Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213001.roa
File: AS213001.roa (raw, json)
Hash identifier: 2u33+lrejLAy9POFIQJKAumzZXoAnI57q4z9n6b1tKI=
Subject key identifier: 6F:E7:74:1C:67:92:33:FC:1E:F4:4A:C7:7B:54:7D:65:8F:4F:9D:9A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3DE7CE984026E9B268D793E3C898FEBD6F8FCEEC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213001.roa
Signing time: Sat 25 Apr 2026 23:23:41 +0000
ROA not before: Sat 25 Apr 2026 23:18:41 +0000
ROA not after: Sat 24 Apr 2027 23:23:41 +0000
asID: 213001
IP address blocks: 168.222.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:e7:ce:98:40:26:e9:b2:68:d7:93:e3:c8:98:fe:bd:6f:8f:ce:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 25 23:18:41 2026 GMT
Not After : Apr 24 23:23:41 2027 GMT
Subject: CN=6FE7741C679233FC1EF44AC77B547D658F4F9D9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7b:2e:79:5f:37:f2:ac:bc:91:a5:53:8d:c0:
73:b8:c7:ca:cd:fa:f7:2f:ae:63:cb:b0:54:8c:db:
6c:18:ed:c2:f1:2c:5d:70:bb:0c:fe:9d:2e:c3:77:
df:b8:00:35:58:47:6a:ba:44:75:29:55:ad:29:fd:
59:d6:4a:89:e7:77:b2:9e:40:99:47:89:26:70:43:
82:d8:c9:29:b3:09:d2:86:b9:ca:2f:1d:b4:a8:a4:
3f:b5:ab:c7:a2:2e:4a:2a:ce:fc:42:0c:69:14:cd:
05:7f:01:1e:8f:67:d8:b9:0c:3a:e0:a4:d2:27:4c:
a3:f3:b1:db:76:cc:ab:65:9a:6b:cf:f3:00:0d:4f:
fd:89:ab:87:be:53:9e:57:67:f2:bd:d2:d3:b0:69:
db:4a:a1:58:40:41:7a:d0:91:fc:6c:52:f1:41:d9:
0b:44:03:45:c3:82:a3:7b:68:fd:be:7c:a4:5f:f4:
f2:ef:76:7c:d8:67:21:f5:97:cd:d1:8d:eb:f1:47:
4f:33:32:67:c5:9c:f2:b4:1e:44:ea:00:2d:de:82:
39:39:f4:42:8b:b4:76:e0:f2:a7:cd:3e:5a:57:6d:
27:bd:00:22:27:9d:bc:cd:57:a8:ec:75:94:92:2d:
41:44:ea:ad:2c:21:61:7b:f8:ff:db:3b:2d:60:35:
dc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E7:74:1C:67:92:33:FC:1E:F4:4A:C7:7B:54:7D:65:8F:4F:9D:9A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213001.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.222.96.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:0d:f0:d9:2d:d4:5d:42:3a:ac:53:22:31:a5:46:7d:51:e8:
8e:e5:0b:67:0e:0a:64:44:20:38:07:c1:09:00:35:c4:fc:0e:
4e:ff:b7:83:34:32:87:54:48:06:83:be:68:47:3b:3a:53:b9:
0f:3f:21:9e:f2:4b:3e:62:af:5d:1c:75:28:93:a0:70:ed:fc:
3e:f7:c2:e5:ad:ad:c0:93:1f:f9:2b:ca:1e:a5:c2:cd:45:3d:
d0:d9:0b:74:60:bb:8b:09:fa:fa:ac:de:f0:75:20:b3:ed:11:
a0:9f:05:21:b4:00:83:20:30:0a:ea:5a:54:88:5d:b1:de:d2:
4d:34:24:f9:f7:d1:80:35:7c:4a:69:e0:6d:99:41:c2:62:6a:
d5:87:da:e4:46:af:bb:6d:15:da:45:de:70:c6:27:41:a6:77:
18:fe:c7:96:4a:02:08:9f:87:27:7a:9c:bf:2d:2d:4e:cb:22:
93:98:39:8b:04:86:24:73:4e:27:34:24:f1:cb:1f:39:44:c1:
46:23:68:c1:a9:ab:45:ec:38:17:b0:ec:47:50:71:02:7a:f9:
75:e2:ee:fa:c9:45:71:4f:ea:3f:c3:79:e6:c9:d9:95:77:0a:
bb:3c:78:0a:d6:67:68:ee:d5:b6:73:70:84:f7:8b:c0:c2:3c:
a6:e4:46:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUPefOmEAm6bJo15PjyJj+vW+PzuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjUyMzE4NDFaFw0yNzA0MjQyMzIzNDFaMDMxMTAvBgNV
BAMTKDZGRTc3NDFDNjc5MjMzRkMxRUY0NEFDNzdCNTQ3RDY1OEY0RjlEOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChey55XzfyrLyRpVONwHO4x8rN
+vcvrmPLsFSM22wY7cLxLF1wuwz+nS7Dd9+4ADVYR2q6RHUpVa0p/VnWSonnd7Ke
QJlHiSZwQ4LYySmzCdKGucovHbSopD+1q8eiLkoqzvxCDGkUzQV/AR6PZ9i5DDrg
pNInTKPzsdt2zKtlmmvP8wANT/2Jq4e+U55XZ/K90tOwadtKoVhAQXrQkfxsUvFB
2QtEA0XDgqN7aP2+fKRf9PLvdnzYZyH1l83RjevxR08zMmfFnPK0HkTqAC3egjk5
9EKLtHbg8qfNPlpXbSe9ACInnbzNV6jsdZSSLUFE6q0sIWF7+P/bOy1gNdwTAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUb+d0HGeSM/we9ErHe1R9ZY9PnZowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEzMDAxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqN5g
MA0GCSqGSIb3DQEBCwUAA4IBAQCmDfDZLdRdQjqsUyIxpUZ9UeiO5QtnDgpkRCA4
B8EJADXE/A5O/7eDNDKHVEgGg75oRzs6U7kPPyGe8ks+Yq9dHHUok6Bw7fw+98Ll
ra3Akx/5K8oepcLNRT3Q2Qt0YLuLCfr6rN7wdSCz7RGgnwUhtACDIDAK6lpUiF2x
3tJNNCT599GANXxKaeBtmUHCYmrVh9rkRq+7bRXaRd5wxidBpncY/seWSgIIn4cn
epy/LS1OyyKTmDmLBIYkc04nNCTxyx85RMFGI2jBqatF7DgXsOxHUHECevl14u76
yUVxT+o/w3nmydmVdwq7PHgK1mdo7tW2c3CE94vAwjym5EZx
-----END CERTIFICATE-----
Generated at Wed May 13 00:35:34 2026 by rpki-client