Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214657.roa
File: AS214657.roa (raw, json)
Hash identifier: jDCpnnZ31hQwFO6/YBke+Sc+7V81ZxZzZqip2XU7tQc=
Subject key identifier: 3B:EF:29:22:5B:E4:8D:04:1E:55:4D:BC:B8:F4:16:A2:B0:83:3A:AA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 042F3E29F3908F5107D7731056A5F3CBCFF4D791
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214657.roa
Signing time: Sun 01 Jun 2025 10:04:32 +0000
ROA not before: Sun 01 Jun 2025 09:59:32 +0000
ROA not after: Sun 31 May 2026 10:04:32 +0000
asID: 214657
IP address blocks: 2a13:9500:7a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:2f:3e:29:f3:90:8f:51:07:d7:73:10:56:a5:f3:cb:cf:f4:d7:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 1 09:59:32 2025 GMT
Not After : May 31 10:04:32 2026 GMT
Subject: CN=3BEF29225BE48D041E554DBCB8F416A2B0833AAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:aa:a9:d1:aa:17:48:9b:bf:32:c6:88:80:3c:
e0:9e:46:76:e5:e2:25:e3:f7:e7:bb:cc:ea:98:99:
07:35:fd:f6:44:a4:c8:4b:08:e2:88:54:0c:04:13:
31:4f:a6:0a:4e:dc:1b:8e:73:ea:1e:31:30:c7:a9:
83:50:0c:fa:9a:48:5d:2e:dc:91:0e:d0:70:f8:af:
5c:d4:72:40:45:db:98:ae:90:7e:16:13:49:1e:20:
bf:e6:83:3c:03:07:f3:d9:fd:aa:e3:05:fd:78:1f:
9a:5c:04:be:35:78:77:b0:72:cb:e6:cb:84:f1:af:
a1:f9:f0:36:21:7d:92:98:a3:99:2b:16:0f:f8:03:
09:82:f1:4d:39:ba:d0:90:78:fd:b2:d4:dc:4f:ac:
2a:ef:f1:e4:58:00:77:21:ac:da:61:5b:8c:e3:2c:
35:38:73:d0:a7:d7:5b:27:d1:ed:7e:c7:9c:0d:4e:
b6:72:eb:af:52:4d:7a:16:4d:7d:ea:83:ce:0c:52:
61:e4:c1:46:68:bd:87:00:06:44:e6:ad:73:ad:df:
b7:00:da:6f:66:7e:72:c4:99:43:1a:a6:ff:8f:e8:
aa:41:b7:22:88:c5:f9:5d:bc:10:69:a4:8b:76:f4:
6a:9b:61:6c:28:8d:a3:19:db:e4:95:71:f0:ad:69:
fb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EF:29:22:5B:E4:8D:04:1E:55:4D:BC:B8:F4:16:A2:B0:83:3A:AA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214657.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:7a::/48
Signature Algorithm: sha256WithRSAEncryption
1f:ce:16:dd:6c:e7:69:30:e5:01:89:fc:4a:a3:ce:2e:7a:27:
f3:71:1c:d6:8d:7d:04:9a:04:9e:ac:82:73:08:1a:3b:2c:df:
ec:fd:20:e4:92:92:18:41:b9:88:eb:a7:db:51:3e:3f:a2:bf:
57:d5:a2:cb:96:fc:85:16:7c:e5:f7:17:b4:e2:8a:28:67:94:
b8:b5:94:60:c0:a6:ea:9e:44:c6:67:ec:6b:6f:2d:9c:86:c3:
ff:68:87:96:f2:a8:80:53:8e:91:d2:cd:07:55:7c:d3:b2:cf:
ae:c9:50:f1:08:77:06:c4:b7:9c:71:bf:5e:1f:94:dd:4c:c3:
ab:b7:f0:ae:88:84:2d:69:4b:7d:ed:37:aa:82:4d:a1:2b:d1:
ab:c7:94:58:42:c4:ce:f6:67:f5:cb:f3:3c:b6:41:19:c3:8d:
91:e9:f9:4b:99:62:b3:f1:6b:17:38:f4:79:c6:48:f8:b6:44:
b3:c9:a1:b5:b2:b2:f9:db:f9:06:b8:f9:bb:06:9c:5d:1c:01:
58:83:c1:9b:8d:64:05:d7:48:89:a3:2a:27:e8:31:15:fe:af:
33:86:7e:be:5e:ed:ac:da:69:2f:22:4c:32:66:f1:46:92:cd:
04:44:21:46:3b:42:72:21:c3:8b:cc:d1:b2:33:62:22:ab:87:
5e:0c:f6:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUBC8+KfOQj1EH13MQVqXzy8/015EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDEwOTU5MzJaFw0yNjA1MzExMDA0MzJaMDMxMTAvBgNV
BAMTKDNCRUYyOTIyNUJFNDhEMDQxRTU1NERCQ0I4RjQxNkEyQjA4MzNBQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6qqnRqhdIm78yxoiAPOCeRnbl
4iXj9+e7zOqYmQc1/fZEpMhLCOKIVAwEEzFPpgpO3BuOc+oeMTDHqYNQDPqaSF0u
3JEO0HD4r1zUckBF25iukH4WE0keIL/mgzwDB/PZ/arjBf14H5pcBL41eHewcsvm
y4Txr6H58DYhfZKYo5krFg/4AwmC8U05utCQeP2y1NxPrCrv8eRYAHchrNphW4zj
LDU4c9Cn11sn0e1+x5wNTrZy669STXoWTX3qg84MUmHkwUZovYcABkTmrXOt37cA
2m9mfnLEmUMapv+P6KpBtyKIxfldvBBppIt29GqbYWwojaMZ2+SVcfCtafsNAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUO+8pIlvkjQQeVU28uPQWorCDOqowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NjU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AAB6MA0GCSqGSIb3DQEBCwUAA4IBAQAfzhbdbOdpMOUBifxKo84ueifzcRzWjX0E
mgSerIJzCBo7LN/s/SDkkpIYQbmI66fbUT4/or9X1aLLlvyFFnzl9xe04oooZ5S4
tZRgwKbqnkTGZ+xrby2chsP/aIeW8qiAU46R0s0HVXzTss+uyVDxCHcGxLeccb9e
H5TdTMOrt/CuiIQtaUt97Teqgk2hK9Grx5RYQsTO9mf1y/M8tkEZw42R6flLmWKz
8WsXOPR5xkj4tkSzyaG1srL52/kGuPm7BpxdHAFYg8GbjWQF10iJoyon6DEV/q8z
hn6+Xu2s2mkvIkwyZvFGks0ERCFGO0JyIcOLzNGyM2Iiq4deDPa4
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:54:15 2025 by rpki-client