Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
File: AS212335.roa (raw, json)
Hash identifier: rQO+8WXyU5fMl85/IZfvJOUgMBH8OBPxugUqHpUuizo=
Subject key identifier: 1C:8A:8A:42:91:6B:CC:5B:0E:35:73:F3:CB:78:59:82:29:60:C5:31
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 39B1A2AE486FC6BF7A9E953F2FDC29631C4AD69D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
Signing time: Thu 19 Jun 2025 13:29:41 +0000
ROA not before: Thu 19 Jun 2025 13:24:41 +0000
ROA not after: Thu 18 Jun 2026 13:29:41 +0000
asID: 212335
IP address blocks: 45.137.157.0/24 maxlen: 24
179.61.155.0/24 maxlen: 24
185.170.56.0/24 maxlen: 24
191.96.18.0/24 maxlen: 24
191.96.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:b1:a2:ae:48:6f:c6:bf:7a:9e:95:3f:2f:dc:29:63:1c:4a:d6:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 19 13:24:41 2025 GMT
Not After : Jun 18 13:29:41 2026 GMT
Subject: CN=1C8A8A42916BCC5B0E3573F3CB7859822960C531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:21:1c:f1:2f:ef:f6:25:1b:29:0e:5f:82:31:
5d:e2:82:9e:93:76:3a:f7:18:41:f4:7e:e9:70:09:
7b:70:6e:98:1f:d2:e7:47:a1:91:f5:7e:e2:31:0e:
77:48:fd:45:ff:65:3b:ab:cb:91:db:57:0b:63:b9:
44:e2:c4:2c:40:76:11:78:a7:d0:1c:d7:0c:8b:c7:
b4:f6:ec:d7:54:e6:5e:0d:a4:89:7f:e2:3e:d4:87:
11:b4:ee:e9:61:34:92:fa:b7:be:82:7f:0e:ed:75:
90:ca:32:98:50:2b:2c:08:f4:15:8c:d2:b7:33:86:
5d:8a:6c:d5:35:a4:5d:dc:e3:05:0e:ba:af:dc:53:
5f:88:e3:28:48:db:6a:8a:a7:77:bc:35:6c:ed:9c:
54:73:5a:9a:3d:2e:b4:fd:5c:29:eb:8c:cf:67:f3:
40:ec:a8:44:af:4b:3c:56:ee:dd:e7:95:76:cb:92:
79:20:a2:a2:3b:de:1d:8f:8c:55:31:82:a4:13:fb:
07:e7:3c:3f:e5:ad:35:80:07:36:ac:cf:95:48:20:
15:28:ed:ab:9c:4c:52:fe:31:30:58:ff:43:a6:23:
01:2b:ad:5b:fb:d4:3e:45:bb:29:be:5f:dd:4c:ac:
3d:13:65:f7:85:f4:22:bf:c2:7a:ef:b3:17:26:73:
0b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8A:8A:42:91:6B:CC:5B:0E:35:73:F3:CB:78:59:82:29:60:C5:31
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.157.0/24
179.61.155.0/24
185.170.56.0/24
191.96.18.0/24
191.96.187.0/24
Signature Algorithm: sha256WithRSAEncryption
20:5e:ba:46:b4:a4:7c:8b:55:07:1e:8f:ad:4a:fd:db:ac:20:
40:c7:c0:77:a3:91:e1:65:18:8c:7c:e2:2d:4f:55:2c:cc:e8:
05:e5:0b:5a:9b:4b:14:70:d7:a5:bf:bd:e0:e8:c5:d1:9f:e3:
fb:86:fa:fc:83:99:9d:94:35:31:fe:6e:10:71:90:22:3b:44:
f9:1e:a4:49:5a:fe:65:01:79:4f:63:9f:23:48:ea:51:fa:bb:
97:0b:31:f7:73:8d:1e:1b:30:4f:08:47:f9:6c:6c:8d:ca:08:
ee:ce:c9:20:0b:91:6d:61:b2:c0:f4:54:8c:66:06:c8:3e:a2:
10:2d:51:98:43:7c:37:bd:2d:d8:e9:17:3c:68:83:df:50:25:
0b:65:39:a7:66:3d:37:f9:f6:f2:14:f6:9d:61:05:eb:1b:70:
36:64:87:4c:7b:79:ba:a5:b5:56:71:ee:6c:ff:66:43:a0:c8:
2c:3b:5a:67:73:96:bc:8d:f2:1b:1b:e4:05:08:64:58:6d:b9:
0e:cd:2d:ca:5d:63:2c:bb:6d:a9:15:88:35:ce:ab:ad:61:9b:
13:ba:cb:bf:76:98:48:f6:04:5b:62:20:d2:f3:72:16:57:2a:
be:eb:be:e5:73:40:3d:7e:ae:28:41:35:8c:ac:b6:dc:8f:7d:
17:e5:a2:fc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUObGirkhvxr96npU/L9wpYxxK1p0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MTkxMzI0NDFaFw0yNjA2MTgxMzI5NDFaMDMxMTAvBgNV
BAMTKDFDOEE4QTQyOTE2QkNDNUIwRTM1NzNGM0NCNzg1OTgyMjk2MEM1MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTIRzxL+/2JRspDl+CMV3igp6T
djr3GEH0fulwCXtwbpgf0udHoZH1fuIxDndI/UX/ZTury5HbVwtjuUTixCxAdhF4
p9Ac1wyLx7T27NdU5l4NpIl/4j7UhxG07ulhNJL6t76Cfw7tdZDKMphQKywI9BWM
0rczhl2KbNU1pF3c4wUOuq/cU1+I4yhI22qKp3e8NWztnFRzWpo9LrT9XCnrjM9n
80DsqESvSzxW7t3nlXbLknkgoqI73h2PjFUxgqQT+wfnPD/lrTWABzasz5VIIBUo
7aucTFL+MTBY/0OmIwErrVv71D5Fuym+X91MrD0TZfeF9CK/wnrvsxcmcwv7AgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUHIqKQpFrzFsONXPzy3hZgilgxTEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyMzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYmd
AwQAsz2bAwQAuao4AwQAv2ASAwQAv2C7MA0GCSqGSIb3DQEBCwUAA4IBAQAgXrpG
tKR8i1UHHo+tSv3brCBAx8B3o5HhZRiMfOItT1UszOgF5Qtam0sUcNelv73g6MXR
n+P7hvr8g5mdlDUx/m4QcZAiO0T5HqRJWv5lAXlPY58jSOpR+ruXCzH3c40eGzBP
CEf5bGyNygjuzskgC5FtYbLA9FSMZgbIPqIQLVGYQ3w3vS3Y6Rc8aIPfUCULZTmn
Zj03+fbyFPadYQXrG3A2ZIdMe3m6pbVWce5s/2ZDoMgsO1pnc5a8jfIbG+QFCGRY
bbkOzS3KXWMsu22pFYg1zqutYZsTusu/dphI9gRbYiDS83IWVyq+677lc0A9fq4o
QTWMrLbcj30X5aL8
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:12:37 2025 by rpki-client