Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS205422.roa
File: AS205422.roa (raw, json)
Hash identifier: X24eGBQX++ny9sndgyW0iUN46p/3LxlJ6F522KT82Zw=
Subject key identifier: C7:2E:B1:14:D7:F3:32:D0:CF:12:5F:D5:A9:00:FA:01:18:EE:73:4F
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 01BFA6587DDAFC00F88FBE5F4AF5F0295E3CB6E2
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS205422.roa
Signing time: Mon 18 Aug 2025 20:54:19 +0000
ROA not before: Mon 18 Aug 2025 20:49:19 +0000
ROA not after: Mon 17 Aug 2026 20:54:19 +0000
asID: 205422
IP address blocks: 2a0f:85c1:ced::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:bf:a6:58:7d:da:fc:00:f8:8f:be:5f:4a:f5:f0:29:5e:3c:b6:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 18 20:49:19 2025 GMT
Not After : Aug 17 20:54:19 2026 GMT
Subject: CN=C72EB114D7F332D0CF125FD5A900FA0118EE734F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:48:9c:fe:b0:09:5c:e6:64:9d:94:a1:a3:5e:
21:86:a7:03:29:42:fc:c8:14:50:e6:ab:d9:7e:a8:
66:64:ca:91:f0:58:36:f4:9a:7c:27:3c:ea:8f:ac:
d8:05:2b:00:34:f8:7e:b7:6a:86:97:b2:5c:e9:f1:
ee:55:1b:b5:a5:9d:a0:a0:71:af:d6:0f:c3:6c:9c:
42:1a:0b:dc:25:4d:cc:3e:ed:0c:11:57:7d:9e:90:
cf:b7:0b:e2:28:4a:22:5f:83:64:ab:09:9b:cf:d3:
ce:28:8a:43:6b:19:2b:3d:bc:ec:32:d2:a1:d0:67:
d3:f4:39:90:be:fb:9d:88:f6:9d:f6:d1:07:47:99:
7e:08:13:2f:59:06:9c:f7:61:5e:b1:82:86:86:35:
c7:2b:cd:81:c3:9c:d2:ae:b7:3b:87:6b:7a:a7:f3:
51:2f:93:83:1c:1b:59:36:04:cb:c7:e2:22:2d:1c:
29:01:35:7d:ee:ba:0b:34:33:2e:67:14:64:bb:ec:
d9:7d:ea:da:5a:18:d1:36:d0:d8:f5:af:63:3d:d7:
c6:2d:92:4e:c3:42:25:1e:db:d0:fc:fb:f6:15:0b:
6c:69:dd:54:e9:83:28:06:fa:80:97:20:22:b7:25:
8f:f2:7f:9b:33:7c:39:02:76:2e:ee:bf:9c:c0:fc:
01:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2E:B1:14:D7:F3:32:D0:CF:12:5F:D5:A9:00:FA:01:18:EE:73:4F
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS205422.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:ced::/48
Signature Algorithm: sha256WithRSAEncryption
5c:fa:ec:8c:e3:0f:68:47:e7:48:c1:80:16:f2:30:60:1d:e9:
c1:68:a6:23:dc:fa:07:08:cd:38:1a:1d:9f:e8:68:de:61:54:
ee:95:f3:61:12:03:95:9e:f6:1c:37:a0:81:d3:66:98:50:53:
15:f4:b6:c7:a8:53:fe:0e:72:89:32:69:cc:f4:62:07:0c:53:
9d:72:71:d2:b1:d2:d7:0f:20:23:85:44:3c:dc:cd:0a:46:ab:
a6:6b:11:14:10:1a:58:d2:46:35:e6:0b:8c:fe:4c:72:d6:57:
76:21:27:c0:a8:5b:55:2d:78:13:bb:c4:d1:e1:61:9d:f2:63:
9e:4b:6f:65:f5:9a:57:48:5d:85:f8:c1:0a:21:a1:58:44:ce:
6e:7f:0b:d1:e0:af:0f:90:38:1f:a8:f2:07:2c:b8:9b:26:96:
a8:ad:8e:ef:6a:d2:37:fc:83:62:ff:67:14:a1:34:50:29:41:
f7:5b:96:62:83:4f:83:dd:3d:59:69:83:6b:78:c6:91:21:1f:
2d:f0:f1:74:64:ae:f5:40:c9:65:78:dd:7b:77:db:9b:b9:ef:
a3:2a:54:b0:01:c5:aa:d2:6e:fa:bb:39:51:36:e8:14:b8:9f:
75:ea:26:90:8f:d8:eb:8f:88:64:39:a1:7a:50:fb:be:aa:72:
d2:88:13:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUAb+mWH3a/AD4j75fSvXwKV48tuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA4MTgyMDQ5MTlaFw0yNjA4MTcyMDU0MTlaMDMxMTAvBgNV
BAMTKEM3MkVCMTE0RDdGMzMyRDBDRjEyNUZENUE5MDBGQTAxMThFRTczNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMSJz+sAlc5mSdlKGjXiGGpwMp
QvzIFFDmq9l+qGZkypHwWDb0mnwnPOqPrNgFKwA0+H63aoaXslzp8e5VG7WlnaCg
ca/WD8NsnEIaC9wlTcw+7QwRV32ekM+3C+IoSiJfg2SrCZvP084oikNrGSs9vOwy
0qHQZ9P0OZC++52I9p320QdHmX4IEy9ZBpz3YV6xgoaGNccrzYHDnNKutzuHa3qn
81Evk4McG1k2BMvH4iItHCkBNX3uugs0My5nFGS77Nl96tpaGNE20Nj1r2M918Yt
kk7DQiUe29D8+/YVC2xp3VTpgygG+oCXICK3JY/yf5szfDkCdi7uv5zA/AG7AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUxy6xFNfzMtDPEl/VqQD6ARjuc08wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA1NDIyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQztMA0GCSqGSIb3DQEBCwUAA4IBAQBc+uyM4w9oR+dIwYAW8jBgHenBaKYj3PoH
CM04Gh2f6GjeYVTulfNhEgOVnvYcN6CB02aYUFMV9LbHqFP+DnKJMmnM9GIHDFOd
cnHSsdLXDyAjhUQ83M0KRqumaxEUEBpY0kY15guM/kxy1ld2ISfAqFtVLXgTu8TR
4WGd8mOeS29l9ZpXSF2F+MEKIaFYRM5ufwvR4K8PkDgfqPIHLLibJpaorY7vatI3
/INi/2cUoTRQKUH3W5Zig0+D3T1ZaYNreMaRIR8t8PF0ZK71QMlleN17d9ubue+j
KlSwAcWq0m76uzlRNugUuJ916iaQj9jrj4hkOaF6UPu+qnLSiBMe
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:03 2025 by rpki-client