Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
File: AS213690.roa (raw, json)
Hash identifier: CzWazhDp0unEaUqmwlVoZmf9/i4m0IlvFtZGxUxWfpg=
Subject key identifier: 6B:B1:C7:20:98:73:71:0E:E6:B9:C2:DD:3B:07:9D:4D:69:0C:01:42
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 37D34D556383A804547166286FC538BA914AE0C8
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
Signing time: Mon 01 Sep 2025 14:27:17 +0000
ROA not before: Mon 01 Sep 2025 14:22:17 +0000
ROA not after: Mon 31 Aug 2026 14:27:17 +0000
asID: 213690
IP address blocks: 45.231.207.0/24 maxlen: 24
181.214.57.0/24 maxlen: 24
181.215.0.0/24 maxlen: 24
181.215.28.0/24 maxlen: 24
181.215.34.0/24 maxlen: 24
181.215.48.0/24 maxlen: 24
181.215.180.0/24 maxlen: 24
191.96.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:d3:4d:55:63:83:a8:04:54:71:66:28:6f:c5:38:ba:91:4a:e0:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 1 14:22:17 2025 GMT
Not After : Aug 31 14:27:17 2026 GMT
Subject: CN=6BB1C7209873710EE6B9C2DD3B079D4D690C0142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ee:83:73:9c:5a:dc:f6:c0:67:5e:ac:b6:d5:
b6:73:58:2d:9f:61:a8:14:2c:b1:3e:42:fa:2e:a9:
7b:98:76:d0:fb:76:de:d2:47:dd:52:db:b8:6f:d4:
8e:be:c7:6c:53:fa:24:84:2c:44:c3:00:61:92:3a:
bd:a9:f5:45:06:8e:0f:47:c4:9b:54:74:36:3a:c9:
02:66:5a:32:78:4e:20:a6:af:84:cf:73:95:38:df:
09:00:8b:18:7a:75:06:c8:8f:36:64:b2:fe:b6:0f:
a1:9d:06:3c:02:b2:25:7f:14:fe:cb:26:0f:99:b2:
c1:03:72:94:4b:09:79:1a:77:13:40:9c:09:d8:4c:
18:84:0b:ce:ae:f6:6c:4a:5b:ad:ec:82:9c:9a:a7:
4a:af:db:50:f3:9b:f9:19:07:b6:50:5e:05:b7:24:
37:b3:37:73:27:e2:7a:09:84:61:4e:b6:76:5e:84:
8b:14:c6:62:da:fc:d1:48:60:19:ad:50:fb:6c:a9:
7d:4a:1b:e8:7d:d2:92:d8:49:78:11:25:e5:4f:be:
89:86:71:e7:b4:13:98:f6:3e:a0:78:62:55:9f:c6:
9d:a9:58:7a:bd:0a:6a:49:8a:49:4a:46:60:e0:85:
03:8c:36:9d:d6:40:c0:be:67:3f:4b:a9:7c:04:bb:
cd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B1:C7:20:98:73:71:0E:E6:B9:C2:DD:3B:07:9D:4D:69:0C:01:42
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.231.207.0/24
181.214.57.0/24
181.215.0.0/24
181.215.28.0/24
181.215.34.0/24
181.215.48.0/24
181.215.180.0/24
191.96.137.0/24
Signature Algorithm: sha256WithRSAEncryption
98:25:fa:5a:e6:e9:9c:fc:04:dd:fc:f2:02:27:d3:4b:d1:d6:
b5:da:fc:b1:1e:d2:b9:d0:52:0a:86:f9:b4:66:74:97:40:f6:
12:22:4f:1c:a2:0b:84:31:98:3b:e3:06:b9:8b:db:20:2a:59:
f7:5c:60:e3:45:bc:68:6f:8d:45:90:93:c4:d3:bc:95:30:80:
9d:de:f6:2c:06:86:26:5b:3f:27:e0:c7:22:aa:8a:0f:7a:69:
59:b6:2b:3c:14:04:29:aa:29:80:74:6c:88:c5:9a:a6:0c:e7:
b9:16:72:ea:e2:2f:8e:a6:35:a1:15:4d:d2:ee:2c:51:2f:b2:
b4:2e:2a:e3:f0:cd:73:25:12:00:e9:17:15:de:64:2a:48:76:
71:09:3c:3d:1e:9f:cf:31:22:19:69:34:c6:5f:cb:15:1e:ce:
62:4e:06:9e:72:c9:0f:71:70:0d:c2:b6:cb:6f:43:dd:67:55:
dd:a1:7f:2d:ba:12:3b:81:6d:8a:86:75:20:40:1d:10:35:8a:
02:4e:ed:a1:42:c2:20:73:ce:1e:66:50:64:70:41:88:b2:ec:
87:d4:3d:78:18:2f:46:a3:1c:05:21:b3:0a:33:6c:f7:d2:69:
ba:0e:3e:1a:b3:16:5b:00:4c:22:76:0d:47:b4:ca:a8:63:2e:
64:1f:00:34
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUN9NNVWODqARUcWYob8U4upFK4MgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA5MDExNDIyMTdaFw0yNjA4MzExNDI3MTdaMDMxMTAvBgNV
BAMTKDZCQjFDNzIwOTg3MzcxMEVFNkI5QzJERDNCMDc5RDRENjkwQzAxNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM7oNznFrc9sBnXqy21bZzWC2f
YagULLE+QvouqXuYdtD7dt7SR91S27hv1I6+x2xT+iSELETDAGGSOr2p9UUGjg9H
xJtUdDY6yQJmWjJ4TiCmr4TPc5U43wkAixh6dQbIjzZksv62D6GdBjwCsiV/FP7L
Jg+ZssEDcpRLCXkadxNAnAnYTBiEC86u9mxKW63sgpyap0qv21Dzm/kZB7ZQXgW3
JDezN3Mn4noJhGFOtnZehIsUxmLa/NFIYBmtUPtsqX1KG+h90pLYSXgRJeVPvomG
cee0E5j2PqB4YlWfxp2pWHq9CmpJiklKRmDghQOMNp3WQMC+Zz9LqXwEu81nAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUa7HHIJhzcQ7mucLdOwedTWkMAUIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEzNjkwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALefP
AwQAtdY5AwQAtdcAAwQAtdccAwQAtdciAwQAtdcwAwQAtde0AwQAv2CJMA0GCSqG
SIb3DQEBCwUAA4IBAQCYJfpa5umc/ATd/PICJ9NL0da12vyxHtK50FIKhvm0ZnSX
QPYSIk8coguEMZg74wa5i9sgKln3XGDjRbxob41FkJPE07yVMICd3vYsBoYmWz8n
4MciqooPemlZtis8FAQpqimAdGyIxZqmDOe5FnLq4i+OpjWhFU3S7ixRL7K0Lirj
8M1zJRIA6RcV3mQqSHZxCTw9Hp/PMSIZaTTGX8sVHs5iTgaecskPcXANwrbLb0Pd
Z1XdoX8tuhI7gW2KhnUgQB0QNYoCTu2hQsIgc84eZlBkcEGIsuyH1D14GC9GoxwF
IbMKM2z30mm6Dj4asxZbAEwidg1HtMqoYy5kHwA0
-----END CERTIFICATE-----
Generated at Fri Sep 5 12:10:56 2025 by rpki-client