Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: g684oKOzGnUBv0cUuWly6RQsm0XzZFyOagljCnP1jpo=
Subject key identifier: 2C:E0:DC:3C:37:6D:ED:A3:C8:B2:DE:E0:30:B5:33:A3:FE:12:A2:3E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 46DFB9B0319BDAF32DFAE36F33E3ADC7BBCE32D7
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214432.roa
Signing time: Mon 25 Aug 2025 12:39:18 +0000
ROA not before: Mon 25 Aug 2025 12:34:18 +0000
ROA not after: Mon 24 Aug 2026 12:39:18 +0000
asID: 214432
IP address blocks: 92.242.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:df:b9:b0:31:9b:da:f3:2d:fa:e3:6f:33:e3:ad:c7:bb:ce:32:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 25 12:34:18 2025 GMT
Not After : Aug 24 12:39:18 2026 GMT
Subject: CN=2CE0DC3C376DEDA3C8B2DEE030B533A3FE12A23E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:21:a4:8b:de:16:55:18:ec:98:9e:b0:6a:c5:
08:2f:5f:1c:c2:99:42:a7:25:0d:0c:ee:e4:e8:c9:
6b:88:99:75:56:e5:5f:ee:e0:01:b6:32:07:98:c8:
8a:4f:57:67:8f:b1:c4:1d:c1:ef:63:42:3f:85:cb:
2d:a5:b8:af:9c:c7:87:8f:0c:82:08:80:a8:bd:ca:
f6:cd:6b:38:c6:5a:9e:06:3a:90:1a:39:15:50:be:
2b:4d:14:f7:45:d8:84:f2:3f:6c:88:4f:e4:ed:3a:
bf:f2:ff:47:4a:29:20:41:72:5d:df:ea:21:d1:9e:
e3:99:21:93:5c:26:bc:c5:ff:11:ad:ed:a5:b0:96:
10:6f:4c:0c:51:28:54:8e:c9:4a:92:9a:8c:a8:b5:
14:a3:4e:e7:95:f4:c3:b8:07:90:24:d7:b1:ba:fc:
aa:e7:c9:5d:6d:dc:27:44:44:50:2a:fa:93:38:88:
c4:5a:0c:00:b7:ef:a0:f4:c8:74:49:98:12:b7:d8:
92:f6:56:2c:a2:5f:c7:bf:8a:0b:d1:6f:64:69:9f:
82:bf:28:f9:90:0b:97:61:9a:a6:ef:34:69:99:02:
5d:ee:6f:27:25:b1:ed:1d:33:be:7c:f8:86:9c:ee:
b6:c6:70:c6:78:97:ec:c6:88:fe:0f:f0:b9:6a:b9:
f3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E0:DC:3C:37:6D:ED:A3:C8:B2:DE:E0:30:B5:33:A3:FE:12:A2:3E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.186.0/24
Signature Algorithm: sha256WithRSAEncryption
73:67:ca:a6:1c:71:89:ef:69:d6:7c:01:fd:dd:9d:a1:db:22:
2d:4d:e0:46:7e:f6:1d:25:59:7a:9f:ae:4f:05:74:bf:30:ad:
cb:44:a8:d0:ca:17:21:6e:23:82:6f:0a:3d:d9:e3:b0:48:4d:
dc:4a:27:69:1c:17:5e:56:55:ad:09:c6:de:1f:09:50:30:fe:
5a:5d:ed:4d:49:d7:8a:50:86:80:1a:eb:3b:a4:46:06:9d:1b:
8f:15:90:9f:b6:34:04:65:25:bc:0c:ec:03:2c:1b:05:5d:e1:
c7:e4:cf:8f:3b:5b:f1:34:bb:97:78:48:7d:24:24:39:9e:e5:
fa:29:35:7e:3f:25:2b:81:97:e2:79:db:9a:92:2a:50:2b:fe:
7b:e2:b6:9d:a0:68:65:72:f5:56:70:af:6a:21:30:04:0d:94:
b8:ff:cb:01:8d:fa:32:90:81:79:23:48:e2:09:4f:27:01:7a:
11:ca:1b:b4:2e:4f:04:23:4f:6a:83:a0:5c:e4:91:43:6f:6f:
a7:fe:d9:3e:da:4f:10:a8:72:f7:eb:b8:66:32:60:a0:c3:60:
3f:08:01:a2:03:3a:93:35:61:38:85:96:2f:b6:fb:de:e7:ac:
e1:55:b3:26:6d:df:5f:d7:36:56:cd:20:c5:78:2d:25:13:7d:
90:4a:18:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIURt+5sDGb2vMt+uNvM+Otx7vOMtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MjUxMjM0MThaFw0yNjA4MjQxMjM5MThaMDMxMTAvBgNV
BAMTKDJDRTBEQzNDMzc2REVEQTNDOEIyREVFMDMwQjUzM0EzRkUxMkEyM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYIaSL3hZVGOyYnrBqxQgvXxzC
mUKnJQ0M7uToyWuImXVW5V/u4AG2MgeYyIpPV2ePscQdwe9jQj+Fyy2luK+cx4eP
DIIIgKi9yvbNazjGWp4GOpAaORVQvitNFPdF2ITyP2yIT+TtOr/y/0dKKSBBcl3f
6iHRnuOZIZNcJrzF/xGt7aWwlhBvTAxRKFSOyUqSmoyotRSjTueV9MO4B5Ak17G6
/KrnyV1t3CdERFAq+pM4iMRaDAC376D0yHRJmBK32JL2ViyiX8e/igvRb2Rpn4K/
KPmQC5dhmqbvNGmZAl3ubyclse0dM758+Iac7rbGcMZ4l+zGiP4P8LlqufNZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQULODcPDdt7aPIst7gMLUzo/4Soj4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXPK6
MA0GCSqGSIb3DQEBCwUAA4IBAQBzZ8qmHHGJ72nWfAH93Z2h2yItTeBGfvYdJVl6
n65PBXS/MK3LRKjQyhchbiOCbwo92eOwSE3cSidpHBdeVlWtCcbeHwlQMP5aXe1N
SdeKUIaAGus7pEYGnRuPFZCftjQEZSW8DOwDLBsFXeHH5M+PO1vxNLuXeEh9JCQ5
nuX6KTV+PyUrgZfieduakipQK/574radoGhlcvVWcK9qITAEDZS4/8sBjfoykIF5
I0jiCU8nAXoRyhu0Lk8EI09qg6Bc5JFDb2+n/tk+2k8QqHL367hmMmCgw2A/CAGi
AzqTNWE4hZYvtvve56zhVbMmbd9f1zZWzSDFeC0lE32QShjH
-----END CERTIFICATE-----
Generated at Fri Sep 5 12:03:31 2025 by rpki-client