Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS202469.roa
File: AS202469.roa (raw, json)
Hash identifier: MDoTvryMROzhWgheTWJ/Lnr7B7ek8NkDsUNYbVLFHIs=
Subject key identifier: D2:01:14:12:16:B2:05:E8:20:03:8E:41:12:FB:1D:AC:B1:74:CE:9A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1093F91BD3AD61EC31CC2633803435554EE62D5D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS202469.roa
Signing time: Wed 11 Jun 2025 07:25:50 +0000
ROA not before: Wed 11 Jun 2025 07:20:50 +0000
ROA not after: Wed 10 Jun 2026 07:25:50 +0000
asID: 202469
IP address blocks: 2a06:2b85::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:93:f9:1b:d3:ad:61:ec:31:cc:26:33:80:34:35:55:4e:e6:2d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 11 07:20:50 2025 GMT
Not After : Jun 10 07:25:50 2026 GMT
Subject: CN=D201141216B205E820038E4112FB1DACB174CE9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ac:16:05:da:5b:55:cb:4d:45:33:4c:5a:bb:
c3:ba:08:8f:c3:8d:46:71:f5:10:69:e0:c9:e7:fa:
3a:e3:99:f3:bd:c9:86:88:7a:07:3b:cd:ea:9d:8f:
00:49:af:03:b4:75:cc:bf:ae:a0:ed:6b:20:a0:3c:
b5:4a:16:07:4c:65:30:95:fa:b2:fe:4e:57:00:49:
05:82:05:26:54:68:2a:e4:4c:06:f9:27:19:a8:8b:
ca:e9:21:c8:72:9d:a1:2d:0e:e6:1e:cf:cb:e0:a5:
9e:0d:e8:5e:66:4c:73:86:0d:94:48:cc:7f:2b:9b:
95:5c:85:4b:4e:c2:e1:2f:d1:e8:46:38:c2:31:e4:
c2:e6:26:75:07:22:d8:fe:68:4a:dc:29:e8:d2:bc:
a2:6c:38:ee:bd:e1:89:c7:a7:e8:6b:0d:53:58:eb:
e3:a9:a1:6e:6e:bd:f0:1a:94:f2:86:09:e6:3a:88:
2c:1f:d2:86:15:ea:21:df:65:58:ca:22:b3:51:a4:
8b:2b:26:a5:eb:72:de:82:22:d4:18:de:03:42:a4:
be:bc:dd:59:31:2c:5a:30:51:1d:b7:cc:c6:c3:72:
64:3b:a7:93:68:85:2e:6e:33:4c:b2:28:8a:16:6a:
7b:b8:be:15:6c:e3:8f:c4:f2:61:b0:e6:19:8d:ee:
79:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:01:14:12:16:B2:05:E8:20:03:8E:41:12:FB:1D:AC:B1:74:CE:9A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS202469.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:2b85::/32
Signature Algorithm: sha256WithRSAEncryption
84:82:60:7e:6f:37:79:e4:0c:d9:34:36:51:a1:90:9b:cf:2f:
fc:a6:41:49:ad:08:1f:a5:e3:1c:6b:19:51:88:cf:d6:21:69:
bd:1e:c1:30:74:59:44:21:35:5f:ae:96:b3:14:16:aa:dd:50:
40:9a:e2:2c:a7:f6:b3:d0:d6:85:af:81:d4:d0:ec:c1:2a:bb:
6d:c0:9f:f4:7e:1b:4b:fd:5d:55:5e:2c:6e:ad:17:0b:f8:02:
51:11:9c:16:96:57:f9:9b:8e:6c:54:49:5a:25:ee:d2:10:8c:
ee:db:98:6a:1e:f3:b8:ae:10:f9:42:0a:7e:9a:d8:d9:9d:af:
bb:c7:0b:63:b3:eb:49:c7:a3:2b:a9:66:f7:2f:62:cb:54:54:
85:52:73:bc:20:0d:d4:2d:b3:02:5e:12:3f:4b:1e:aa:be:7d:
da:26:d6:fb:a6:94:f2:68:4b:5f:02:44:71:ba:f4:57:3b:a8:
ca:e1:d7:99:f1:68:40:c2:77:e9:61:a8:98:35:11:11:3f:72:
f4:90:29:d4:cd:c8:8b:57:8b:97:6a:71:ea:26:fc:84:c6:e7:
ca:f1:f1:c5:d2:72:3b:e6:aa:e2:7e:4f:88:c6:db:fb:22:9e:
b8:97:0a:02:87:43:c0:39:21:62:73:64:98:dd:cf:14:1d:2e:
66:9c:7e:02
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUEJP5G9OtYewxzCYzgDQ1VU7mLV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MTEwNzIwNTBaFw0yNjA2MTAwNzI1NTBaMDMxMTAvBgNV
BAMTKEQyMDExNDEyMTZCMjA1RTgyMDAzOEU0MTEyRkIxREFDQjE3NENFOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdrBYF2ltVy01FM0xau8O6CI/D
jUZx9RBp4Mnn+jrjmfO9yYaIegc7zeqdjwBJrwO0dcy/rqDtayCgPLVKFgdMZTCV
+rL+TlcASQWCBSZUaCrkTAb5Jxmoi8rpIchynaEtDuYez8vgpZ4N6F5mTHOGDZRI
zH8rm5VchUtOwuEv0ehGOMIx5MLmJnUHItj+aErcKejSvKJsOO694YnHp+hrDVNY
6+OpoW5uvfAalPKGCeY6iCwf0oYV6iHfZVjKIrNRpIsrJqXrct6CItQY3gNCpL68
3VkxLFowUR23zMbDcmQ7p5NohS5uM0yyKIoWanu4vhVs44/E8mGw5hmN7nmHAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQU0gEUEhayBeggA45BEvsdrLF0zpowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjAyNDY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgYr
hTANBgkqhkiG9w0BAQsFAAOCAQEAhIJgfm83eeQM2TQ2UaGQm88v/KZBSa0IH6Xj
HGsZUYjP1iFpvR7BMHRZRCE1X66WsxQWqt1QQJriLKf2s9DWha+B1NDswSq7bcCf
9H4bS/1dVV4sbq0XC/gCURGcFpZX+ZuObFRJWiXu0hCM7tuYah7zuK4Q+UIKfprY
2Z2vu8cLY7PrScejK6lm9y9iy1RUhVJzvCAN1C2zAl4SP0seqr592ibW+6aU8mhL
XwJEcbr0VzuoyuHXmfFoQMJ36WGomDURET9y9JAp1M3Ii1eLl2px6ib8hMbnyvHx
xdJyO+aq4n5PiMbb+yKeuJcKAodDwDkhYnNkmN3PFB0uZpx+Ag==
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:07:48 2025 by rpki-client