Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
File: AS213690.roa (raw, json)
Hash identifier: +VklFPWlvizPMJQM23q0ccb1dbC+ns9k8ma7tiTMpBY=
Subject key identifier: E8:EC:A8:CC:FB:E4:FF:3F:60:DA:59:B0:8C:62:9A:51:A1:98:89:0E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5B7C9117F9801F6DEB843F1E994AA6E255A0E259
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
Signing time: Fri 10 Oct 2025 13:33:25 +0000
ROA not before: Fri 10 Oct 2025 13:28:25 +0000
ROA not after: Fri 09 Oct 2026 13:33:25 +0000
asID: 213690
IP address blocks: 45.231.207.0/24 maxlen: 24
181.214.57.0/24 maxlen: 24
181.215.0.0/24 maxlen: 24
181.215.28.0/24 maxlen: 24
181.215.34.0/24 maxlen: 24
181.215.48.0/24 maxlen: 24
181.215.180.0/24 maxlen: 24
191.96.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:7c:91:17:f9:80:1f:6d:eb:84:3f:1e:99:4a:a6:e2:55:a0:e2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 10 13:28:25 2025 GMT
Not After : Oct 9 13:33:25 2026 GMT
Subject: CN=E8ECA8CCFBE4FF3F60DA59B08C629A51A198890E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c2:69:33:cd:71:93:e8:5a:42:1c:11:18:bf:
cd:9b:89:bd:e0:73:bd:b1:f8:4a:9e:22:b8:12:21:
87:1e:3b:04:f1:bb:c1:27:8f:2c:b7:62:8c:3c:f1:
32:e4:8d:dd:4b:cc:dd:6c:4e:88:80:8b:90:dc:29:
03:48:19:ee:f7:e6:2c:b3:09:d1:33:a2:5d:f8:d1:
b7:f6:5d:c9:cc:5e:1c:78:5a:cf:67:88:da:40:3b:
81:8f:8f:8e:51:d7:4f:19:a4:c9:f7:86:f8:7d:e1:
58:31:32:e0:db:07:c7:4f:43:6f:fd:ae:c6:19:84:
8e:3e:37:67:21:52:c2:93:af:2d:d7:fd:6a:93:d9:
29:01:94:aa:bd:47:31:fa:c1:b1:0f:13:ef:60:7e:
11:c8:c4:37:91:9e:27:0e:e3:43:53:cb:36:f5:85:
7f:c9:c1:07:44:74:dc:df:7a:76:99:33:60:ca:f4:
23:2e:41:86:09:69:6a:f0:9b:e7:98:42:24:4f:e2:
b6:23:38:75:6f:10:8e:86:64:2f:a5:7e:93:ef:91:
bf:c3:dd:c6:22:1f:f9:0a:75:29:ab:5c:fd:b9:68:
ee:b0:5a:1f:22:73:f3:79:8f:d3:10:83:49:8e:e2:
bb:1e:54:34:06:11:36:04:bc:10:94:05:ba:e9:02:
93:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:EC:A8:CC:FB:E4:FF:3F:60:DA:59:B0:8C:62:9A:51:A1:98:89:0E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213690.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.231.207.0/24
181.214.57.0/24
181.215.0.0/24
181.215.28.0/24
181.215.34.0/24
181.215.48.0/24
181.215.180.0/24
191.96.137.0/24
Signature Algorithm: sha256WithRSAEncryption
73:49:2a:f2:c3:4c:7a:0f:0f:86:2c:ec:97:c6:44:9d:42:a8:
58:f6:37:91:00:fd:7a:15:32:41:ed:ca:1e:b6:b6:a6:2d:e3:
f9:17:a5:37:0e:69:a8:20:53:72:dc:9f:c2:e6:d5:92:20:b2:
6c:43:21:9c:d6:0e:02:e3:8b:fc:00:5d:a7:10:03:92:fd:14:
f9:4b:36:e1:6f:98:f1:52:11:f8:38:d6:b5:ec:28:96:61:66:
e9:87:4d:9c:c1:ea:8e:04:64:d8:7f:0e:0f:4b:d9:45:fd:9d:
26:41:08:41:59:b9:47:6b:a6:eb:06:c4:2e:60:79:1d:8b:6d:
b5:f2:09:ec:ce:2d:13:c5:80:9b:79:39:ae:67:e0:66:2d:48:
04:da:2a:04:3f:ef:71:24:cd:9f:13:27:00:70:2f:92:e6:43:
71:d2:8b:e0:74:0b:34:a1:00:a5:bc:1f:01:55:37:af:05:c8:
ce:d9:24:de:5b:72:00:f2:d9:de:e5:a0:9f:50:db:e6:46:de:
0c:3b:82:3f:b2:bd:35:d6:ec:7d:3e:db:7a:68:4e:08:65:d5:
25:35:1d:1c:97:a4:31:09:dc:09:37:9b:1c:df:98:2c:db:33:
35:3b:95:20:52:d9:46:25:19:6a:91:d1:28:f2:10:1b:24:cf:
91:84:ba:60
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUW3yRF/mAH23rhD8emUqm4lWg4lkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMTAxMzI4MjVaFw0yNjEwMDkxMzMzMjVaMDMxMTAvBgNV
BAMTKEU4RUNBOENDRkJFNEZGM0Y2MERBNTlCMDhDNjI5QTUxQTE5ODg5MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDswmkzzXGT6FpCHBEYv82bib3g
c72x+EqeIrgSIYceOwTxu8Enjyy3Yow88TLkjd1LzN1sToiAi5DcKQNIGe735iyz
CdEzol340bf2XcnMXhx4Ws9niNpAO4GPj45R108ZpMn3hvh94VgxMuDbB8dPQ2/9
rsYZhI4+N2chUsKTry3X/WqT2SkBlKq9RzH6wbEPE+9gfhHIxDeRnicO40NTyzb1
hX/JwQdEdNzfenaZM2DK9CMuQYYJaWrwm+eYQiRP4rYjOHVvEI6GZC+lfpPvkb/D
3cYiH/kKdSmrXP25aO6wWh8ic/N5j9MQg0mO4rseVDQGETYEvBCUBbrpApMhAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU6OyozPvk/z9g2lmwjGKaUaGYiQ4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEzNjkwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALefP
AwQAtdY5AwQAtdcAAwQAtdccAwQAtdciAwQAtdcwAwQAtde0AwQAv2CJMA0GCSqG
SIb3DQEBCwUAA4IBAQBzSSryw0x6Dw+GLOyXxkSdQqhY9jeRAP16FTJB7coetram
LeP5F6U3DmmoIFNy3J/C5tWSILJsQyGc1g4C44v8AF2nEAOS/RT5Szbhb5jxUhH4
ONa17CiWYWbph02cweqOBGTYfw4PS9lF/Z0mQQhBWblHa6brBsQuYHkdi2218gns
zi0TxYCbeTmuZ+BmLUgE2ioEP+9xJM2fEycAcC+S5kNx0ovgdAs0oQClvB8BVTev
BcjO2STeW3IA8tne5aCfUNvmRt4MO4I/sr011ux9Ptt6aE4IZdUlNR0cl6QxCdwJ
N5sc35gs2zM1O5UgUtlGJRlqkdEo8hAbJM+RhLpg
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:02:31 2025 by rpki-client