Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214851.roa
File: AS214851.roa (raw, json)
Hash identifier: XZEUgAr9O9zES30Riy3FgJ4423kXHSDQdsBxnhoDcKg=
Subject key identifier: 6D:9D:80:05:F3:06:CE:2F:13:48:36:29:10:76:46:9A:0A:3D:51:DA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 452492CDA9CAF9051CF864B4AFBED40C5DFF9AAC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214851.roa
Signing time: Tue 19 Aug 2025 14:15:28 +0000
ROA not before: Tue 19 Aug 2025 14:10:28 +0000
ROA not after: Tue 18 Aug 2026 14:15:28 +0000
asID: 214851
IP address blocks: 2a13:9500:c9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:24:92:cd:a9:ca:f9:05:1c:f8:64:b4:af:be:d4:0c:5d:ff:9a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 19 14:10:28 2025 GMT
Not After : Aug 18 14:15:28 2026 GMT
Subject: CN=6D9D8005F306CE2F134836291076469A0A3D51DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8a:73:fe:06:5d:2d:e4:a4:e5:da:86:df:e0:
d7:ad:43:c9:3d:79:e6:39:de:59:b1:bc:fa:4f:04:
ee:e9:ac:fb:78:19:99:09:0a:ce:fb:8c:1a:97:2c:
86:08:da:5a:e6:41:7b:1f:ce:11:cf:ba:cd:c8:31:
ce:47:76:4f:b7:a2:87:27:fd:cd:28:cc:94:64:a4:
4b:93:f9:b4:00:77:80:01:da:bb:35:af:78:c8:ef:
b0:61:62:de:b5:fb:18:d9:9b:83:06:7f:cc:8f:5d:
ea:23:04:d8:47:17:63:0b:ab:f6:4e:c4:80:1b:2c:
75:44:e1:e5:b7:0f:bf:fb:bd:16:14:82:92:5e:f5:
a2:0a:53:64:ad:c4:88:5f:a7:c2:2d:71:cd:96:cc:
80:22:16:eb:81:94:b0:72:88:05:56:b3:61:06:ef:
31:d6:3c:05:f0:b7:90:e2:07:62:52:bb:36:46:2b:
bb:4f:41:75:e9:c3:6a:57:91:dd:54:0d:98:41:c3:
5f:86:e2:8f:b0:85:87:2d:c7:47:bc:35:4e:22:a5:
1c:7b:d6:9d:b5:31:da:ac:f9:af:0f:14:a8:27:69:
cc:8e:eb:55:22:6c:8b:73:69:65:7d:86:7a:98:fa:
24:cc:ce:c6:03:08:41:f0:21:81:b0:bc:53:f6:46:
a1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9D:80:05:F3:06:CE:2F:13:48:36:29:10:76:46:9A:0A:3D:51:DA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214851.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:c9::/48
Signature Algorithm: sha256WithRSAEncryption
0a:80:48:e4:80:4e:18:7a:ad:57:60:64:13:3b:90:e3:b9:cb:
55:c2:42:fd:ab:3f:cc:e0:f7:0a:28:42:e9:f7:0b:36:8b:7f:
f5:be:75:9d:f4:b5:66:7f:3f:85:cf:85:52:5c:83:91:67:47:
46:b5:14:42:48:b1:39:ed:2e:02:db:f1:f3:3b:71:0e:ba:8c:
b1:51:39:47:2b:dc:98:aa:ef:b6:ff:e4:6d:83:14:50:f1:58:
00:64:f3:2e:34:01:07:61:15:78:85:d8:ec:b6:33:06:c8:17:
a6:f2:6b:7b:e8:9c:10:09:44:02:b4:17:ad:e1:18:7c:23:82:
ed:d4:e1:5e:e9:a8:6b:8c:13:6a:ee:86:44:b2:06:0a:10:1a:
42:63:ab:75:ed:6d:52:23:41:49:0b:75:a0:4c:60:24:1a:03:
29:a0:9c:28:3a:a6:43:e1:06:54:0b:5b:fe:78:d0:e7:0e:17:
49:70:03:63:88:5a:e1:06:32:6d:4e:fc:aa:b9:07:ce:fb:85:
bd:45:b1:20:f8:8a:d1:fd:55:1d:e3:f0:56:cf:ab:cc:6b:8d:
4d:dc:66:76:78:3f:4c:bd:41:f0:14:3c:59:e0:6c:57:83:7a:
64:fd:59:23:7b:98:c6:41:47:4e:6a:11:38:0e:81:aa:c1:8d:
7a:32:06:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIURSSSzanK+QUc+GS0r77UDF3/mqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MTkxNDEwMjhaFw0yNjA4MTgxNDE1MjhaMDMxMTAvBgNV
BAMTKDZEOUQ4MDA1RjMwNkNFMkYxMzQ4MzYyOTEwNzY0NjlBMEEzRDUxREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdinP+Bl0t5KTl2obf4NetQ8k9
eeY53lmxvPpPBO7prPt4GZkJCs77jBqXLIYI2lrmQXsfzhHPus3IMc5Hdk+3oocn
/c0ozJRkpEuT+bQAd4AB2rs1r3jI77BhYt61+xjZm4MGf8yPXeojBNhHF2MLq/ZO
xIAbLHVE4eW3D7/7vRYUgpJe9aIKU2StxIhfp8Itcc2WzIAiFuuBlLByiAVWs2EG
7zHWPAXwt5DiB2JSuzZGK7tPQXXpw2pXkd1UDZhBw1+G4o+whYctx0e8NU4ipRx7
1p21Mdqs+a8PFKgnacyO61UibItzaWV9hnqY+iTMzsYDCEHwIYGwvFP2RqE/AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUbZ2ABfMGzi8TSDYpEHZGmgo9UdowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0ODUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AADJMA0GCSqGSIb3DQEBCwUAA4IBAQAKgEjkgE4Yeq1XYGQTO5DjuctVwkL9qz/M
4PcKKELp9ws2i3/1vnWd9LVmfz+Fz4VSXIORZ0dGtRRCSLE57S4C2/HzO3EOuoyx
UTlHK9yYqu+2/+RtgxRQ8VgAZPMuNAEHYRV4hdjstjMGyBem8mt76JwQCUQCtBet
4Rh8I4Lt1OFe6ahrjBNq7oZEsgYKEBpCY6t17W1SI0FJC3WgTGAkGgMpoJwoOqZD
4QZUC1v+eNDnDhdJcANjiFrhBjJtTvyquQfO+4W9RbEg+IrR/VUd4/BWz6vMa41N
3GZ2eD9MvUHwFDxZ4GxXg3pk/Vkje5jGQUdOahE4DoGqwY16Mgbx
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:07:51 2025 by rpki-client