Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: HylkUflu9yhLZkLG8Nlo9iJ8ZtoIMM73JRH1SCTfQug=
Subject key identifier: 7A:EA:E7:0D:CC:2F:42:EA:04:2D:36:B4:6A:80:E1:2F:DC:85:C7:6E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4100AE28A29CE27134E4F783A5E13353BEA5389E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214025.roa
Signing time: Fri 01 May 2026 21:49:27 +0000
ROA not before: Fri 01 May 2026 21:44:27 +0000
ROA not after: Fri 30 Apr 2027 21:49:27 +0000
asID: 214025
IP address blocks: 2a0a:9a00::/29 maxlen: 48
2a0a:9e00::/29 maxlen: 48
2a0b:8700::/29 maxlen: 48
2a0d:4c40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:12:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:00:ae:28:a2:9c:e2:71:34:e4:f7:83:a5:e1:33:53:be:a5:38:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 1 21:44:27 2026 GMT
Not After : Apr 30 21:49:27 2027 GMT
Subject: CN=7AEAE70DCC2F42EA042D36B46A80E12FDC85C76E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:28:f7:df:12:34:5c:a8:be:ab:33:86:90:2b:
18:bf:59:63:74:18:82:14:34:55:c6:88:f9:63:4d:
0e:26:3e:0e:54:97:85:1a:60:c3:5a:0c:e7:f8:2e:
28:55:c1:67:fd:1e:72:64:71:77:69:9b:21:7b:63:
d8:f9:03:2c:4f:ec:c7:e3:27:f8:36:b7:99:d1:29:
f5:5f:a0:2f:d8:f0:74:63:71:9e:45:e4:e1:07:30:
b9:f9:d8:d8:5f:0d:a5:e9:34:65:d5:6c:09:a6:3b:
35:38:dc:81:35:84:9c:2e:7d:3a:aa:a0:c5:85:bd:
35:e1:91:3a:dd:5b:5a:6a:3b:0a:6f:f7:02:3a:9b:
af:8f:72:29:fa:64:c5:6a:04:d2:03:d9:72:83:1f:
2e:f0:eb:d2:e8:98:69:0b:13:59:50:52:28:80:ec:
dd:1c:52:f5:a1:27:8f:b0:a8:05:85:ac:ba:86:c6:
bc:74:89:a6:87:ad:2a:53:d3:7c:63:6a:5b:0b:a6:
22:53:92:77:7d:7b:61:af:37:02:4d:46:98:6d:fe:
0c:7b:83:8a:c1:1e:a4:fc:00:7d:23:b8:ec:bf:f0:
4b:6d:8f:03:14:e6:70:82:d4:56:1c:04:c6:4a:16:
6a:a8:ec:c0:cd:58:ec:0f:39:c6:09:0b:2d:aa:f1:
8e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:EA:E7:0D:CC:2F:42:EA:04:2D:36:B4:6A:80:E1:2F:DC:85:C7:6E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:9a00::/29
2a0a:9e00::/29
2a0b:8700::/29
2a0d:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:4b:d5:59:36:07:22:98:d3:1e:f0:79:19:d5:a7:29:d5:e5:
67:35:d2:c0:8d:b6:45:77:04:5e:5b:7d:9e:55:4e:53:f9:c7:
67:66:96:61:b9:2d:04:a7:39:84:26:b9:15:3d:7d:45:00:6b:
2a:88:39:83:f1:f9:66:0f:3c:5d:f6:c7:f4:40:41:fb:60:51:
94:78:ee:c6:9d:88:d8:59:6c:cb:c4:30:7d:c3:3e:11:c4:e2:
bc:cb:c7:06:83:8f:34:2c:7a:47:db:a8:d1:1e:bb:29:f9:b8:
84:71:ee:0f:f0:f1:af:e2:46:ff:87:be:a7:5f:96:26:07:fd:
33:22:e8:d1:6b:6b:c5:8b:fe:d7:27:33:91:ad:6f:51:22:02:
51:db:d3:61:c1:57:1d:9e:41:af:28:c5:04:15:7c:ce:c3:c6:
74:53:1d:b8:8c:8e:b8:1d:eb:01:da:c8:7c:a9:d2:df:45:26:
52:cd:e5:14:69:f7:80:61:42:85:bd:8e:6d:36:ed:07:70:4f:
66:c6:19:61:33:dd:88:5f:46:30:80:f3:87:bf:8d:d7:20:54:
15:0a:70:c2:79:d5:7e:59:4d:91:f3:f1:99:71:6d:1b:07:0b:
d0:94:80:d0:2e:e6:bd:23:af:28:8e:0f:0e:43:9b:50:ce:f8:
47:ca:3d:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUQQCuKKKc4nE05PeDpeEzU76lOJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MDEyMTQ0MjdaFw0yNzA0MzAyMTQ5MjdaMDMxMTAvBgNV
BAMTKDdBRUFFNzBEQ0MyRjQyRUEwNDJEMzZCNDZBODBFMTJGREM4NUM3NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvKPffEjRcqL6rM4aQKxi/WWN0
GIIUNFXGiPljTQ4mPg5Ul4UaYMNaDOf4LihVwWf9HnJkcXdpmyF7Y9j5AyxP7Mfj
J/g2t5nRKfVfoC/Y8HRjcZ5F5OEHMLn52NhfDaXpNGXVbAmmOzU43IE1hJwufTqq
oMWFvTXhkTrdW1pqOwpv9wI6m6+Pcin6ZMVqBNID2XKDHy7w69LomGkLE1lQUiiA
7N0cUvWhJ4+wqAWFrLqGxrx0iaaHrSpT03xjalsLpiJTknd9e2GvNwJNRpht/gx7
g4rBHqT8AH0juOy/8EttjwMU5nCC1FYcBMZKFmqo7MDNWOwPOcYJCy2q8Y7ZAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUeurnDcwvQuoELTa0aoDhL9yFx24wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgqa
AAMFAyoKngADBQMqC4cAAwUDKg1MQDANBgkqhkiG9w0BAQsFAAOCAQEAOkvVWTYH
IpjTHvB5GdWnKdXlZzXSwI22RXcEXlt9nlVOU/nHZ2aWYbktBKc5hCa5FT19RQBr
Kog5g/H5Zg88XfbH9EBB+2BRlHjuxp2I2Flsy8QwfcM+EcTivMvHBoOPNCx6R9uo
0R67Kfm4hHHuD/Dxr+JG/4e+p1+WJgf9MyLo0WtrxYv+1yczka1vUSICUdvTYcFX
HZ5BryjFBBV8zsPGdFMduIyOuB3rAdrIfKnS30UmUs3lFGn3gGFChb2ObTbtB3BP
ZsYZYTPdiF9GMIDzh7+N1yBUFQpwwnnVfllNkfPxmXFtGwcL0JSA0C7mvSOvKI4P
DkObUM74R8o9Fw==
-----END CERTIFICATE-----
Generated at Wed May 13 01:25:39 2026 by rpki-client