Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213416.roa
File: AS213416.roa (raw, json)
Hash identifier: npQoNGe+9ZAWoL/5KWZX46fghANfaO+NKcE5WgKIt8U=
Subject key identifier: 0E:65:37:DF:C0:4C:BF:F8:A0:01:BA:CF:30:BB:D2:70:9A:3E:D7:EB
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 439B92CFE14523C6ABE344760B0364B6F2A68E57
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213416.roa
Signing time: Sat 15 Feb 2025 15:27:30 +0000
ROA not before: Sat 15 Feb 2025 15:22:30 +0000
ROA not after: Sat 14 Feb 2026 15:27:30 +0000
asID: 213416
IP address blocks: 2a0f:85c1:b7e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:9b:92:cf:e1:45:23:c6:ab:e3:44:76:0b:03:64:b6:f2:a6:8e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Feb 15 15:22:30 2025 GMT
Not After : Feb 14 15:27:30 2026 GMT
Subject: CN=0E6537DFC04CBFF8A001BACF30BBD2709A3ED7EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:59:a0:15:24:24:22:8b:54:d7:18:a5:27:d7:
59:22:6d:cf:b5:c7:67:b0:d8:42:0a:cc:63:f4:8a:
ce:85:96:49:b5:1f:1f:b2:16:02:aa:55:63:d8:75:
3c:7b:78:e0:3e:fa:0e:03:c4:be:84:41:c0:af:7f:
b7:e0:34:5e:dc:3a:73:cc:0b:77:6d:85:5d:38:2e:
22:5d:08:1a:36:44:4c:1e:8b:a9:8f:51:a9:63:62:
83:79:58:77:54:c2:0a:c8:b3:44:b0:bc:fa:71:97:
55:63:17:e0:6e:ca:a8:4c:0d:9e:95:83:e7:a6:76:
79:e1:af:16:33:89:11:b8:ac:51:82:6a:d1:1e:08:
64:2d:09:3c:c4:b4:4b:fb:36:6a:17:d5:0d:df:cf:
74:e0:b5:7e:a4:3d:08:42:e9:10:75:2b:f0:ea:a2:
ed:2f:f3:12:b9:8a:84:b4:42:fd:e4:4c:cc:29:e6:
7f:4c:bb:e6:2d:54:1f:30:80:d1:b5:34:12:e1:b4:
0e:db:8a:22:34:09:90:16:79:a1:90:6e:be:ea:dd:
fb:e4:ad:b4:d6:67:82:40:e0:ad:ff:76:93:ea:06:
56:27:d9:c0:d7:1e:12:58:32:1a:88:91:ef:69:d3:
d6:01:8a:bf:c8:9c:3e:ab:7d:ea:57:4f:5b:68:9a:
b0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:65:37:DF:C0:4C:BF:F8:A0:01:BA:CF:30:BB:D2:70:9A:3E:D7:EB
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213416.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b7e::/48
Signature Algorithm: sha256WithRSAEncryption
93:ed:37:40:dd:60:87:1c:6b:52:24:cb:35:7e:59:ab:b3:83:
fd:c8:3f:90:6f:b4:6c:09:f0:0f:25:02:9f:53:5b:84:68:0f:
62:b4:2f:8d:b7:8c:9b:a4:5e:49:0f:14:09:03:91:53:03:7f:
32:72:58:1c:82:d5:c1:87:d3:c8:d0:42:c4:92:73:80:f5:26:
68:f1:14:65:f3:8d:69:0f:e9:ac:7a:22:87:9f:3c:8e:dd:0b:
d6:0e:d4:27:5d:71:50:08:43:85:f7:d0:7e:27:fe:02:77:4a:
af:f9:5d:10:e7:c5:e7:fa:3a:0a:7d:24:0e:35:4c:b2:39:02:
ff:39:e4:e8:31:09:d6:69:5f:21:98:0d:db:4e:4a:a2:4c:72:
89:73:87:50:fa:49:05:b3:5a:87:a2:e5:18:89:f3:3a:e0:06:
86:36:f3:43:12:2c:d4:56:c4:8e:de:6f:c8:e3:7d:35:82:35:
45:0f:4f:74:b1:c8:2d:fd:84:a3:db:34:21:f8:c2:58:42:4c:
f7:a4:8c:eb:e1:8f:a8:8e:1b:66:cf:53:5a:1f:19:de:be:8f:
81:39:3d:5c:c3:d7:44:2a:49:cb:c9:7b:fb:2e:51:1f:8d:b1:
25:83:0c:3c:b5:02:21:5f:17:bc:79:0b:b0:b5:fc:b0:67:3a:
57:ba:c5:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUQ5uSz+FFI8ar40R2CwNktvKmjlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAyMTUxNTIyMzBaFw0yNjAyMTQxNTI3MzBaMDMxMTAvBgNV
BAMTKDBFNjUzN0RGQzA0Q0JGRjhBMDAxQkFDRjMwQkJEMjcwOUEzRUQ3RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4WaAVJCQii1TXGKUn11kibc+1
x2ew2EIKzGP0is6Flkm1Hx+yFgKqVWPYdTx7eOA++g4DxL6EQcCvf7fgNF7cOnPM
C3dthV04LiJdCBo2REwei6mPUaljYoN5WHdUwgrIs0SwvPpxl1VjF+BuyqhMDZ6V
g+emdnnhrxYziRG4rFGCatEeCGQtCTzEtEv7NmoX1Q3fz3TgtX6kPQhC6RB1K/Dq
ou0v8xK5ioS0Qv3kTMwp5n9Mu+YtVB8wgNG1NBLhtA7biiI0CZAWeaGQbr7q3fvk
rbTWZ4JA4K3/dpPqBlYn2cDXHhJYMhqIke9p09YBir/InD6rfepXT1tomrDHAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUDmU338BMv/igAbrPMLvScJo+1+swHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEzNDE2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQt+MA0GCSqGSIb3DQEBCwUAA4IBAQCT7TdA3WCHHGtSJMs1flmrs4P9yD+Qb7Rs
CfAPJQKfU1uEaA9itC+Nt4ybpF5JDxQJA5FTA38yclgcgtXBh9PI0ELEknOA9SZo
8RRl841pD+mseiKHnzyO3QvWDtQnXXFQCEOF99B+J/4Cd0qv+V0Q58Xn+joKfSQO
NUyyOQL/OeToMQnWaV8hmA3bTkqiTHKJc4dQ+kkFs1qHouUYifM64AaGNvNDEizU
VsSO3m/I4301gjVFD090scgt/YSj2zQh+MJYQkz3pIzr4Y+ojhtmz1NaHxnevo+B
OT1cw9dEKknLyXv7LlEfjbElgww8tQIhXxe8eQuwtfywZzpXusUc
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:22:28 2025 by rpki-client