Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS213945.roa
File: AS213945.roa (raw, json)
Hash identifier: csBkrpW6zQ/qho/cNcUw25fO9HpuJKBEYD52L7VQpQU=
Subject key identifier: B2:A3:1B:44:E6:DA:6B:0C:CA:78:C2:A4:53:1B:31:AD:E0:EF:FA:68
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 271C4A496A6E5C67F9A0CF1FD34406B2D1603360
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS213945.roa
Signing time: Sat 20 Jun 2026 11:16:53 +0000
ROA not before: Sat 20 Jun 2026 11:11:53 +0000
ROA not after: Sat 19 Jun 2027 11:16:53 +0000
asID: 213945
IP address blocks: 176.96.130.0/24 maxlen: 24
185.231.227.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 07:25:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:1c:4a:49:6a:6e:5c:67:f9:a0:cf:1f:d3:44:06:b2:d1:60:33:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Jun 20 11:11:53 2026 GMT
Not After : Jun 19 11:16:53 2027 GMT
Subject: CN=B2A31B44E6DA6B0CCA78C2A4531B31ADE0EFFA68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6d:00:94:5f:f8:e1:c2:bd:e4:01:d8:50:cc:
c2:0c:e7:97:ab:47:d9:0b:da:8b:7b:70:d2:c8:6f:
49:5c:ed:8b:49:ed:df:7d:97:eb:8d:1a:5b:4e:a7:
11:b2:1e:2c:ad:2b:6c:1f:29:75:60:2e:d9:ae:c5:
02:5e:a0:c4:d2:82:33:7f:d5:f9:68:e3:03:6f:1b:
cf:88:35:da:66:54:18:0b:67:19:dd:d8:f3:86:53:
5d:d9:ba:a2:6e:ac:37:e7:57:aa:03:b4:34:9e:3a:
e1:8d:17:ca:98:a4:81:62:78:98:32:d9:bf:12:d4:
e4:a8:45:c1:1f:01:a2:34:ab:f1:6c:44:9f:bb:44:
82:62:eb:29:ff:4e:b9:a1:5f:00:ba:3d:3c:62:df:
32:70:d4:36:57:13:1c:8e:32:f2:bc:05:1a:32:f1:
b9:d5:d5:5b:f7:e3:f7:2a:33:60:7c:9a:1f:04:41:
93:7f:ae:6a:dd:08:6e:ae:cd:d1:08:df:48:bf:b0:
40:f7:27:d8:fa:69:47:10:ff:ef:ae:c8:58:aa:f2:
46:6b:f2:4d:3d:33:a0:82:06:40:27:cf:00:38:3f:
c4:96:15:14:00:5e:20:1d:08:36:0c:57:b5:bf:a5:
58:3e:70:83:70:97:5e:39:84:b6:38:a5:2c:e6:60:
f9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A3:1B:44:E6:DA:6B:0C:CA:78:C2:A4:53:1B:31:AD:E0:EF:FA:68
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS213945.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.130.0/24
185.231.227.0/24
217.18.209.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:a9:2a:df:2f:1b:01:4b:02:5d:2d:a0:ce:94:64:cd:e7:e6:
28:67:15:97:bd:70:2a:d6:15:f1:af:16:ea:db:fe:2a:66:09:
91:7d:7b:3e:23:58:0f:b4:e8:9b:90:b4:e1:6b:1e:43:65:92:
64:c9:94:9e:9d:4a:e1:0a:eb:3a:f6:35:f8:42:84:93:04:ce:
17:7a:21:a2:00:c1:64:59:11:ba:b4:2f:40:c9:a6:8f:9b:64:
10:5d:db:35:db:8e:6d:39:e2:98:9a:2d:ff:f0:13:26:02:c9:
68:03:0c:88:be:f4:8e:9c:d3:d8:6d:30:63:0d:84:78:4c:9f:
23:0e:15:3f:4e:54:7e:6b:89:bc:cf:7b:b6:76:f7:8f:22:bc:
24:16:e9:f9:78:1d:c9:2d:4a:b4:da:00:64:43:28:c9:b9:c9:
57:79:88:63:1d:d8:80:cf:98:cd:bf:a4:d9:30:28:e0:a3:74:
e6:f9:2a:b7:92:42:03:24:e5:d2:59:30:d9:1b:2d:2a:be:48:
07:e7:c9:7f:71:bc:61:f0:97:18:6c:78:80:c0:90:61:93:e5:
c5:76:7f:fe:43:f9:06:c0:d4:79:00:2d:df:c7:6a:0d:ab:c8:
81:1f:de:3b:26:9a:6d:07:cb:74:c3:80:fc:67:05:23:e8:bf:
25:58:81:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUJxxKSWpuXGf5oM8f00QGstFgM2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA2MjAxMTExNTNaFw0yNzA2MTkxMTE2NTNaMDMxMTAvBgNV
BAMTKEIyQTMxQjQ0RTZEQTZCMENDQTc4QzJBNDUzMUIzMUFERTBFRkZBNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCibQCUX/jhwr3kAdhQzMIM55er
R9kL2ot7cNLIb0lc7YtJ7d99l+uNGltOpxGyHiytK2wfKXVgLtmuxQJeoMTSgjN/
1flo4wNvG8+INdpmVBgLZxnd2POGU13ZuqJurDfnV6oDtDSeOuGNF8qYpIFieJgy
2b8S1OSoRcEfAaI0q/FsRJ+7RIJi6yn/TrmhXwC6PTxi3zJw1DZXExyOMvK8BRoy
8bnV1Vv34/cqM2B8mh8EQZN/rmrdCG6uzdEI30i/sED3J9j6aUcQ/++uyFiq8kZr
8k09M6CCBkAnzwA4P8SWFRQAXiAdCDYMV7W/pVg+cINwl145hLY4pSzmYPkNAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUsqMbRObaawzKeMKkUxsxreDv+mgwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjEzOTQ1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsGCC
AwQAuefjAwQA2RLRMA0GCSqGSIb3DQEBCwUAA4IBAQDYqSrfLxsBSwJdLaDOlGTN
5+YoZxWXvXAq1hXxrxbq2/4qZgmRfXs+I1gPtOibkLThax5DZZJkyZSenUrhCus6
9jX4QoSTBM4XeiGiAMFkWRG6tC9AyaaPm2QQXds1245tOeKYmi3/8BMmAsloAwyI
vvSOnNPYbTBjDYR4TJ8jDhU/TlR+a4m8z3u2dvePIrwkFun5eB3JLUq02gBkQyjJ
uclXeYhjHdiAz5jNv6TZMCjgo3Tm+Sq3kkIDJOXSWTDZGy0qvkgH58l/cbxh8JcY
bHiAwJBhk+XFdn/+Q/kGwNR5AC3fx2oNq8iBH947JpptB8t0w4D8ZwUj6L8lWIHN
-----END CERTIFICATE-----
Generated at Sat Jun 27 20:30:34 2026 by rpki-client