Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214670.roa
File: AS214670.roa (raw, json)
Hash identifier: wKanK5ha0+91FjeOZ9zTwyfuMNIHqRG7L4rr86dmX4M=
Subject key identifier: 87:2C:E7:F1:AB:73:58:C8:EC:68:3C:9E:11:6C:96:8B:08:6F:F3:CC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2CB6DAC922C7F69DF6E18A6BFE4FFB778141861C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214670.roa
Signing time: Mon 11 May 2026 21:19:35 +0000
ROA not before: Mon 11 May 2026 21:14:35 +0000
ROA not after: Mon 10 May 2027 21:19:35 +0000
asID: 214670
IP address blocks: 181.215.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:b6:da:c9:22:c7:f6:9d:f6:e1:8a:6b:fe:4f:fb:77:81:41:86:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 11 21:14:35 2026 GMT
Not After : May 10 21:19:35 2027 GMT
Subject: CN=872CE7F1AB7358C8EC683C9E116C968B086FF3CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:53:32:5c:bb:bf:a3:17:8e:99:ad:88:a2:15:
cb:e8:a6:6e:88:ba:f2:e7:6a:9a:50:28:02:21:1a:
aa:49:11:54:e9:18:6a:80:74:0e:ba:5a:4a:a0:46:
01:0a:5f:4f:dc:8e:64:8b:1c:1d:f9:20:73:b3:7b:
ae:14:55:d9:1c:73:84:22:68:f1:01:48:09:3f:d7:
f3:f6:c0:ee:11:70:81:0a:c0:d1:4f:41:3c:f7:c4:
83:b9:a6:6d:ac:da:39:d6:e2:6b:da:1c:e7:8d:e4:
80:1b:fb:0d:13:45:33:d3:e7:45:50:a7:43:54:c0:
98:65:9c:49:53:af:97:18:2c:67:36:6d:74:fc:d0:
aa:02:41:cf:f2:f2:06:75:ad:4a:55:24:6f:fd:2d:
df:26:e8:c9:e3:08:f7:90:a8:14:b3:41:e7:b2:f8:
fb:30:4f:48:22:e7:97:21:da:a1:9a:20:8b:c3:ad:
71:a8:6e:f1:5b:c8:a9:cc:62:de:68:9f:e0:f5:09:
1c:71:a4:f1:4b:7a:06:eb:f1:cf:13:1a:ed:16:7b:
5a:d7:d3:b3:44:bf:fe:82:92:b7:60:f9:16:80:1d:
af:b1:06:77:46:20:54:55:e0:63:4e:5e:f6:ce:3e:
af:3d:ce:e7:c0:87:6d:c5:40:8e:20:ca:cd:a3:a8:
74:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2C:E7:F1:AB:73:58:C8:EC:68:3C:9E:11:6C:96:8B:08:6F:F3:CC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214670.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.32.0/24
Signature Algorithm: sha256WithRSAEncryption
42:7b:4c:78:7a:92:7f:a2:8b:1a:ff:73:47:5b:d1:fe:05:3f:
46:f9:84:bb:a9:a5:73:86:80:fe:72:09:e1:36:7b:0f:2d:74:
8b:fb:21:45:d1:7c:cd:29:de:75:66:c9:1a:53:fe:ae:1c:1e:
ae:2c:6d:04:56:9f:45:de:89:20:fb:98:10:d3:87:1c:80:18:
d8:ce:aa:1b:3e:78:e9:77:4a:a1:1c:06:3e:23:1c:3c:27:37:
b6:4c:ae:09:44:4d:c4:5c:f6:e2:28:f7:a9:3d:c9:7b:69:14:
2d:96:a8:7b:48:f0:20:44:02:d8:a8:cf:2d:d5:e5:8a:18:5d:
54:3b:03:4d:8f:6e:53:7c:21:a5:8e:68:59:64:a2:97:76:c2:
cf:33:3e:e2:be:d3:1d:70:d0:3a:59:d3:6a:0b:80:70:a1:c9:
1f:ba:31:1d:a1:3c:13:72:93:4d:98:72:8f:0a:f2:cd:cf:ce:
21:ad:1b:1b:1f:68:74:a2:95:c4:46:31:52:7b:43:b9:d8:76:
0f:22:b8:65:a3:eb:7b:88:5c:6d:28:c7:70:82:86:cb:5a:6e:
a4:a0:5d:a0:92:8a:61:4e:db:70:58:ec:d4:92:14:e7:3f:82:
25:11:32:f0:76:49:f3:eb:5f:c7:5d:42:e8:42:99:f1:15:6b:
a0:9c:ed:13
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIULLbaySLH9p324Ypr/k/7d4FBhhwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MTEyMTE0MzVaFw0yNzA1MTAyMTE5MzVaMDMxMTAvBgNV
BAMTKDg3MkNFN0YxQUI3MzU4QzhFQzY4M0M5RTExNkM5NjhCMDg2RkYzQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsUzJcu7+jF46ZrYiiFcvopm6I
uvLnappQKAIhGqpJEVTpGGqAdA66WkqgRgEKX0/cjmSLHB35IHOze64UVdkcc4Qi
aPEBSAk/1/P2wO4RcIEKwNFPQTz3xIO5pm2s2jnW4mvaHOeN5IAb+w0TRTPT50VQ
p0NUwJhlnElTr5cYLGc2bXT80KoCQc/y8gZ1rUpVJG/9Ld8m6MnjCPeQqBSzQeey
+PswT0gi55ch2qGaIIvDrXGobvFbyKnMYt5on+D1CRxxpPFLegbr8c8TGu0We1rX
07NEv/6Ckrdg+RaAHa+xBndGIFRV4GNOXvbOPq89zufAh23FQI4gys2jqHSNAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUhyzn8atzWMjsaDyeEWyWiwhv88wwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE0NjcwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdcg
MA0GCSqGSIb3DQEBCwUAA4IBAQBCe0x4epJ/oosa/3NHW9H+BT9G+YS7qaVzhoD+
cgnhNnsPLXSL+yFF0XzNKd51ZskaU/6uHB6uLG0EVp9F3okg+5gQ04ccgBjYzqob
Pnjpd0qhHAY+Ixw8Jze2TK4JRE3EXPbiKPepPcl7aRQtlqh7SPAgRALYqM8t1eWK
GF1UOwNNj25TfCGljmhZZKKXdsLPMz7ivtMdcNA6WdNqC4BwockfujEdoTwTcpNN
mHKPCvLNz84hrRsbH2h0opXERjFSe0O52HYPIrhlo+t7iFxtKMdwgobLWm6koF2g
kophTttwWOzUkhTnP4IlETLwdknz61/HXULoQpnxFWugnO0T
-----END CERTIFICATE-----
Generated at Wed May 13 06:12:28 2026 by rpki-client