Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS266400.roa
File: AS266400.roa (raw, json)
Hash identifier: /nG/WYVT+rH21QRiHU3xmcr0R/v5/xBgn+f4yyZgoEE=
Subject key identifier: C3:B5:7C:2F:55:35:A7:8E:9D:6A:E9:B5:7B:04:FE:31:B8:FC:D3:CB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3D44B04164613AF31DF9AAE40743D19A6E7826AC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS266400.roa
Signing time: Tue 07 Oct 2025 07:55:08 +0000
ROA not before: Tue 07 Oct 2025 07:50:08 +0000
ROA not after: Tue 06 Oct 2026 07:55:08 +0000
asID: 266400
IP address blocks: 181.214.128.0/23 maxlen: 24
181.214.230.0/24 maxlen: 24
181.215.211.0/24 maxlen: 24
181.215.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:44:b0:41:64:61:3a:f3:1d:f9:aa:e4:07:43:d1:9a:6e:78:26:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 7 07:50:08 2025 GMT
Not After : Oct 6 07:55:08 2026 GMT
Subject: CN=C3B57C2F5535A78E9D6AE9B57B04FE31B8FCD3CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8e:8c:68:8e:a9:bb:b1:e9:a0:c6:86:b9:e6:
1a:ff:fa:fb:fa:d4:bd:77:a2:34:cd:a8:43:e9:6f:
36:67:0d:78:4e:1a:ec:ac:87:30:fa:c9:33:bc:5d:
8c:50:31:c8:81:f0:70:a6:d9:a6:73:f8:6a:8f:06:
66:ac:b5:95:20:da:06:58:bd:35:69:cd:05:be:09:
ac:fe:7e:ca:82:e0:20:5e:67:88:28:fb:eb:71:96:
b1:55:8b:54:df:67:fd:61:3f:77:a0:0f:0a:18:ef:
41:33:c9:8e:b9:e9:52:26:ce:b8:d6:57:29:26:c4:
8b:45:9c:8b:06:42:4a:c7:80:f5:44:86:2c:02:ec:
b5:45:ae:21:17:bd:1c:73:75:34:69:4d:cf:76:f6:
9e:69:28:6c:9d:0b:66:26:1e:16:3e:98:4e:4d:21:
69:c6:6c:11:6f:be:a1:fa:63:93:f2:da:22:c4:ae:
44:f0:2f:18:d8:da:be:0e:82:0d:53:6f:ee:2f:09:
b6:4b:5f:7c:7c:d8:86:7c:c2:91:4b:e3:00:94:4d:
d3:e3:b3:2b:90:6f:e4:9a:0d:2c:de:31:06:4b:d5:
a9:e0:ec:aa:4b:6d:7d:3d:5d:88:c5:cc:87:69:2e:
4b:b9:1c:91:8a:f6:3c:0b:89:2b:b4:97:02:4f:36:
8a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B5:7C:2F:55:35:A7:8E:9D:6A:E9:B5:7B:04:FE:31:B8:FC:D3:CB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS266400.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.128.0/23
181.214.230.0/24
181.215.211.0/24
181.215.215.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:df:ac:03:f6:88:3f:55:85:bb:93:a8:66:3e:79:f8:8f:76:
8f:94:a2:8d:6c:d4:a7:ad:9b:89:09:2f:79:a3:f3:04:d4:24:
ef:67:6f:e9:82:d2:ff:f7:2e:c0:b8:34:df:4f:88:e5:af:dc:
7f:c3:03:76:54:15:7a:1e:ac:77:2a:3a:81:7e:b7:c4:f0:7a:
6e:bf:9e:df:b3:f4:ee:08:4f:6a:68:e6:86:50:d3:ad:b8:86:
51:53:89:b3:20:e4:6f:94:f1:39:04:b2:5c:ed:70:73:f4:3b:
27:f7:a5:22:39:38:98:44:7f:5e:01:fa:ab:9a:76:45:4f:9e:
1a:ea:b6:05:45:76:5e:0a:20:67:a9:99:e2:6a:3e:07:eb:44:
fc:53:08:a1:a9:e7:e3:32:a8:c8:16:2e:4d:88:98:05:61:68:
33:ab:bd:b9:a2:43:fd:2a:19:8b:5c:33:37:14:1a:00:ca:58:
a8:18:58:71:7c:cc:c7:6b:e8:f8:68:48:be:37:10:ed:8f:8d:
65:f8:75:5a:90:57:4d:80:42:27:5b:20:80:02:09:46:c7:91:
3c:cb:9a:71:a6:45:4f:26:1d:37:1d:2b:be:f2:dd:26:1c:79:
31:51:db:fd:ca:28:8b:b4:33:65:b5:50:e2:e2:49:61:80:ec:
47:86:fd:2c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUPUSwQWRhOvMd+arkB0PRmm54JqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMDcwNzUwMDhaFw0yNjEwMDYwNzU1MDhaMDMxMTAvBgNV
BAMTKEMzQjU3QzJGNTUzNUE3OEU5RDZBRTlCNTdCMDRGRTMxQjhGQ0QzQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4joxojqm7semgxoa55hr/+vv6
1L13ojTNqEPpbzZnDXhOGuyshzD6yTO8XYxQMciB8HCm2aZz+GqPBmastZUg2gZY
vTVpzQW+Caz+fsqC4CBeZ4go++txlrFVi1TfZ/1hP3egDwoY70EzyY656VImzrjW
VykmxItFnIsGQkrHgPVEhiwC7LVFriEXvRxzdTRpTc929p5pKGydC2YmHhY+mE5N
IWnGbBFvvqH6Y5Py2iLErkTwLxjY2r4Ogg1Tb+4vCbZLX3x82IZ8wpFL4wCUTdPj
syuQb+SaDSzeMQZL1ang7KpLbX09XYjFzIdpLku5HJGK9jwLiSu0lwJPNooFAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUw7V8L1U1p46daum1ewT+Mbj808swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjY2NDAwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBtdaA
AwQAtdbmAwQAtdfTAwQAtdfXMA0GCSqGSIb3DQEBCwUAA4IBAQCN36wD9og/VYW7
k6hmPnn4j3aPlKKNbNSnrZuJCS95o/ME1CTvZ2/pgtL/9y7AuDTfT4jlr9x/wwN2
VBV6Hqx3KjqBfrfE8Hpuv57fs/TuCE9qaOaGUNOtuIZRU4mzIORvlPE5BLJc7XBz
9Dsn96UiOTiYRH9eAfqrmnZFT54a6rYFRXZeCiBnqZniaj4H60T8UwihqefjMqjI
Fi5NiJgFYWgzq725okP9KhmLXDM3FBoAylioGFhxfMzHa+j4aEi+NxDtj41l+HVa
kFdNgEInWyCAAglGx5E8y5pxpkVPJh03HSu+8t0mHHkxUdv9yiiLtDNltVDi4klh
gOxHhv0s
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:11:10 2025 by rpki-client