Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214909.roa
File: AS214909.roa (raw, json)
Hash identifier: m97zwPaTzw/7RClXKSSuttoXOWQBa+v/JeKxYzBqzAM=
Subject key identifier: 05:7C:1D:81:B2:6E:F1:C0:67:E2:44:76:3B:55:4D:A9:8F:9F:8C:9E
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2BDACAF7E5478713A4C72A5E819D9A91EFD12BB4
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214909.roa
Signing time: Fri 26 Jun 2026 08:08:47 +0000
ROA not before: Fri 26 Jun 2026 08:03:47 +0000
ROA not after: Fri 25 Jun 2027 08:08:47 +0000
asID: 214909
IP address blocks: 2a0f:85c1:3f7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:da:ca:f7:e5:47:87:13:a4:c7:2a:5e:81:9d:9a:91:ef:d1:2b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jun 26 08:03:47 2026 GMT
Not After : Jun 25 08:08:47 2027 GMT
Subject: CN=057C1D81B26EF1C067E244763B554DA98F9F8C9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:88:ca:e1:86:9c:53:ad:f3:c9:f5:00:b4:ee:
65:13:36:db:55:ea:4b:fe:dc:b5:52:f2:6d:64:10:
3e:f2:9c:26:8c:9a:89:2d:47:1a:47:b5:02:f4:06:
0b:b4:d0:44:65:f1:c8:16:80:5d:0d:cd:d3:29:1e:
d0:31:72:fb:63:52:75:b8:43:ce:d3:b1:33:b2:75:
1d:a3:8d:34:aa:45:a9:e2:b8:88:3f:7c:d4:fb:18:
a9:18:16:bf:2f:ad:c4:af:69:c1:bf:09:45:72:2d:
f6:08:3d:61:cf:59:50:e2:29:88:31:a4:a5:21:5e:
4e:15:4d:61:a1:94:26:70:d4:cc:3d:b8:2d:3f:a3:
ab:41:bd:ea:06:36:33:50:14:21:48:12:dd:33:cb:
21:49:73:88:47:0c:b1:ea:2a:58:12:13:ce:8e:7b:
e8:f8:ab:37:47:78:9c:75:db:45:29:6f:38:92:19:
8b:6e:72:4c:99:1f:4b:89:55:b8:53:9e:af:02:2b:
a1:bb:ef:10:42:56:4c:b3:e9:11:55:67:5f:cf:56:
a1:30:ef:81:35:1c:e5:87:50:62:e5:d4:1a:fe:af:
33:3b:74:03:6a:d2:69:f9:db:56:7f:4d:53:ba:4e:
de:1b:13:4d:0f:d0:0f:6f:e6:35:8d:a1:f4:ef:61:
06:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:7C:1D:81:B2:6E:F1:C0:67:E2:44:76:3B:55:4D:A9:8F:9F:8C:9E
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214909.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3f7::/48
Signature Algorithm: sha256WithRSAEncryption
a1:e1:08:af:7d:5a:5c:6c:89:3b:3f:76:e4:37:9e:81:db:dd:
97:6a:e2:32:a5:a5:42:ba:e3:c4:7c:3c:a8:3b:df:7b:60:0c:
61:1c:97:c8:07:ee:2d:af:4a:5b:ea:c6:b8:1e:f9:eb:52:7d:
1b:0d:3a:f3:7a:4f:22:46:c5:b1:cb:1b:6e:16:5d:59:0a:16:
83:16:88:79:86:db:06:e0:a3:46:3f:71:af:b9:54:c0:7c:d9:
ee:5f:10:98:a2:01:df:d3:ce:c1:3b:66:2a:22:e7:1a:3f:db:
0e:40:be:ea:ae:93:69:da:79:91:2d:db:89:d0:f9:74:e7:c4:
a1:50:3b:9e:66:b6:8f:04:42:ce:21:e8:ce:94:6f:62:82:3b:
b1:47:0e:24:f7:27:92:0c:f6:17:a2:00:f1:f1:dd:76:5d:c8:
0a:e3:90:1d:26:71:9c:5c:72:ca:4f:b7:5c:32:e7:70:da:ab:
4a:74:59:20:2d:58:f2:27:a7:56:6c:51:c2:dd:58:e4:5c:01:
59:c3:05:89:d3:4d:18:7a:8c:c0:4c:ed:fa:5c:6c:73:23:75:
ab:26:64:14:ca:6d:b4:24:02:60:6e:27:4c:5e:00:bb:0d:87:
b6:23:f4:05:b6:cc:2b:18:b7:1d:83:5a:09:27:61:db:72:c8:
44:f9:fb:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUK9rK9+VHhxOkxypegZ2ake/RK7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjA2MjYwODAzNDdaFw0yNzA2MjUwODA4NDdaMDMxMTAvBgNV
BAMTKDA1N0MxRDgxQjI2RUYxQzA2N0UyNDQ3NjNCNTU0REE5OEY5RjhDOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXiMrhhpxTrfPJ9QC07mUTNttV
6kv+3LVS8m1kED7ynCaMmoktRxpHtQL0Bgu00ERl8cgWgF0NzdMpHtAxcvtjUnW4
Q87TsTOydR2jjTSqRaniuIg/fNT7GKkYFr8vrcSvacG/CUVyLfYIPWHPWVDiKYgx
pKUhXk4VTWGhlCZw1Mw9uC0/o6tBveoGNjNQFCFIEt0zyyFJc4hHDLHqKlgSE86O
e+j4qzdHeJx120UpbziSGYtuckyZH0uJVbhTnq8CK6G77xBCVkyz6RFVZ1/PVqEw
74E1HOWHUGLl1Br+rzM7dANq0mn521Z/TVO6Tt4bE00P0A9v5jWNofTvYQYLAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUBXwdgbJu8cBn4kR2O1VNqY+fjJ4wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0OTA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQP3MA0GCSqGSIb3DQEBCwUAA4IBAQCh4QivfVpcbIk7P3bkN56B292XauIypaVC
uuPEfDyoO997YAxhHJfIB+4tr0pb6sa4HvnrUn0bDTrzek8iRsWxyxtuFl1ZChaD
Foh5htsG4KNGP3GvuVTAfNnuXxCYogHf087BO2YqIucaP9sOQL7qrpNp2nmRLduJ
0Pl058ShUDueZraPBELOIejOlG9igjuxRw4k9yeSDPYXogDx8d12XcgK45AdJnGc
XHLKT7dcMudw2qtKdFkgLVjyJ6dWbFHC3VjkXAFZwwWJ000YeozATO36XGxzI3Wr
JmQUym20JAJgbidMXgC7DYe2I/QFtswrGLcdg1oJJ2HbcshE+fse
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:37:13 2026 by rpki-client