Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
File: AS213690.roa (raw, json)
Hash identifier: uKCk1VWDoxOFnd+5yEwSVF/1Q0PLt7DvjqqTdH828ng=
Subject key identifier: C5:6A:67:B9:F1:53:D3:04:4E:18:53:B3:0C:1A:0A:1D:37:28:18:82
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 740767618A41D42D4C158EDC76CC74259E6651E2
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
Signing time: Thu 29 May 2025 16:25:07 +0000
ROA not before: Thu 29 May 2025 16:20:07 +0000
ROA not after: Thu 28 May 2026 16:25:07 +0000
asID: 213690
IP address blocks: 45.231.207.0/24 maxlen: 24
181.215.0.0/24 maxlen: 24
181.215.28.0/24 maxlen: 24
181.215.34.0/24 maxlen: 24
181.215.48.0/24 maxlen: 24
181.215.180.0/24 maxlen: 24
191.96.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:07:67:61:8a:41:d4:2d:4c:15:8e:dc:76:cc:74:25:9e:66:51:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 29 16:20:07 2025 GMT
Not After : May 28 16:25:07 2026 GMT
Subject: CN=C56A67B9F153D3044E1853B30C1A0A1D37281882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:11:c0:e5:bf:55:1c:69:1c:96:72:c0:ad:70:
c8:4c:41:2d:ae:45:af:1c:59:50:5b:34:ab:49:54:
da:45:82:93:6f:63:e8:c9:70:5e:43:39:50:03:41:
ad:eb:d9:a0:e8:fb:5c:ae:15:27:7b:c7:cb:bd:94:
db:23:36:0a:cf:90:96:f5:a2:68:a0:b2:34:a0:e2:
02:df:1e:82:13:0e:f2:69:6d:c7:99:5f:24:c1:82:
73:04:ed:2a:f8:f9:bf:3c:7b:3e:fc:0f:c2:1c:14:
0c:a5:72:6d:4c:31:f2:af:90:f0:c8:df:42:8b:55:
50:a3:7e:4c:c1:f2:f7:ee:42:08:7d:63:30:15:9b:
81:a6:92:de:e5:ec:dc:12:06:68:28:f5:14:4a:15:
33:f6:3f:d8:d8:e2:6f:4f:1c:7e:9d:45:93:e4:96:
2d:e2:4d:08:16:ee:d2:88:1b:21:56:4a:5e:2d:55:
de:c3:36:37:e2:90:cf:fe:6a:2d:41:dd:bd:86:58:
5e:dc:86:6e:1c:55:74:7d:5c:12:15:0d:ca:ca:e1:
b2:6f:44:c3:ce:78:68:5a:98:7d:b5:45:9e:cd:30:
10:05:fb:c3:7a:07:8f:79:40:bc:e0:8e:32:88:ce:
13:f6:a5:2a:62:7f:7d:d8:3c:96:86:3a:f4:98:48:
79:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6A:67:B9:F1:53:D3:04:4E:18:53:B3:0C:1A:0A:1D:37:28:18:82
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.231.207.0/24
181.215.0.0/24
181.215.28.0/24
181.215.34.0/24
181.215.48.0/24
181.215.180.0/24
191.96.137.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:4f:d0:6b:37:7f:f2:ad:6d:cd:19:81:12:35:3a:ba:86:06:
46:21:d5:6b:13:3f:82:92:44:42:9a:4b:57:9d:91:6c:46:a2:
4b:00:1e:4a:76:08:e3:e6:22:c1:e5:16:01:15:ae:74:22:d6:
5a:2c:8a:41:4b:21:18:67:12:a0:84:b9:07:4f:22:b3:44:06:
c1:f0:fe:12:b3:51:58:86:16:bb:ea:ce:7a:95:6a:ac:93:45:
db:ee:de:25:8d:83:d9:70:ae:35:b0:d0:c3:d6:5c:01:e4:f2:
43:cb:42:92:97:f8:61:dc:2b:a6:82:66:06:b9:6f:bb:7d:47:
b9:39:e2:48:92:a3:a4:4b:8e:a6:f4:b6:25:7a:9e:2a:b0:70:
f7:a9:97:85:a7:ab:fe:9b:44:09:12:41:fc:70:dc:43:31:64:
69:b5:21:99:39:64:f4:b0:f2:10:75:40:8c:07:79:b6:25:a7:
91:53:84:3d:10:78:30:b3:4b:f7:f1:5e:0d:4f:a4:20:c1:fa:
8a:cf:4a:90:5f:da:54:2d:18:34:0c:0b:57:e9:ea:a8:ac:85:
dd:ed:b9:b2:86:23:1b:eb:67:9b:e9:5d:2f:93:b6:8e:4c:9c:
e5:4d:f0:b8:20:f8:e8:a2:a6:65:4d:73:ed:6e:73:7f:d9:8f:
f1:f6:09:35
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUdAdnYYpB1C1MFY7cdsx0JZ5mUeIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA1MjkxNjIwMDdaFw0yNjA1MjgxNjI1MDdaMDMxMTAvBgNV
BAMTKEM1NkE2N0I5RjE1M0QzMDQ0RTE4NTNCMzBDMUEwQTFEMzcyODE4ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpEcDlv1UcaRyWcsCtcMhMQS2u
Ra8cWVBbNKtJVNpFgpNvY+jJcF5DOVADQa3r2aDo+1yuFSd7x8u9lNsjNgrPkJb1
omigsjSg4gLfHoITDvJpbceZXyTBgnME7Sr4+b88ez78D8IcFAylcm1MMfKvkPDI
30KLVVCjfkzB8vfuQgh9YzAVm4Gmkt7l7NwSBmgo9RRKFTP2P9jY4m9PHH6dRZPk
li3iTQgW7tKIGyFWSl4tVd7DNjfikM/+ai1B3b2GWF7chm4cVXR9XBIVDcrK4bJv
RMPOeGhamH21RZ7NMBAF+8N6B495QLzgjjKIzhP2pSpif33YPJaGOvSYSHmHAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUxWpnufFT0wROGFOzDBoKHTcoGIIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEzNjkwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALefP
AwQAtdcAAwQAtdccAwQAtdciAwQAtdcwAwQAtde0AwQAv2CJMA0GCSqGSIb3DQEB
CwUAA4IBAQAbT9BrN3/yrW3NGYESNTq6hgZGIdVrEz+CkkRCmktXnZFsRqJLAB5K
dgjj5iLB5RYBFa50ItZaLIpBSyEYZxKghLkHTyKzRAbB8P4Ss1FYhha76s56lWqs
k0Xb7t4ljYPZcK41sNDD1lwB5PJDy0KSl/hh3CumgmYGuW+7fUe5OeJIkqOkS46m
9LYlep4qsHD3qZeFp6v+m0QJEkH8cNxDMWRptSGZOWT0sPIQdUCMB3m2JaeRU4Q9
EHgws0v38V4NT6QgwfqKz0qQX9pULRg0DAtX6eqorIXd7bmyhiMb62eb6V0vk7aO
TJzlTfC4IPjooqZlTXPtbnN/2Y/x9gk1
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:22:11 2025 by rpki-client