Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206193.roa
File: AS206193.roa (raw, json)
Hash identifier: gyAZ9arpjgdusVHMhnJWQczPzQbLc9s4yvG8SoBch8g=
Subject key identifier: AD:FC:92:BB:29:52:01:36:B5:02:E4:24:31:3F:BB:EC:DC:48:91:4F
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 275F58D3C27905C67B43778628D01BABDB0F6898
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206193.roa
Signing time: Fri 29 Aug 2025 01:50:33 +0000
ROA not before: Fri 29 Aug 2025 01:45:33 +0000
ROA not after: Fri 28 Aug 2026 01:50:33 +0000
asID: 206193
IP address blocks: 2a0f:85c1:cc6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 20:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:5f:58:d3:c2:79:05:c6:7b:43:77:86:28:d0:1b:ab:db:0f:68:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 29 01:45:33 2025 GMT
Not After : Aug 28 01:50:33 2026 GMT
Subject: CN=ADFC92BB29520136B502E424313FBBECDC48914F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c8:b6:72:c3:47:bd:63:4a:99:d9:ff:8b:04:
71:7f:23:ab:a2:89:20:15:43:18:25:8c:37:cf:7a:
15:af:be:4a:d0:e2:44:95:95:9c:d8:11:4e:fd:e1:
e6:d9:68:16:a2:16:a5:73:36:bf:af:84:3c:49:5c:
7d:0f:e0:14:77:b8:a4:8a:69:8e:7f:7d:9a:fa:1c:
4f:1c:bc:f9:95:bb:23:7d:1a:db:98:ff:fc:c1:be:
10:01:42:44:f4:ef:ef:4b:1b:f0:32:5a:e2:ee:54:
e5:10:ba:2a:2b:d3:22:c5:3d:0a:da:c2:72:df:4e:
e7:58:a8:53:77:40:43:5a:29:e3:84:56:3e:5a:a5:
28:3e:6e:4b:06:9f:5d:d0:82:ce:fc:be:e9:1d:e1:
19:35:f7:52:86:ed:99:a4:c6:e7:29:03:0c:06:81:
ac:41:3f:be:e6:1d:8e:14:e2:77:00:df:b8:27:a5:
a9:19:c9:dc:91:0e:ea:f7:55:49:a1:f2:75:46:43:
04:6e:91:1d:4f:f0:cc:13:1e:1b:d2:15:da:ef:66:
8d:27:b2:cd:94:2c:4c:b9:00:62:29:a5:a7:b7:75:
5c:0a:90:8e:1d:32:1e:4c:50:fc:3d:03:75:fd:d4:
e8:0a:69:c7:a4:b4:55:ad:db:2c:2f:cf:03:62:2f:
c1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:FC:92:BB:29:52:01:36:B5:02:E4:24:31:3F:BB:EC:DC:48:91:4F
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206193.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:cc6::/48
Signature Algorithm: sha256WithRSAEncryption
48:bb:17:26:e5:b2:75:90:69:c5:69:e6:8a:dd:03:f1:83:27:
09:13:b4:f9:56:19:57:ac:c3:5a:cd:68:9d:2f:f4:73:b5:77:
2d:c4:d3:80:f5:16:91:ce:61:3d:9f:b2:20:04:5e:e1:8c:70:
4e:22:32:a4:69:73:c5:c7:e7:68:4a:c9:f3:84:28:67:fc:ba:
2b:4e:c9:9b:f7:bb:e7:97:c2:3e:1e:53:0e:0b:8c:06:7e:b8:
7b:ea:34:0e:04:27:9c:5c:a4:82:70:ba:a0:ef:f8:70:08:3f:
16:91:3c:69:81:e7:17:03:6a:da:93:25:27:c5:12:fd:4d:ec:
f2:44:66:de:e0:f3:64:c9:42:7c:6e:92:08:5a:3f:00:b0:f0:
cc:94:47:2d:d9:40:cf:39:e6:0e:bf:99:e5:06:a9:ec:52:9b:
ad:6d:fa:d8:6d:27:2c:0e:0f:0b:9c:95:ff:9f:e8:5d:57:81:
0c:a3:e5:08:d9:1f:bb:3d:2d:70:ac:03:d7:33:74:82:0b:fd:
75:9c:98:cb:b8:87:05:cb:02:19:c1:6c:e3:f7:ec:4f:72:7a:
65:04:f1:14:95:5b:59:71:30:c2:e3:74:08:6e:cb:32:0d:c2:
84:ff:d8:36:dd:ab:af:39:dd:91:34:1a:81:54:23:6b:12:ec:
8b:3f:47:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUJ19Y08J5BcZ7Q3eGKNAbq9sPaJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA4MjkwMTQ1MzNaFw0yNjA4MjgwMTUwMzNaMDMxMTAvBgNV
BAMTKEFERkM5MkJCMjk1MjAxMzZCNTAyRTQyNDMxM0ZCQkVDREM0ODkxNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZyLZyw0e9Y0qZ2f+LBHF/I6ui
iSAVQxgljDfPehWvvkrQ4kSVlZzYEU794ebZaBaiFqVzNr+vhDxJXH0P4BR3uKSK
aY5/fZr6HE8cvPmVuyN9GtuY//zBvhABQkT07+9LG/AyWuLuVOUQuior0yLFPQra
wnLfTudYqFN3QENaKeOEVj5apSg+bksGn13Qgs78vukd4Rk191KG7ZmkxucpAwwG
gaxBP77mHY4U4ncA37gnpakZydyRDur3VUmh8nVGQwRukR1P8MwTHhvSFdrvZo0n
ss2ULEy5AGIppae3dVwKkI4dMh5MUPw9A3X91OgKacektFWt2ywvzwNiL8HJAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUrfySuylSATa1AuQkMT+77NxIkU8wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA2MTkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQzGMA0GCSqGSIb3DQEBCwUAA4IBAQBIuxcm5bJ1kGnFaeaK3QPxgycJE7T5VhlX
rMNazWidL/RztXctxNOA9RaRzmE9n7IgBF7hjHBOIjKkaXPFx+doSsnzhChn/Lor
Tsmb97vnl8I+HlMOC4wGfrh76jQOBCecXKSCcLqg7/hwCD8WkTxpgecXA2rakyUn
xRL9TezyRGbe4PNkyUJ8bpIIWj8AsPDMlEct2UDPOeYOv5nlBqnsUputbfrYbScs
Dg8LnJX/n+hdV4EMo+UI2R+7PS1wrAPXM3SCC/11nJjLuIcFywIZwWzj9+xPcnpl
BPEUlVtZcTDC43QIbssyDcKE/9g23auvOd2RNBqBVCNrEuyLP0cx
-----END CERTIFICATE-----
Generated at Sun Sep 7 01:57:56 2025 by rpki-client