:81:
06:84:23:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUZGUvOtLj7swakqPpuYo0kQbiLk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA1MjkwOTQ5MDhaFw0yNjA1MjgwOTU0MDhaMDMxMTAvBgNV
BAMTKEYxMzhCMkZCOEJDMzIzMDg4QzFDREU5MERDRjRDQzAzODlGMzZDOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfs0T+j0BbHEKgWlvzBTuZMiBT
5nibPWROkrRcdAmnAa17xOrcAwqGQxHCq+rUXsv2Je3XkH19lToZFDjR9gWGG7AP
mPlVRdOgxStMwdetj+p3rwaTdPMZoVcyahqFEidVWGOVrLw1wGuWKM70CAB7sJBC
0dHYOAnrUgjZc9SmTCSB5DbG4XrYHe4+6HGxSnFb2KoyL4SL0OHvScoVJNUVN9nT
y1WGTTR0LuGdnPGZbiRRPexudWersWt7cqTwxF7+5D/665E3wT/J5wAvtIZU6xly
eq32hmD6POPKsmWqYjggN+3tzNN0A8RAzXy3raMRCEoiQk90cDQqqRGjqWpJAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU8Tiy+4vDIwiMHN6Q3PTMA4nzbJMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyMzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYmd
AwQAuao4AwQAv2ASAwQAv2C7MA0GCSqGSIb3DQEBCwUAA4IBAQBYW4EOGDIqi/id
vlO1Z+Qp0E4S4SFdoGCtNAJHqiblKDHR7NlzRE1ZtOTOXnyCmBoJymxRU6DOpZDg
b5eld9R4rdFwHAI7eBwF+/yuhL7m3V80Rvlm0vMJqrcUJy57QJYKZkWs+0jvvdv1
vJqbjp7+NgJgPUKXeyz/PkO8DG8LDDbsxIdg/P2+m1ToDCuhDOQWCfCy/xT1MpTF
qHdxzr8qnQ8y2rXZZUb+gw7ShmkjR9SCRIeRkukEg0+TQuTsMv/uFd8VstAJCXFI
WAEBHC+2HPK4hpZwvKQeH+SeKbkO5lUqr7plwS/jaAEZ4Wf38s7deDzoPiiZ1zwf
YIEGhCNc
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:22:14 2025 by rpki-client