Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206877.roa
File: AS206877.roa (raw, json)
Hash identifier: 98hbqYifHMQ0FurSElCWbQSU58LF1f17edsYd6O2FQs=
Subject key identifier: CA:8D:52:FF:76:DB:DB:39:73:AC:5C:61:92:D4:49:8C:F7:88:AB:1A
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 75B7CE3A91A93073919733AEBB4F3DA6D27A6E18
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206877.roa
Signing time: Mon 18 Aug 2025 20:53:56 +0000
ROA not before: Mon 18 Aug 2025 20:48:56 +0000
ROA not after: Mon 17 Aug 2026 20:53:56 +0000
asID: 206877
IP address blocks: 2a0f:85c1:c6b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:b7:ce:3a:91:a9:30:73:91:97:33:ae:bb:4f:3d:a6:d2:7a:6e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 18 20:48:56 2025 GMT
Not After : Aug 17 20:53:56 2026 GMT
Subject: CN=CA8D52FF76DBDB3973AC5C6192D4498CF788AB1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:60:2a:bd:29:9a:52:30:ff:cc:7a:ee:c6:10:
bd:e5:7a:3d:16:ee:f3:91:0b:4d:70:0e:06:4e:c5:
67:74:18:c2:f8:63:35:be:d7:94:9e:2e:36:11:ae:
f2:ee:bf:a9:02:2b:9d:00:c2:7c:a9:35:c5:1a:22:
bb:31:09:75:2e:ee:a8:4a:94:63:76:65:2f:90:d1:
03:08:fc:fc:d5:ae:53:f3:36:6d:fa:ca:74:dc:9f:
87:31:e1:fa:ae:3d:32:4d:c1:d6:d2:c6:6c:c7:09:
38:b4:6e:e8:59:d2:24:79:ca:a5:db:74:7c:15:0d:
b4:c9:25:16:64:11:98:62:3a:00:34:ee:2d:7c:3a:
2b:c3:21:f7:a2:14:c6:71:d6:be:03:bf:de:d3:e1:
e6:b6:25:cd:90:e8:34:fd:f9:4e:28:85:25:95:c8:
2a:28:d4:52:c2:05:cf:44:e7:ee:f5:ce:8e:03:48:
27:d7:e1:e0:1b:43:de:17:d5:2c:34:95:95:e5:22:
34:7c:59:6b:73:55:53:09:0e:60:4a:4a:85:ef:2a:
d0:7c:83:6e:eb:bb:d0:ab:5e:c5:b8:4e:89:62:78:
d2:ef:2e:cc:75:a3:f4:03:d2:9c:54:21:98:9f:79:
9f:70:d5:a6:80:d7:90:f5:16:c2:3c:ca:2b:e4:b9:
5e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8D:52:FF:76:DB:DB:39:73:AC:5C:61:92:D4:49:8C:F7:88:AB:1A
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206877.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:c6b::/48
Signature Algorithm: sha256WithRSAEncryption
c7:59:72:b5:61:ad:fd:68:6f:b5:13:8b:8a:ba:43:f1:20:9f:
32:13:f1:03:8c:d1:11:23:66:e1:aa:3c:e0:e7:a9:07:fd:b0:
6a:d2:77:76:b9:7a:33:75:1c:2c:f8:01:6d:4a:a3:16:e1:6e:
d8:52:de:e5:be:f5:17:fc:5b:27:74:ac:3e:4b:38:42:41:9a:
40:6f:fb:c2:7a:da:e8:84:9a:de:d9:ff:f1:43:17:ba:87:f0:
e9:e8:45:59:04:23:19:19:5a:e9:83:e4:af:78:83:8e:a9:6f:
a3:86:93:1f:fb:a2:7f:fa:2d:55:c2:2e:d3:96:08:5e:73:5d:
1b:27:9d:98:e8:93:f7:cf:3e:c1:b4:db:4a:68:de:1e:b9:34:
f3:49:3c:66:c2:34:d0:cd:73:65:05:a3:19:3a:8f:27:b5:71:
25:87:09:b2:34:c9:fe:29:91:ed:40:9e:1a:6a:f5:e1:ec:8b:
81:68:4b:4c:40:78:7b:c4:8c:39:cf:8b:dd:1a:c9:c2:ba:f8:
0f:b8:f1:c3:88:99:76:a9:fa:eb:c6:8b:ed:74:1a:6d:7a:e3:
fc:f5:96:c2:a0:f6:c0:aa:a6:73:2f:c0:1d:6a:d5:02:90:92:
25:a9:e6:2a:5f:01:7d:fd:0c:9a:c6:30:27:f9:a3:69:35:96:
d2:be:71:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUdbfOOpGpMHORlzOuu089ptJ6bhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA4MTgyMDQ4NTZaFw0yNjA4MTcyMDUzNTZaMDMxMTAvBgNV
BAMTKENBOEQ1MkZGNzZEQkRCMzk3M0FDNUM2MTkyRDQ0OThDRjc4OEFCMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYYCq9KZpSMP/Meu7GEL3lej0W
7vORC01wDgZOxWd0GML4YzW+15SeLjYRrvLuv6kCK50AwnypNcUaIrsxCXUu7qhK
lGN2ZS+Q0QMI/PzVrlPzNm36ynTcn4cx4fquPTJNwdbSxmzHCTi0buhZ0iR5yqXb
dHwVDbTJJRZkEZhiOgA07i18OivDIfeiFMZx1r4Dv97T4ea2Jc2Q6DT9+U4ohSWV
yCoo1FLCBc9E5+71zo4DSCfX4eAbQ94X1Sw0lZXlIjR8WWtzVVMJDmBKSoXvKtB8
g27ru9CrXsW4TolieNLvLsx1o/QD0pxUIZifeZ9w1aaA15D1FsI8yivkuV6ZAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUyo1S/3bb2zlzrFxhktRJjPeIqxowHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA2ODc3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQxrMA0GCSqGSIb3DQEBCwUAA4IBAQDHWXK1Ya39aG+1E4uKukPxIJ8yE/EDjNER
I2bhqjzg56kH/bBq0nd2uXozdRws+AFtSqMW4W7YUt7lvvUX/FsndKw+SzhCQZpA
b/vCetrohJre2f/xQxe6h/Dp6EVZBCMZGVrpg+SveIOOqW+jhpMf+6J/+i1Vwi7T
lghec10bJ52Y6JP3zz7BtNtKaN4euTTzSTxmwjTQzXNlBaMZOo8ntXElhwmyNMn+
KZHtQJ4aavXh7IuBaEtMQHh7xIw5z4vdGsnCuvgPuPHDiJl2qfrrxovtdBpteuP8
9ZbCoPbAqqZzL8AdatUCkJIlqeYqXwF9/QyaxjAn+aNpNZbSvnFg
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:49:24 2025 by rpki-client