Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
File: AS213690.roa (raw, json)
Hash identifier: FJKbYoNoGiBlh6LNIsmJKIwUl7BqkpIYpWvBxqEH6ZA=
Subject key identifier: 3A:FD:66:22:0F:F3:B5:68:AA:7B:63:77:AF:79:02:0C:66:87:57:6B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 22BED9355E9D5B1FB61B3E62AE1BB955C90E0436
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
Signing time: Sat 09 Aug 2025 20:31:42 +0000
ROA not before: Sat 09 Aug 2025 20:26:42 +0000
ROA not after: Sat 08 Aug 2026 20:31:42 +0000
asID: 213690
IP address blocks: 45.231.207.0/24 maxlen: 24
181.214.57.0/24 maxlen: 24
181.215.0.0/24 maxlen: 24
181.215.28.0/24 maxlen: 24
181.215.34.0/24 maxlen: 24
181.215.48.0/24 maxlen: 24
181.215.180.0/24 maxlen: 24
191.96.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:be:d9:35:5e:9d:5b:1f:b6:1b:3e:62:ae:1b:b9:55:c9:0e:04:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 9 20:26:42 2025 GMT
Not After : Aug 8 20:31:42 2026 GMT
Subject: CN=3AFD66220FF3B568AA7B6377AF79020C6687576B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5d:95:e7:1c:04:fc:fa:d7:9e:0f:2a:57:ed:
72:93:5d:21:72:4d:13:00:e3:8a:b5:f6:6a:a7:26:
5a:60:a7:cf:23:ae:eb:5e:f4:7c:83:46:8e:e9:d8:
35:69:fd:ad:ff:00:13:87:59:b1:50:69:6f:4a:45:
6c:e8:53:30:73:e9:6d:49:b5:03:02:0b:df:95:88:
97:19:67:cf:92:c8:4e:b2:34:ec:81:bf:08:84:1f:
0d:44:ea:c2:e4:9d:7d:8d:4d:b4:54:20:e5:e7:b0:
d0:fd:9c:29:25:9f:f6:c8:ac:43:11:3b:b7:4c:88:
27:2d:23:07:e0:7a:93:1b:1b:8f:47:af:b1:56:7b:
3f:0f:3f:b1:20:4e:51:46:b7:c4:8b:bd:c4:6e:f7:
6f:86:11:d0:e2:03:d8:75:f1:55:50:3b:b8:9e:94:
6e:88:c5:2e:45:e3:59:60:46:cd:4e:00:c1:15:64:
f5:9b:2e:2f:21:34:67:b9:c1:93:3e:f7:1a:79:d3:
a6:44:f4:54:ba:f2:b4:1c:91:4e:cd:05:60:f2:46:
f9:ef:ec:4b:56:c9:fe:c1:f3:d7:a5:6d:a8:11:d8:
5f:70:c4:cd:27:5a:4c:1d:47:36:db:e5:83:c7:fd:
c3:b4:e0:f7:66:0f:05:05:ca:7a:f0:63:ad:7a:29:
38:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FD:66:22:0F:F3:B5:68:AA:7B:63:77:AF:79:02:0C:66:87:57:6B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.231.207.0/24
181.214.57.0/24
181.215.0.0/24
181.215.28.0/24
181.215.34.0/24
181.215.48.0/24
181.215.180.0/24
191.96.137.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:45:18:60:99:e2:09:11:d3:f8:e7:1b:f8:b1:8e:57:c4:7e:
f5:66:e7:56:4e:36:3c:ba:8c:06:10:2a:ed:1e:33:1d:78:d9:
b8:78:e4:64:dd:42:a1:dd:0e:25:a7:06:61:6e:0a:0a:1e:af:
b7:66:d7:99:36:cc:66:1e:09:61:87:9d:6a:69:48:a7:09:90:
08:58:4d:4c:a8:b2:df:7d:db:aa:90:66:a2:9f:47:90:ce:49:
2d:23:5f:53:25:bf:d5:34:68:5d:3f:4d:6c:a2:aa:1c:2a:5f:
ff:68:fb:1f:1b:76:4e:67:cf:ee:a0:c6:67:91:9b:cd:dd:a9:
d1:3d:05:4e:c6:85:78:e6:37:96:14:b3:b0:12:77:bd:da:fc:
fb:ca:1c:dc:73:6f:0b:7d:b6:14:1e:cd:3a:98:fc:2c:e1:23:
77:46:9b:08:3a:0d:89:8c:46:a0:bc:24:b3:e2:5c:12:9b:0f:
c0:da:a6:c2:4a:5e:69:9c:e4:97:4b:86:3e:a8:fa:a3:64:16:
6b:65:8b:50:cf:3e:e2:a1:44:2d:af:82:b8:ee:94:63:9c:48:
ab:9b:e6:af:14:2e:07:22:b7:95:59:9a:82:65:66:53:34:26:
af:86:f0:13:d1:76:17:b5:11:e8:2a:a4:d8:5a:65:e6:b6:06:
5e:4d:aa:4d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUIr7ZNV6dWx+2Gz5irhu5VckOBDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MDkyMDI2NDJaFw0yNjA4MDgyMDMxNDJaMDMxMTAvBgNV
BAMTKDNBRkQ2NjIyMEZGM0I1NjhBQTdCNjM3N0FGNzkwMjBDNjY4NzU3NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6XZXnHAT8+teeDypX7XKTXSFy
TRMA44q19mqnJlpgp88jrute9HyDRo7p2DVp/a3/ABOHWbFQaW9KRWzoUzBz6W1J
tQMCC9+ViJcZZ8+SyE6yNOyBvwiEHw1E6sLknX2NTbRUIOXnsND9nCkln/bIrEMR
O7dMiCctIwfgepMbG49Hr7FWez8PP7EgTlFGt8SLvcRu92+GEdDiA9h18VVQO7ie
lG6IxS5F41lgRs1OAMEVZPWbLi8hNGe5wZM+9xp506ZE9FS68rQckU7NBWDyRvnv
7EtWyf7B89elbagR2F9wxM0nWkwdRzbb5YPH/cO04PdmDwUFynrwY616KThXAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUOv1mIg/ztWiqe2N3r3kCDGaHV2swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEzNjkwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALefP
AwQAtdY5AwQAtdcAAwQAtdccAwQAtdciAwQAtdcwAwQAtde0AwQAv2CJMA0GCSqG
SIb3DQEBCwUAA4IBAQBcRRhgmeIJEdP45xv4sY5XxH71ZudWTjY8uowGECrtHjMd
eNm4eORk3UKh3Q4lpwZhbgoKHq+3ZteZNsxmHglhh51qaUinCZAIWE1MqLLffduq
kGain0eQzkktI19TJb/VNGhdP01soqocKl//aPsfG3ZOZ8/uoMZnkZvN3anRPQVO
xoV45jeWFLOwEne92vz7yhzcc28LfbYUHs06mPws4SN3RpsIOg2JjEagvCSz4lwS
mw/A2qbCSl5pnOSXS4Y+qPqjZBZrZYtQzz7ioUQtr4K47pRjnEirm+avFC4HIreV
WZqCZWZTNCavhvAT0XYXtRHoKqTYWmXmtgZeTapN
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:54:16 2025 by rpki-client