Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213621.roa
File: AS213621.roa (raw, json)
Hash identifier: QDmUOEVNTCFlVKJqb4BV3kFKuQc13isx4eiGDF745rk=
Subject key identifier: 44:05:BE:3E:C4:0E:C7:96:17:D5:49:BA:33:11:3C:52:6A:B1:E3:70
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 4F9781225CF64CCB5A1941069EAAD5E6187B2087
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213621.roa
Signing time: Mon 13 Jan 2025 23:03:22 +0000
ROA not before: Mon 13 Jan 2025 22:58:22 +0000
ROA not after: Mon 12 Jan 2026 23:03:22 +0000
asID: 213621
IP address blocks: 2a0f:85c1:b3b::/48 maxlen: 56
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:97:81:22:5c:f6:4c:cb:5a:19:41:06:9e:aa:d5:e6:18:7b:20:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jan 13 22:58:22 2025 GMT
Not After : Jan 12 23:03:22 2026 GMT
Subject: CN=4405BE3EC40EC79617D549BA33113C526AB1E370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8e:88:28:d2:94:a2:2d:19:b9:8e:70:26:ad:
61:52:14:d8:65:73:32:56:a1:b3:2a:cd:e6:57:dc:
37:ea:40:b3:f9:30:05:20:c9:80:90:48:9c:63:31:
d1:b5:cf:2e:6b:f7:2b:12:63:be:c0:f4:96:27:ed:
d5:46:87:f2:93:b0:cb:97:76:a5:b0:28:c9:fa:d0:
01:cc:04:78:49:9c:66:8e:5e:5a:ff:b2:f9:bc:d8:
5f:30:71:1c:9e:9d:7c:87:df:43:99:05:64:1d:d1:
2b:9a:19:7e:d9:90:72:32:68:14:19:36:c1:38:49:
62:42:8e:7e:20:57:7e:c2:02:62:aa:bb:a2:c5:11:
2c:b2:eb:74:31:68:c6:40:d6:89:e6:79:a4:98:0c:
c6:03:e2:9d:91:45:16:cd:54:64:11:09:c0:3e:20:
a6:0f:9e:f1:13:46:32:c8:f0:27:5b:5d:b0:63:0a:
43:98:f8:cd:2b:a7:47:ff:bf:0d:e7:a6:03:69:97:
43:b3:d0:c4:48:d0:ac:5a:c7:74:fa:12:0d:bc:96:
4e:e6:f5:55:a4:44:a7:dd:61:d0:30:e8:ee:fc:16:
6e:eb:b8:29:7c:ff:ec:84:57:20:ec:d8:c6:76:b7:
77:81:7d:6c:6d:60:f7:cc:06:ff:f0:0f:d8:67:14:
6d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:05:BE:3E:C4:0E:C7:96:17:D5:49:BA:33:11:3C:52:6A:B1:E3:70
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213621.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b3b::/48
Signature Algorithm: sha256WithRSAEncryption
8e:04:65:e7:08:56:39:42:3c:38:ae:d8:5d:c9:a4:19:10:a7:
17:e6:f6:fe:b6:7a:71:29:45:d5:e0:8f:2c:9e:1a:54:e0:21:
62:7e:68:7d:e6:a5:3d:8b:ad:f8:30:9a:3d:79:ab:9b:27:29:
85:10:35:7d:5a:a8:44:94:73:80:65:ed:11:ed:43:34:76:b6:
b2:ab:31:5b:6c:b0:b1:1b:1e:2a:ec:f2:fc:76:c7:16:b9:22:
55:c8:33:50:35:97:8c:d3:aa:ba:c5:d7:54:a1:6b:c6:12:7b:
cd:e0:8a:c7:72:06:20:3f:90:de:ca:98:1a:7b:61:dc:aa:16:
4a:4a:91:eb:47:9a:83:4e:24:85:00:16:68:3b:d1:d7:7e:b6:
52:53:54:db:4f:2d:fc:76:64:cc:62:f1:46:91:01:a6:2d:56:
c7:49:0b:36:14:01:e9:d7:39:1e:85:e5:da:e1:5f:ca:65:85:
93:47:30:50:30:22:c8:1b:03:77:97:2a:c3:22:c6:c6:3b:6c:
b9:05:c3:1e:f4:96:2a:e5:97:2a:7c:26:2c:17:a1:64:1a:93:
5d:3b:14:81:f5:74:cd:9b:b6:6e:07:ba:43:d9:f1:68:1c:87:
85:30:e1:64:51:ac:7e:98:87:d6:0f:00:aa:b7:eb:65:8e:2d:
0e:0b:fa:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUT5eBIlz2TMtaGUEGnqrV5hh7IIcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAxMTMyMjU4MjJaFw0yNjAxMTIyMzAzMjJaMDMxMTAvBgNV
BAMTKDQ0MDVCRTNFQzQwRUM3OTYxN0Q1NDlCQTMzMTEzQzUyNkFCMUUzNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmjogo0pSiLRm5jnAmrWFSFNhl
czJWobMqzeZX3DfqQLP5MAUgyYCQSJxjMdG1zy5r9ysSY77A9JYn7dVGh/KTsMuX
dqWwKMn60AHMBHhJnGaOXlr/svm82F8wcRyenXyH30OZBWQd0SuaGX7ZkHIyaBQZ
NsE4SWJCjn4gV37CAmKqu6LFESyy63QxaMZA1onmeaSYDMYD4p2RRRbNVGQRCcA+
IKYPnvETRjLI8CdbXbBjCkOY+M0rp0f/vw3npgNpl0Oz0MRI0Kxax3T6Eg28lk7m
9VWkRKfdYdAw6O78Fm7ruCl8/+yEVyDs2MZ2t3eBfWxtYPfMBv/wD9hnFG0pAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQURAW+PsQOx5YX1Um6MxE8Umqx43AwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEzNjIxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQs7MA0GCSqGSIb3DQEBCwUAA4IBAQCOBGXnCFY5Qjw4rthdyaQZEKcX5vb+tnpx
KUXV4I8snhpU4CFifmh95qU9i634MJo9eaubJymFEDV9WqhElHOAZe0R7UM0dray
qzFbbLCxGx4q7PL8dscWuSJVyDNQNZeM06q6xddUoWvGEnvN4IrHcgYgP5Deypga
e2HcqhZKSpHrR5qDTiSFABZoO9HXfrZSU1TbTy38dmTMYvFGkQGmLVbHSQs2FAHp
1zkeheXa4V/KZYWTRzBQMCLIGwN3lyrDIsbGO2y5BcMe9JYq5ZcqfCYsF6FkGpNd
OxSB9XTNm7ZuB7pD2fFoHIeFMOFkUax+mIfWDwCqt+tlji0OC/oZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:22:06 2025 by rpki-client