Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS207155.roa
File: AS207155.roa (raw, json)
Hash identifier: cu8qWIhSsyGNPcWugi+lqH8BbZb26AW+pjpT2fxWR8c=
Subject key identifier: 01:97:F3:79:68:8F:CE:20:75:F4:F6:12:2E:A9:85:B5:E8:41:8B:83
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 29B0F67DAD3366D7C938C200D333051AC5DF27E7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS207155.roa
Signing time: Fri 20 Jun 2025 16:25:14 +0000
ROA not before: Fri 20 Jun 2025 16:20:14 +0000
ROA not after: Fri 19 Jun 2026 16:25:14 +0000
asID: 207155
IP address blocks: 2a13:9500:98::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:b0:f6:7d:ad:33:66:d7:c9:38:c2:00:d3:33:05:1a:c5:df:27:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 20 16:20:14 2025 GMT
Not After : Jun 19 16:25:14 2026 GMT
Subject: CN=0197F379688FCE2075F4F6122EA985B5E8418B83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:02:7b:06:4d:03:9f:07:f3:8c:5b:01:06:07:
6a:84:ac:8a:88:56:f9:9a:19:69:8d:2e:ac:6b:ea:
47:76:06:14:ee:34:8d:63:27:52:48:6f:99:d0:b2:
e4:31:05:fe:dd:7d:0b:b3:1e:fa:c7:9e:67:6c:e1:
1f:79:4c:cd:09:3c:38:e0:49:7f:3f:fa:87:be:97:
e2:cd:15:f2:58:eb:0f:38:47:8d:72:2d:cc:c4:c5:
28:59:33:44:35:fb:76:ec:7c:67:cb:3e:e3:7d:a0:
eb:74:50:e3:0f:25:64:fb:2c:24:ac:3f:5e:76:fc:
4a:c7:ab:1c:6d:41:67:3d:01:d1:35:ec:06:5c:33:
49:33:18:ee:77:3c:b3:d8:b7:2f:d3:2d:e8:2b:b0:
26:01:e8:eb:58:e8:d7:e2:cf:e2:13:35:6d:4f:d2:
b5:66:fb:ac:ba:10:03:9d:b8:13:6b:93:75:ab:29:
bf:0b:93:21:21:83:10:7c:c8:40:48:5b:fe:00:95:
16:d5:ac:54:7b:0b:95:1f:3f:a2:3d:31:20:e4:4e:
74:67:d4:0c:98:ed:b2:7e:59:db:28:9d:3b:5b:f7:
16:43:3b:eb:bd:56:fd:1f:b6:a1:b8:aa:b6:5f:27:
56:88:d2:39:bc:5b:ad:72:bf:c4:c0:33:ad:40:47:
98:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:97:F3:79:68:8F:CE:20:75:F4:F6:12:2E:A9:85:B5:E8:41:8B:83
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS207155.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:98::/48
Signature Algorithm: sha256WithRSAEncryption
2a:4f:d5:d3:49:fa:92:74:4c:03:ba:0f:4c:56:1f:18:88:8f:
d7:c4:e4:28:ea:7c:34:c7:48:f0:3e:f9:b0:8f:2b:7c:94:9f:
9c:56:fd:80:da:62:97:b0:97:d7:ab:92:32:b9:ec:c0:2a:9a:
d2:fb:9c:6c:5d:51:bd:18:57:5c:27:ef:3b:7d:30:33:1a:72:
e7:7c:f0:0b:70:1e:06:07:50:5f:b4:db:8a:45:46:73:99:58:
59:11:b5:41:a9:d2:ce:d6:ea:c1:95:d3:0a:25:68:fc:a4:ea:
89:14:4a:d5:7f:a3:5e:88:7e:33:7d:a3:6c:d7:5e:cf:08:a6:
26:81:e0:74:fd:47:d2:e6:d4:8d:da:7d:01:93:01:ce:d4:a3:
72:5e:fc:8a:0a:c8:f2:ef:08:30:89:b8:bc:a7:7f:2c:af:ea:
0d:4a:ca:dd:b2:c3:11:e1:fd:8e:f3:e6:d4:27:65:c0:e5:e5:
3f:23:b0:88:01:cf:1c:e8:f3:48:2b:df:ea:67:9c:f6:e9:7e:
6d:06:8a:89:77:42:fb:5f:52:f3:d5:e3:0c:c6:34:9b:58:d7:
a9:68:1c:99:86:d6:cc:bf:83:dd:cb:38:e7:6e:73:31:d3:3f:
be:42:61:ef:84:e5:2b:15:91:67:e8:2f:34:bf:56:c4:e8:c1:
cb:da:bd:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUKbD2fa0zZtfJOMIA0zMFGsXfJ+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjAxNjIwMTRaFw0yNjA2MTkxNjI1MTRaMDMxMTAvBgNV
BAMTKDAxOTdGMzc5Njg4RkNFMjA3NUY0RjYxMjJFQTk4NUI1RTg0MThCODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfAnsGTQOfB/OMWwEGB2qErIqI
VvmaGWmNLqxr6kd2BhTuNI1jJ1JIb5nQsuQxBf7dfQuzHvrHnmds4R95TM0JPDjg
SX8/+oe+l+LNFfJY6w84R41yLczExShZM0Q1+3bsfGfLPuN9oOt0UOMPJWT7LCSs
P152/ErHqxxtQWc9AdE17AZcM0kzGO53PLPYty/TLegrsCYB6OtY6Nfiz+ITNW1P
0rVm+6y6EAOduBNrk3WrKb8LkyEhgxB8yEBIW/4AlRbVrFR7C5UfP6I9MSDkTnRn
1AyY7bJ+WdsonTtb9xZDO+u9Vv0ftqG4qrZfJ1aI0jm8W61yv8TAM61AR5i/AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUAZfzeWiPziB19PYSLqmFtehBi4MwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA3MTU1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AACYMA0GCSqGSIb3DQEBCwUAA4IBAQAqT9XTSfqSdEwDug9MVh8YiI/XxOQo6nw0
x0jwPvmwjyt8lJ+cVv2A2mKXsJfXq5IyuezAKprS+5xsXVG9GFdcJ+87fTAzGnLn
fPALcB4GB1BftNuKRUZzmVhZEbVBqdLO1urBldMKJWj8pOqJFErVf6NeiH4zfaNs
117PCKYmgeB0/UfS5tSN2n0BkwHO1KNyXvyKCsjy7wgwibi8p38sr+oNSsrdssMR
4f2O8+bUJ2XA5eU/I7CIAc8c6PNIK9/qZ5z26X5tBoqJd0L7X1Lz1eMMxjSbWNep
aByZhtbMv4PdyzjnbnMx0z++QmHvhOUrFZFn6C80v1bE6MHL2r1b
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:42 2025 by rpki-client