Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214393.roa
File: AS214393.roa (raw, json)
Hash identifier: 9vWLYPV31KTUjOqvoj9eRLwcAinsYS5hWuzAjqAnKLM=
Subject key identifier: E5:D3:26:40:D9:7B:3E:6E:97:35:A2:D0:2D:91:52:FE:E9:45:48:AB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5E7377714536D11C163BA0333D01D576D151C021
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214393.roa
Signing time: Sun 29 Jun 2025 11:46:19 +0000
ROA not before: Sun 29 Jun 2025 11:41:19 +0000
ROA not after: Sun 28 Jun 2026 11:46:19 +0000
asID: 214393
IP address blocks: 2a13:9500:9e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 14:44:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:73:77:71:45:36:d1:1c:16:3b:a0:33:3d:01:d5:76:d1:51:c0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 29 11:41:19 2025 GMT
Not After : Jun 28 11:46:19 2026 GMT
Subject: CN=E5D32640D97B3E6E9735A2D02D9152FEE94548AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6e:4a:f8:bf:22:5c:a0:48:d3:c6:0f:57:e5:
8e:7b:ba:69:6b:23:59:3f:55:de:47:0e:b4:c3:78:
ed:bb:92:4f:07:6f:20:e1:0f:1b:4c:81:81:85:47:
19:8a:56:56:03:9f:fe:3a:a9:0a:e6:8d:f2:d5:1f:
56:3b:ac:32:9f:5c:c8:46:d9:13:a2:df:53:ab:bd:
06:b9:d1:2c:5e:ba:99:93:00:14:64:90:f9:cc:a9:
70:5b:d5:41:09:30:6d:5d:51:51:9b:e1:80:cf:76:
b0:de:6c:aa:c5:99:c8:be:e5:b4:e7:dd:e5:04:73:
66:0e:ec:e3:a4:dc:2e:14:98:93:4b:cb:69:d2:1f:
73:f9:15:a0:11:bf:6a:1a:62:8c:fc:c4:43:6b:d7:
d9:6d:1f:fd:99:19:fd:55:6e:be:af:7f:8b:b4:91:
23:b0:5b:54:03:7c:20:49:aa:e0:82:b4:be:a8:33:
78:5f:21:ca:d5:47:d8:fd:44:55:e9:61:cc:8c:d1:
55:81:d5:20:42:23:df:2b:35:cf:15:fe:fb:f4:c8:
0e:72:47:86:62:54:e1:fa:17:01:79:a3:da:94:d6:
13:d2:a2:71:11:6d:94:20:c7:c2:bc:d3:35:bd:0b:
5c:fe:e4:61:e8:1b:d8:ed:53:5f:43:9d:4f:14:bf:
f1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D3:26:40:D9:7B:3E:6E:97:35:A2:D0:2D:91:52:FE:E9:45:48:AB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214393.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:9e::/48
Signature Algorithm: sha256WithRSAEncryption
96:a0:38:8e:8f:07:21:ed:d9:3f:b2:fb:c6:ae:7e:6f:1d:b0:
05:74:fa:bb:b0:e9:94:0b:af:71:38:35:c0:36:87:83:04:fc:
65:3a:da:a1:aa:22:40:58:b2:4c:04:3b:76:81:14:73:e7:c1:
2d:d2:ca:00:b6:ce:fb:99:51:fe:3e:d3:b6:21:98:8e:73:bc:
d0:43:df:b9:f3:ed:7f:04:97:28:6d:a7:83:62:07:02:80:a4:
a5:cb:c8:e9:e2:61:5f:92:1d:cc:ea:d2:3f:ee:49:a0:fb:8e:
3c:12:b5:24:3e:35:4f:71:79:ba:9d:bc:73:f1:85:ca:af:c7:
97:0b:74:a4:6c:0a:96:f1:e2:9e:a2:ea:9f:39:01:5e:4c:4f:
15:28:d3:08:14:f9:bf:70:d2:63:a1:24:a7:10:0c:94:24:2e:
51:7d:34:47:cb:58:c2:6c:c1:10:03:dd:8b:8e:cd:1b:9a:67:
f1:a0:5b:8c:f0:16:be:6e:2d:5f:66:c9:6a:d1:7e:f1:e7:5d:
40:08:8f:48:2d:f7:b9:f2:9e:6d:d7:43:0b:5e:5e:4b:aa:ef:
46:a3:29:66:f8:78:84:78:d3:c8:5b:74:bd:e6:c5:10:24:08:
4f:88:d4:39:f6:50:d7:29:60:3d:a3:25:76:08:16:64:11:dc:
0d:a2:38:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUXnN3cUU20RwWO6AzPQHVdtFRwCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjkxMTQxMTlaFw0yNjA2MjgxMTQ2MTlaMDMxMTAvBgNV
BAMTKEU1RDMyNjQwRDk3QjNFNkU5NzM1QTJEMDJEOTE1MkZFRTk0NTQ4QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHbkr4vyJcoEjTxg9X5Y57umlr
I1k/Vd5HDrTDeO27kk8HbyDhDxtMgYGFRxmKVlYDn/46qQrmjfLVH1Y7rDKfXMhG
2ROi31OrvQa50SxeupmTABRkkPnMqXBb1UEJMG1dUVGb4YDPdrDebKrFmci+5bTn
3eUEc2YO7OOk3C4UmJNLy2nSH3P5FaARv2oaYoz8xENr19ltH/2ZGf1Vbr6vf4u0
kSOwW1QDfCBJquCCtL6oM3hfIcrVR9j9RFXpYcyM0VWB1SBCI98rNc8V/vv0yA5y
R4ZiVOH6FwF5o9qU1hPSonERbZQgx8K80zW9C1z+5GHoG9jtU19DnU8Uv/FlAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU5dMmQNl7Pm6XNaLQLZFS/ulFSKswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0MzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AACeMA0GCSqGSIb3DQEBCwUAA4IBAQCWoDiOjwch7dk/svvGrn5vHbAFdPq7sOmU
C69xODXANoeDBPxlOtqhqiJAWLJMBDt2gRRz58Et0soAts77mVH+PtO2IZiOc7zQ
Q9+58+1/BJcobaeDYgcCgKSly8jp4mFfkh3M6tI/7kmg+448ErUkPjVPcXm6nbxz
8YXKr8eXC3SkbAqW8eKeouqfOQFeTE8VKNMIFPm/cNJjoSSnEAyUJC5RfTRHy1jC
bMEQA92Ljs0bmmfxoFuM8Ba+bi1fZslq0X7x511ACI9ILfe58p5t10MLXl5Lqu9G
oylm+HiEeNPIW3S95sUQJAhPiNQ59lDXKWA9oyV2CBZkEdwNojhg
-----END CERTIFICATE-----
Generated at Mon Jun 30 07:01:21 2025 by rpki-client