Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
File: AS213690.roa (raw, json)
Hash identifier: 5v/zN5in5TW4OT2yunFJytv0yG0ejd+LCD1FdkgQeH0=
Subject key identifier: 0E:4B:51:4A:76:18:D2:C0:C2:08:FE:76:20:6F:6A:D5:0C:D5:41:1F
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1DC2157568D870BD350A4E745081D7BBBEC94F8F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
Signing time: Fri 20 Jun 2025 13:54:54 +0000
ROA not before: Fri 20 Jun 2025 13:49:54 +0000
ROA not after: Fri 19 Jun 2026 13:54:54 +0000
asID: 213690
IP address blocks: 45.231.207.0/24 maxlen: 24
181.214.57.0/24 maxlen: 24
181.215.0.0/24 maxlen: 24
181.215.28.0/24 maxlen: 24
181.215.34.0/24 maxlen: 24
181.215.48.0/24 maxlen: 24
181.215.180.0/24 maxlen: 24
191.96.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:c2:15:75:68:d8:70:bd:35:0a:4e:74:50:81:d7:bb:be:c9:4f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 20 13:49:54 2025 GMT
Not After : Jun 19 13:54:54 2026 GMT
Subject: CN=0E4B514A7618D2C0C208FE76206F6AD50CD5411F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:52:75:aa:15:67:37:e2:47:10:52:8d:c8:a6:
c2:4e:1f:a6:9f:61:97:42:0f:53:34:a2:36:60:03:
ba:e3:89:82:6a:71:47:f4:18:ba:af:92:2f:e3:c3:
38:e9:44:90:bc:2d:ce:d3:1b:1c:bc:0d:7d:64:52:
b5:1b:b8:64:06:cc:f5:d8:0e:64:56:b9:b1:56:57:
c1:74:1d:c8:5e:27:0e:ff:13:45:97:16:42:91:d4:
43:28:4d:6b:81:14:1b:bc:0e:23:82:e1:58:73:c2:
21:ce:d9:55:53:1e:09:1f:9c:a5:ab:37:36:01:8d:
b0:56:2e:77:98:24:fc:60:70:37:a6:7a:48:7d:eb:
89:c0:95:40:8c:2f:ad:99:9b:31:42:a2:64:9a:a5:
0e:2e:76:10:6d:cf:33:ab:69:e3:60:3d:88:26:3c:
df:e7:f3:6e:17:ab:c2:64:59:85:30:68:2c:ca:f3:
bd:43:2e:7a:fc:71:4b:9d:43:63:ce:6d:29:6f:1d:
98:89:e4:09:0f:38:13:59:67:18:72:48:6d:6d:22:
29:98:1b:a7:46:db:88:e0:a4:58:a8:08:c2:d7:94:
46:39:9c:42:3c:87:f6:88:79:1b:60:df:1c:67:31:
02:4c:cf:72:9b:0d:1a:7f:2d:38:da:54:85:c4:4f:
a7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:4B:51:4A:76:18:D2:C0:C2:08:FE:76:20:6F:6A:D5:0C:D5:41:1F
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.231.207.0/24
181.214.57.0/24
181.215.0.0/24
181.215.28.0/24
181.215.34.0/24
181.215.48.0/24
181.215.180.0/24
191.96.137.0/24
Signature Algorithm: sha256WithRSAEncryption
82:99:b8:7d:04:84:b1:0e:b3:d6:02:49:cd:da:02:4d:85:0f:
cf:30:93:f0:d7:ba:8c:51:4f:37:83:b4:85:41:ca:df:d3:ba:
25:5d:bc:98:9b:91:d7:7d:e3:28:0d:3b:77:ef:af:92:90:db:
e2:54:52:23:1a:e9:08:ae:f0:d3:a9:b5:71:14:ea:3e:d2:5f:
81:17:94:12:de:ba:bd:04:44:6c:6f:e2:99:c8:a4:9f:8b:97:
ee:10:3a:00:56:cb:fe:2a:81:93:d2:87:2d:c6:f2:ac:24:fc:
e0:96:f0:46:6f:35:d5:58:60:8d:63:db:66:a7:68:66:ec:e3:
6b:1a:7e:aa:97:6d:d3:28:d3:02:82:0b:ca:14:57:db:b2:b4:
ef:6f:42:ff:6c:ad:bc:95:e3:d1:a0:1a:14:3a:d4:f9:5d:bb:
a2:b7:2e:1a:f8:09:79:fb:0b:dc:b9:cb:21:f1:af:8f:f5:b1:
23:a7:27:59:ce:8e:f1:9e:68:2c:48:a5:be:8a:fc:7c:28:e5:
24:51:3c:98:71:db:60:21:8b:91:3c:6f:05:40:b9:87:31:c2:
a2:ab:a7:51:95:4d:58:cb:a1:c5:cf:97:db:8b:20:ec:da:7b:
34:b3:65:c7:f3:94:40:c7:39:15:c0:6c:c0:ef:bf:7f:8b:44:
05:1b:3e:1e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUHcIVdWjYcL01Ck50UIHXu77JT48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MjAxMzQ5NTRaFw0yNjA2MTkxMzU0NTRaMDMxMTAvBgNV
BAMTKDBFNEI1MTRBNzYxOEQyQzBDMjA4RkU3NjIwNkY2QUQ1MENENTQxMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/UnWqFWc34kcQUo3IpsJOH6af
YZdCD1M0ojZgA7rjiYJqcUf0GLqvki/jwzjpRJC8Lc7TGxy8DX1kUrUbuGQGzPXY
DmRWubFWV8F0HcheJw7/E0WXFkKR1EMoTWuBFBu8DiOC4VhzwiHO2VVTHgkfnKWr
NzYBjbBWLneYJPxgcDemekh964nAlUCML62ZmzFComSapQ4udhBtzzOraeNgPYgm
PN/n824Xq8JkWYUwaCzK871DLnr8cUudQ2PObSlvHZiJ5AkPOBNZZxhySG1tIimY
G6dG24jgpFioCMLXlEY5nEI8h/aIeRtg3xxnMQJMz3KbDRp/LTjaVIXET6cNAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUDktRSnYY0sDCCP52IG9q1QzVQR8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEzNjkwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALefP
AwQAtdY5AwQAtdcAAwQAtdccAwQAtdciAwQAtdcwAwQAtde0AwQAv2CJMA0GCSqG
SIb3DQEBCwUAA4IBAQCCmbh9BISxDrPWAknN2gJNhQ/PMJPw17qMUU83g7SFQcrf
07olXbyYm5HXfeMoDTt376+SkNviVFIjGukIrvDTqbVxFOo+0l+BF5QS3rq9BERs
b+KZyKSfi5fuEDoAVsv+KoGT0octxvKsJPzglvBGbzXVWGCNY9tmp2hm7ONrGn6q
l23TKNMCggvKFFfbsrTvb0L/bK28lePRoBoUOtT5Xbuity4a+Al5+wvcucsh8a+P
9bEjpydZzo7xnmgsSKW+ivx8KOUkUTyYcdtgIYuRPG8FQLmHMcKiq6dRlU1Yy6HF
z5fbiyDs2ns0s2XH85RAxzkVwGzA779/i0QFGz4e
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:16:02 2025 by rpki-client