Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213737.roa
File: AS213737.roa (raw, json)
Hash identifier: JuZFIoN6YcAQykveoWJfThTD2WJ408aKVBHfPqSZgSI=
Subject key identifier: 81:06:94:FC:42:D8:C2:99:6A:15:28:E6:E6:AE:1B:DD:9A:D6:CD:D4
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 55CB6747FD80CF3CF19273446C8D5102DB39AA39
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213737.roa
Signing time: Mon 27 Apr 2026 17:06:43 +0000
ROA not before: Mon 27 Apr 2026 17:01:43 +0000
ROA not after: Mon 26 Apr 2027 17:06:43 +0000
asID: 213737
IP address blocks: 155.117.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:cb:67:47:fd:80:cf:3c:f1:92:73:44:6c:8d:51:02:db:39:aa:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 27 17:01:43 2026 GMT
Not After : Apr 26 17:06:43 2027 GMT
Subject: CN=810694FC42D8C2996A1528E6E6AE1BDD9AD6CDD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fa:11:31:d1:d6:c4:b5:de:e2:a3:1a:2b:d3:
b0:46:4e:61:2b:98:9a:e3:fb:e9:c3:86:73:92:f8:
d3:71:68:68:8f:a9:da:97:25:6d:5d:18:0d:00:f4:
73:1c:38:eb:b6:71:b3:0f:53:9e:ce:21:53:2e:fe:
0f:2e:24:59:7c:53:9e:ac:28:57:a0:8c:ef:bf:11:
0a:82:e8:28:da:bf:db:ff:00:e0:a1:46:f4:f8:ff:
74:91:3d:f8:77:f5:19:18:0f:c7:02:00:5e:e1:6e:
d2:e4:cf:da:b8:a0:fb:a3:98:b7:4e:7c:44:6e:d1:
0f:3c:14:e5:48:6a:d4:a2:e0:36:f6:52:10:a2:8a:
b9:2a:43:2b:6a:44:a0:19:ca:9d:a8:51:fc:4b:f6:
04:68:32:12:b4:1b:49:14:89:55:7e:84:88:3f:f3:
8d:0b:09:a3:64:e2:52:96:30:54:df:90:a5:28:3b:
fc:4d:9b:fb:67:a5:72:c9:c3:95:c3:46:d5:71:ff:
c1:50:a3:e6:eb:f9:3e:cb:8a:16:08:fc:d8:32:34:
fe:fe:cf:d1:e0:c3:d6:92:5e:57:88:ba:6c:32:fd:
f8:6b:e3:bd:37:23:05:e4:40:e0:bd:2b:81:0e:97:
d3:f2:fe:53:dc:da:47:67:07:48:bf:3a:30:2d:ce:
cd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:06:94:FC:42:D8:C2:99:6A:15:28:E6:E6:AE:1B:DD:9A:D6:CD:D4
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.202.0/24
Signature Algorithm: sha256WithRSAEncryption
12:d2:54:5b:51:6e:e4:04:94:af:6d:b5:9a:90:db:25:4d:e7:
4d:aa:c1:52:77:61:52:da:ae:24:cb:e8:9c:77:15:d1:bb:8e:
ca:8c:71:10:16:24:e5:b3:98:6c:4c:85:dc:f2:df:a9:ae:43:
73:99:74:3a:d9:41:00:cc:3f:93:d6:f3:50:01:52:40:d2:4e:
51:58:2c:fb:d2:13:95:10:3a:e5:02:26:11:6b:74:ca:71:0a:
bc:a5:96:20:b0:da:f1:f0:7a:cb:65:9d:76:c4:2a:d3:60:e1:
cb:a1:39:c3:9f:0a:8c:fb:59:35:5f:97:41:2c:17:7a:61:04:
54:dc:7b:8c:c8:f7:14:4f:41:94:6d:9f:dd:5c:9a:94:79:96:
d8:0a:32:1a:14:c4:8c:37:7e:e0:b4:ad:a8:20:9b:d9:90:2c:
32:40:c3:4a:1b:14:48:ce:ab:a3:89:89:96:6a:ed:65:32:24:
bf:03:30:1d:2e:cb:16:4e:dd:7b:d8:48:8d:b2:c9:b8:ee:35:
b8:1c:36:18:1f:3a:9a:53:bc:e6:51:b4:38:c4:45:20:e3:b5:
e6:1d:58:04:e4:cc:21:08:fa:a4:e9:bc:3f:b5:ce:96:7a:05:
d4:9e:c4:80:8f:24:c0:dd:85:73:03:ba:93:31:28:25:cf:5b:
e2:87:b1:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVctnR/2AzzzxknNEbI1RAts5qjkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjcxNzAxNDNaFw0yNzA0MjYxNzA2NDNaMDMxMTAvBgNV
BAMTKDgxMDY5NEZDNDJEOEMyOTk2QTE1MjhFNkU2QUUxQkREOUFENkNERDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC++hEx0dbEtd7ioxor07BGTmEr
mJrj++nDhnOS+NNxaGiPqdqXJW1dGA0A9HMcOOu2cbMPU57OIVMu/g8uJFl8U56s
KFegjO+/EQqC6Cjav9v/AOChRvT4/3SRPfh39RkYD8cCAF7hbtLkz9q4oPujmLdO
fERu0Q88FOVIatSi4Db2UhCiirkqQytqRKAZyp2oUfxL9gRoMhK0G0kUiVV+hIg/
840LCaNk4lKWMFTfkKUoO/xNm/tnpXLJw5XDRtVx/8FQo+br+T7LihYI/NgyNP7+
z9Hgw9aSXleIumwy/fhr4703IwXkQOC9K4EOl9Py/lPc2kdnB0i/OjAtzs2LAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUgQaU/ELYwplqFSjm5q4b3ZrWzdQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEzNzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAm3XK
MA0GCSqGSIb3DQEBCwUAA4IBAQAS0lRbUW7kBJSvbbWakNslTedNqsFSd2FS2q4k
y+icdxXRu47KjHEQFiTls5hsTIXc8t+prkNzmXQ62UEAzD+T1vNQAVJA0k5RWCz7
0hOVEDrlAiYRa3TKcQq8pZYgsNrx8HrLZZ12xCrTYOHLoTnDnwqM+1k1X5dBLBd6
YQRU3HuMyPcUT0GUbZ/dXJqUeZbYCjIaFMSMN37gtK2oIJvZkCwyQMNKGxRIzquj
iYmWau1lMiS/AzAdLssWTt172EiNssm47jW4HDYYHzqaU7zmUbQ4xEUg47XmHVgE
5MwhCPqk6bw/tc6WegXUnsSAjyTA3YVzA7qTMSglz1vih7GO
-----END CERTIFICATE-----
Generated at Wed May 13 04:42:20 2026 by rpki-client