Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214480.roa
File: AS214480.roa (raw, json)
Hash identifier: a6HJ9q6ShwRjnd6yRyqUMmFkkzjZMRntT5g8PhkWu7A=
Subject key identifier: 04:45:E4:E1:30:15:C8:4D:6E:85:D8:84:45:80:2A:C0:D3:F2:31:AE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 114E8DC7D42FC140CC9555CAB032BC5BF79D2A20
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214480.roa
Signing time: Thu 23 Apr 2026 11:47:05 +0000
ROA not before: Thu 23 Apr 2026 11:42:05 +0000
ROA not after: Thu 22 Apr 2027 11:47:05 +0000
asID: 214480
IP address blocks: 2a13:9500:60::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:4e:8d:c7:d4:2f:c1:40:cc:95:55:ca:b0:32:bc:5b:f7:9d:2a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 23 11:42:05 2026 GMT
Not After : Apr 22 11:47:05 2027 GMT
Subject: CN=0445E4E13015C84D6E85D88445802AC0D3F231AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a2:17:cc:dc:5f:14:1e:fd:d9:ad:2e:ab:00:
3d:76:bc:28:26:49:c6:17:b9:6f:fa:54:49:5d:85:
2a:3d:0f:58:06:45:12:76:ee:03:31:f4:01:50:35:
55:d5:00:bd:4a:99:85:7d:5b:ad:7e:02:8b:fd:81:
8d:df:bf:35:b5:22:ba:cc:d9:a4:03:d4:43:90:68:
aa:4b:ff:9a:10:d2:14:a7:9f:af:a8:81:42:54:6d:
a5:2c:27:cd:ea:5a:d7:a7:6e:0a:41:06:96:e3:2d:
ad:07:74:20:56:f8:d5:d8:55:be:c2:f5:93:c5:e2:
c9:b7:1d:83:a9:c8:81:4c:55:d6:32:bb:7f:36:92:
4e:b8:7b:f2:a5:e9:1e:3b:2d:6b:24:9e:ff:10:b5:
67:12:73:bf:af:34:ce:18:35:67:22:46:c3:b1:91:
d0:5d:b8:b7:e2:64:d1:f7:85:27:d7:9f:66:06:4e:
ed:0a:69:23:fe:2f:48:22:0f:9b:19:49:71:52:69:
ca:64:ab:0d:54:e7:ad:5d:26:97:db:1d:fc:ff:a9:
aa:58:b8:c1:36:37:cb:e9:1c:e6:9e:50:fd:90:f9:
56:6a:3a:74:6b:4f:53:e3:43:2a:b8:4a:76:43:30:
41:87:b2:01:b7:94:e2:67:6f:d8:2c:14:b1:40:32:
a2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:45:E4:E1:30:15:C8:4D:6E:85:D8:84:45:80:2A:C0:D3:F2:31:AE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214480.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:60::/48
Signature Algorithm: sha256WithRSAEncryption
15:c7:26:37:cb:77:0b:09:cf:90:c3:cd:1c:24:91:86:e9:a4:
e8:85:f1:70:f2:1f:39:35:8f:1b:c1:83:97:b4:25:43:d5:b0:
0c:4d:f4:5f:74:96:34:16:0c:81:82:a3:79:0e:df:fd:76:c7:
e6:20:70:4f:d4:0c:d7:eb:b7:86:ea:2c:dc:00:bf:63:b6:f1:
62:6a:70:e2:67:6b:4e:d1:8a:e5:c0:f8:2f:7b:d0:7e:38:73:
e2:15:fc:a2:87:2b:1a:f5:35:b3:53:18:2e:66:04:3d:9a:d7:
66:ba:b3:83:fb:4d:7d:bf:c2:f4:bb:bd:fe:09:19:8e:44:b7:
97:2e:44:ad:e6:de:b4:b7:33:8a:63:f5:2f:37:36:85:2b:40:
68:ef:e3:aa:94:b9:31:8b:04:11:4b:3b:82:01:ab:a3:b8:d3:
62:ae:69:5e:f7:34:1a:f0:9c:fb:b3:97:9e:b7:2f:d3:c9:91:
1b:f2:51:89:04:ac:c1:2d:dc:fa:73:4c:ab:eb:5a:1d:8d:9f:
19:17:ad:63:d8:5d:02:e0:2d:64:99:6d:18:b4:d6:64:9b:dc:
07:a7:c5:62:bd:5b:6f:d6:51:f9:9c:1c:af:02:30:26:38:49:
6c:cf:2e:be:61:06:e5:8a:a8:07:ae:9f:2f:dc:fb:24:eb:49:
ea:7a:d8:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUEU6Nx9QvwUDMlVXKsDK8W/edKiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjMxMTQyMDVaFw0yNzA0MjIxMTQ3MDVaMDMxMTAvBgNV
BAMTKDA0NDVFNEUxMzAxNUM4NEQ2RTg1RDg4NDQ1ODAyQUMwRDNGMjMxQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlohfM3F8UHv3ZrS6rAD12vCgm
ScYXuW/6VEldhSo9D1gGRRJ27gMx9AFQNVXVAL1KmYV9W61+Aov9gY3fvzW1IrrM
2aQD1EOQaKpL/5oQ0hSnn6+ogUJUbaUsJ83qWtenbgpBBpbjLa0HdCBW+NXYVb7C
9ZPF4sm3HYOpyIFMVdYyu382kk64e/Kl6R47LWsknv8QtWcSc7+vNM4YNWciRsOx
kdBduLfiZNH3hSfXn2YGTu0KaSP+L0giD5sZSXFSacpkqw1U561dJpfbHfz/qapY
uME2N8vpHOaeUP2Q+VZqOnRrT1PjQyq4SnZDMEGHsgG3lOJnb9gsFLFAMqJJAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUBEXk4TAVyE1uhdiERYAqwNPyMa4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDgwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AABgMA0GCSqGSIb3DQEBCwUAA4IBAQAVxyY3y3cLCc+Qw80cJJGG6aTohfFw8h85
NY8bwYOXtCVD1bAMTfRfdJY0FgyBgqN5Dt/9dsfmIHBP1AzX67eG6izcAL9jtvFi
anDiZ2tO0YrlwPgve9B+OHPiFfyihysa9TWzUxguZgQ9mtdmurOD+019v8L0u73+
CRmORLeXLkSt5t60tzOKY/UvNzaFK0Bo7+OqlLkxiwQRSzuCAaujuNNirmle9zQa
8Jz7s5eety/TyZEb8lGJBKzBLdz6c0yr61odjZ8ZF61j2F0C4C1kmW0YtNZkm9wH
p8VivVtv1lH5nByvAjAmOElszy6+YQbliqgHrp8v3Psk60nqethy
-----END CERTIFICATE-----
Generated at Tue May 12 23:40:30 2026 by rpki-client