Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS210542.roa
File: AS210542.roa (raw, json)
Hash identifier: FH+wuLHjrCYkd0nMfTEItdnjja9yD/Lhf2d1dTT38ZU=
Subject key identifier: 02:B1:E9:0A:48:98:B3:DF:B8:8F:5E:6F:0D:01:05:3C:0F:6A:33:88
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4EB34BE5C920B49ACD69CDDA7B8D21BAAA0F177D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS210542.roa
Signing time: Tue 17 Jun 2025 14:54:09 +0000
ROA not before: Tue 17 Jun 2025 14:49:09 +0000
ROA not after: Tue 16 Jun 2026 14:54:09 +0000
asID: 210542
IP address blocks: 146.103.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:b3:4b:e5:c9:20:b4:9a:cd:69:cd:da:7b:8d:21:ba:aa:0f:17:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 17 14:49:09 2025 GMT
Not After : Jun 16 14:54:09 2026 GMT
Subject: CN=02B1E90A4898B3DFB88F5E6F0D01053C0F6A3388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:60:98:fc:e6:3f:2c:d2:2e:f0:a0:72:32:e8:
9a:6b:61:3c:cf:63:70:b2:53:e9:a1:96:e6:7b:d1:
66:63:54:17:db:85:ac:56:4a:0a:cf:21:74:f2:a0:
9e:df:fa:68:7f:a2:dd:5f:75:c2:b0:c0:a1:98:1b:
fb:b1:42:b4:f0:4d:ff:ea:15:4b:e9:fc:a4:c3:f0:
07:bb:0d:39:84:61:1c:64:9f:0e:7d:b6:ab:28:42:
de:45:73:e1:32:b8:c2:ee:ef:e9:d9:53:33:8f:25:
ef:7f:a7:a1:4d:39:80:07:6e:ac:1b:de:2a:38:ab:
b1:52:57:15:ab:ac:25:64:51:29:ac:cd:b0:c0:64:
49:b2:2d:63:f4:73:24:3c:41:3f:10:88:b4:5e:63:
c7:a4:cb:ca:87:df:6a:30:8c:62:04:9c:93:4c:54:
91:56:b2:a6:66:9a:9f:da:3f:0e:06:bb:6f:b3:c6:
df:da:29:12:90:80:10:dc:45:2e:03:1b:50:0e:94:
18:50:82:9d:c0:d7:9f:3f:fc:12:cc:c9:80:1f:52:
1b:3f:a1:1c:ac:8a:8b:ba:36:c8:37:09:b1:d0:ea:
d7:1f:86:fb:a0:bd:a8:8f:42:1a:62:28:e2:87:8b:
44:e8:6e:b5:4c:57:82:a7:80:fa:89:fd:db:53:57:
96:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B1:E9:0A:48:98:B3:DF:B8:8F:5E:6F:0D:01:05:3C:0F:6A:33:88
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS210542.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.16.0/23
Signature Algorithm: sha256WithRSAEncryption
89:63:98:76:a0:c3:b7:59:02:cb:d5:82:13:87:2e:16:cc:2f:
6a:2a:ad:2e:3b:fa:dd:79:f3:d1:2c:b1:91:e3:07:23:8e:49:
00:6f:07:fd:8e:50:84:ec:90:64:0f:60:ea:14:24:2d:28:92:
2c:95:8a:c3:8f:3d:49:72:00:e6:a5:e3:70:62:a9:c3:03:50:
bf:62:80:80:9a:35:ca:d4:50:20:82:27:09:5b:97:0c:de:f2:
26:20:db:8c:ae:a3:31:4a:78:12:e8:9c:a9:d1:9e:e9:70:25:
2c:24:37:4b:a1:37:b8:4a:36:8f:0c:7d:27:89:43:4e:1f:6d:
82:e4:59:20:36:b8:fb:b1:cc:d0:dc:cd:80:ea:3e:63:1a:ae:
38:23:9f:32:77:62:7f:99:da:fa:b8:b7:98:eb:47:9c:a0:7c:
74:10:90:8c:2d:89:08:d9:76:3b:3f:58:7c:46:9c:4e:9b:ca:
ba:91:b9:79:61:44:16:a1:13:34:a4:70:50:84:b3:86:7e:31:
b3:09:8e:40:f1:3a:08:83:5b:e3:e3:ce:c7:47:1f:0b:e1:13:
4c:78:de:f0:e8:2a:67:18:65:54:76:77:a2:ff:13:11:4d:89:
0f:84:43:8f:db:cd:cd:ef:59:53:0e:9c:5a:52:02:ce:6e:f0:
a2:cf:3f:d0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUTrNL5ckgtJrNac3ae40huqoPF30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MTcxNDQ5MDlaFw0yNjA2MTYxNDU0MDlaMDMxMTAvBgNV
BAMTKDAyQjFFOTBBNDg5OEIzREZCODhGNUU2RjBEMDEwNTNDMEY2QTMzODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoYJj85j8s0i7woHIy6JprYTzP
Y3CyU+mhluZ70WZjVBfbhaxWSgrPIXTyoJ7f+mh/ot1fdcKwwKGYG/uxQrTwTf/q
FUvp/KTD8Ae7DTmEYRxknw59tqsoQt5Fc+EyuMLu7+nZUzOPJe9/p6FNOYAHbqwb
3io4q7FSVxWrrCVkUSmszbDAZEmyLWP0cyQ8QT8QiLReY8eky8qH32owjGIEnJNM
VJFWsqZmmp/aPw4Gu2+zxt/aKRKQgBDcRS4DG1AOlBhQgp3A158//BLMyYAfUhs/
oRysiou6Nsg3CbHQ6tcfhvugvaiPQhpiKOKHi0TobrVMV4KngPqJ/dtTV5YFAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUArHpCkiYs9+4j15vDQEFPA9qM4gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEwNTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkmcQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCJY5h2oMO3WQLL1YIThy4WzC9qKq0uO/rdefPR
LLGR4wcjjkkAbwf9jlCE7JBkD2DqFCQtKJIslYrDjz1JcgDmpeNwYqnDA1C/YoCA
mjXK1FAggicJW5cM3vImINuMrqMxSngS6Jyp0Z7pcCUsJDdLoTe4SjaPDH0niUNO
H22C5FkgNrj7sczQ3M2A6j5jGq44I58yd2J/mdr6uLeY60ecoHx0EJCMLYkI2XY7
P1h8RpxOm8q6kbl5YUQWoRM0pHBQhLOGfjGzCY5A8ToIg1vj487HRx8L4RNMeN7w
6CpnGGVUdnei/xMRTYkPhEOP283N71lTDpxaUgLObvCizz/Q
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:28:53 2025 by rpki-client