Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212669.roa
File: AS212669.roa (raw, json)
Hash identifier: TsUjr9hzsAaftulsIjTkpz4P3H99rF1Wiqtk/bSrXsE=
Subject key identifier: 61:E9:64:6C:C1:06:59:11:42:F4:01:64:F5:3E:5A:5F:D2:C0:CA:7A
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 61E39D4A8B222DD3DA9BAAA5093DF4FDA9A07078
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212669.roa
Signing time: Sat 08 Mar 2025 14:53:57 +0000
ROA not before: Sat 08 Mar 2025 14:48:57 +0000
ROA not after: Sat 07 Mar 2026 14:53:57 +0000
asID: 212669
IP address blocks: 45.158.170.0/24 maxlen: 24
152.89.249.0/24 maxlen: 24
193.29.96.0/24 maxlen: 24
193.151.182.0/24 maxlen: 24
194.113.222.0/24 maxlen: 24
195.206.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:e3:9d:4a:8b:22:2d:d3:da:9b:aa:a5:09:3d:f4:fd:a9:a0:70:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Mar 8 14:48:57 2025 GMT
Not After : Mar 7 14:53:57 2026 GMT
Subject: CN=61E9646CC106591142F40164F53E5A5FD2C0CA7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:25:cb:70:40:ba:ed:a7:52:a8:9f:88:f6:73:
dd:39:e9:e4:fb:68:82:3c:23:13:6f:63:3c:a0:36:
56:9b:0e:03:74:41:9e:51:16:9a:22:7d:6e:72:1b:
e8:ac:6e:e1:b7:39:79:f5:68:e0:2a:a9:fe:31:ac:
7a:5a:d7:87:5b:67:90:5c:df:e7:de:80:cd:e7:59:
ca:0e:66:1f:26:25:c4:9b:cb:1b:4d:c9:8e:2b:cc:
9d:68:ab:d0:35:cb:0c:71:3a:70:e0:a5:07:3b:ac:
d9:2e:72:07:51:dd:48:b9:ce:3d:29:08:42:7d:4b:
30:d1:f2:d7:3b:b3:ed:75:1b:78:27:fd:f9:c3:36:
b5:84:10:5a:c4:5b:dc:3d:56:81:4c:30:c5:7b:c8:
90:c9:1a:6a:50:2a:2c:0d:1a:d9:6d:ba:aa:2f:8f:
82:d1:82:11:fb:6f:3b:6e:67:a8:38:81:d5:aa:9b:
29:a2:06:a5:da:5b:3b:05:f5:c8:82:0b:7f:69:8a:
38:cb:53:92:5c:48:41:d4:7a:a8:0c:2d:50:62:03:
ce:e6:4a:54:c8:61:28:90:e7:c6:0c:53:81:84:e9:
d1:48:78:da:23:59:57:75:1c:48:0a:e0:58:26:43:
22:d8:b5:63:4f:0a:d9:dd:6b:26:a4:cc:73:0a:0c:
36:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E9:64:6C:C1:06:59:11:42:F4:01:64:F5:3E:5A:5F:D2:C0:CA:7A
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS212669.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.170.0/24
152.89.249.0/24
193.29.96.0/24
193.151.182.0/24
194.113.222.0/24
195.206.230.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:4a:36:e0:55:26:ca:af:f9:01:a5:e2:a6:35:34:cf:6b:44:
ab:fb:bf:2b:18:c9:57:39:15:e3:b9:19:65:a9:d9:3a:5a:3e:
57:92:e6:3b:ed:a7:f7:17:d9:2d:13:ca:2d:6d:3e:1d:73:a4:
a0:06:21:39:e7:bb:27:4c:72:4b:7a:7f:b7:35:c4:c5:71:49:
8e:2c:3b:c8:28:a7:cd:c9:56:f7:55:0b:2b:b0:6c:ee:e7:7b:
3f:bd:3d:a2:56:03:9a:a1:7c:64:b2:f1:35:8b:92:f4:a4:21:
8e:ff:6a:2e:8c:37:81:27:2e:1f:99:a3:3b:d7:19:ce:fd:2d:
51:44:f9:d9:05:5e:ad:25:9b:04:b0:bb:ec:e1:29:0a:a8:42:
45:49:96:d4:8f:27:ff:a1:b6:5e:fe:f9:ff:bc:d4:bc:f6:31:
99:a7:62:64:37:64:20:fc:f0:fa:f7:e7:fc:c6:ee:64:9d:04:
61:ed:e8:04:76:ea:df:99:39:5e:5b:eb:73:68:88:e1:7d:d2:
ed:21:7f:11:cf:c2:23:5d:1d:88:3c:fb:b0:7e:48:8c:5f:58:
55:91:f3:12:91:f6:2b:c1:08:f6:c3:59:66:54:1f:74:70:9f:
6e:b5:c2:7d:64:a3:05:ea:d3:d9:f8:4d:90:42:ca:39:a7:30:
2f:0d:ac:75
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUYeOdSosiLdPam6qlCT30/amgcHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTAzMDgxNDQ4NTdaFw0yNjAzMDcxNDUzNTdaMDMxMTAvBgNV
BAMTKDYxRTk2NDZDQzEwNjU5MTE0MkY0MDE2NEY1M0U1QTVGRDJDMENBN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyJctwQLrtp1Kon4j2c9056eT7
aII8IxNvYzygNlabDgN0QZ5RFpoifW5yG+isbuG3OXn1aOAqqf4xrHpa14dbZ5Bc
3+fegM3nWcoOZh8mJcSbyxtNyY4rzJ1oq9A1ywxxOnDgpQc7rNkucgdR3Ui5zj0p
CEJ9SzDR8tc7s+11G3gn/fnDNrWEEFrEW9w9VoFMMMV7yJDJGmpQKiwNGtltuqov
j4LRghH7bztuZ6g4gdWqmymiBqXaWzsF9ciCC39pijjLU5JcSEHUeqgMLVBiA87m
SlTIYSiQ58YMU4GE6dFIeNojWVd1HEgK4FgmQyLYtWNPCtndayakzHMKDDZTAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUYelkbMEGWRFC9AFk9T5aX9LAynowHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjEyNjY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZ6q
AwQAmFn5AwQAwR1gAwQAwZe2AwQAwnHeAwQAw87mMA0GCSqGSIb3DQEBCwUAA4IB
AQBKSjbgVSbKr/kBpeKmNTTPa0Sr+78rGMlXORXjuRllqdk6Wj5XkuY77af3F9kt
E8otbT4dc6SgBiE557snTHJLen+3NcTFcUmOLDvIKKfNyVb3VQsrsGzu53s/vT2i
VgOaoXxksvE1i5L0pCGO/2oujDeBJy4fmaM71xnO/S1RRPnZBV6tJZsEsLvs4SkK
qEJFSZbUjyf/obZe/vn/vNS89jGZp2JkN2Qg/PD69+f8xu5knQRh7egEdurfmTle
W+tzaIjhfdLtIX8Rz8IjXR2IPPuwfkiMX1hVkfMSkfYrwQj2w1lmVB90cJ9utcJ9
ZKMF6tPZ+E2QQso5pzAvDax1
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:37 2025 by rpki-client