Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207341.roa
File: AS207341.roa (raw, json)
Hash identifier: RzMORifn6huzddclExkEe76NAsZar+Enrglc2bgNkME=
Subject key identifier: BC:75:47:B9:A9:BD:A3:B4:E6:72:05:E3:B0:F5:BC:FF:56:96:A3:63
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 587C3210ED43B3A74F0A43A5D5E72C763F13E3C2
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207341.roa
Signing time: Thu 07 Aug 2025 10:14:47 +0000
ROA not before: Thu 07 Aug 2025 10:09:47 +0000
ROA not after: Thu 06 Aug 2026 10:14:47 +0000
asID: 207341
IP address blocks: 2a0f:85c1:cd1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:7c:32:10:ed:43:b3:a7:4f:0a:43:a5:d5:e7:2c:76:3f:13:e3:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 7 10:09:47 2025 GMT
Not After : Aug 6 10:14:47 2026 GMT
Subject: CN=BC7547B9A9BDA3B4E67205E3B0F5BCFF5696A363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e7:00:4d:b4:0e:ba:27:e2:dc:b1:89:36:1c:
56:90:5d:9a:5f:f0:e5:e2:e6:89:b3:45:7a:f4:33:
c2:8b:16:91:af:96:f8:12:f8:d5:74:24:0e:8e:b1:
07:45:e6:17:5d:47:36:e4:7a:af:bd:01:20:4a:6b:
ca:45:f0:4e:b1:8d:f3:2e:54:48:8a:d1:14:5d:2d:
3c:e9:3e:fd:1d:00:a6:df:a6:ab:3f:57:87:70:5d:
a7:6f:5c:c4:dc:38:fc:99:e2:7e:e6:66:39:0f:c1:
2d:d9:73:f9:5a:96:f8:0f:8e:ff:18:c1:b3:1d:94:
90:b5:77:18:10:bb:5f:4f:f1:1e:4f:e4:8d:a3:d5:
35:68:50:f5:48:b4:39:bd:aa:b2:84:34:ee:76:83:
5f:ca:d5:a1:e3:81:22:7c:e9:4d:4f:5c:29:53:68:
5b:1e:b6:cb:9e:cd:6a:69:13:04:93:ad:c9:bb:9b:
93:5d:1b:6c:52:3e:39:6e:73:87:08:fa:b5:c6:9d:
af:8b:83:11:66:2f:c4:7d:c1:30:15:78:8b:65:1d:
05:20:ed:37:79:04:e6:e3:c3:77:bb:e6:62:6f:ef:
83:a6:51:d3:d8:9b:27:6f:a0:10:d0:68:73:22:c9:
3f:2a:c1:e0:73:b1:d4:2d:4c:9f:1a:3b:21:1c:ec:
a3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:75:47:B9:A9:BD:A3:B4:E6:72:05:E3:B0:F5:BC:FF:56:96:A3:63
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207341.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:cd1::/48
Signature Algorithm: sha256WithRSAEncryption
39:e6:e1:65:d8:aa:6e:88:74:80:1a:1e:b0:b4:f8:0f:55:04:
1a:e1:1b:92:ad:f0:9e:3e:ba:a6:8d:df:3b:53:d0:e1:11:f3:
65:4f:11:6b:79:46:7c:2b:3e:61:b6:43:59:09:83:94:30:eb:
96:4e:4a:72:52:c2:4b:49:f4:f3:a6:d7:09:4e:1f:c4:d5:3b:
7f:89:f0:09:11:0b:fb:24:97:6c:22:8a:27:f8:5a:a4:f2:16:
df:96:72:8e:74:48:7e:c0:e0:21:37:e9:34:bb:2b:1b:87:69:
d3:01:4e:9c:dc:be:87:9a:d5:36:cc:ce:ac:0e:8a:2b:e1:a8:
a4:91:21:3a:a0:2b:e5:fd:9b:55:ff:1e:dc:90:56:9e:ac:75:
02:68:df:dd:3d:e6:ff:5f:18:60:dc:71:33:cb:78:ad:7b:12:
bb:7d:97:39:0e:97:fb:b7:65:87:18:13:75:30:91:85:bb:13:
47:0c:df:4f:3c:76:15:75:40:f0:0e:0e:9e:94:32:6a:02:b3:
3c:96:2e:d6:06:62:ed:a1:88:a9:69:d2:e9:61:3e:3b:1b:a7:
61:58:8b:3f:64:64:24:06:c5:84:76:bf:67:b4:6d:7f:d6:40:
73:58:18:2d:98:0b:f8:0b:ed:d1:fc:be:e3:a4:39:99:4f:fa:
5d:8d:92:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUWHwyEO1Ds6dPCkOl1ecsdj8T48IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA4MDcxMDA5NDdaFw0yNjA4MDYxMDE0NDdaMDMxMTAvBgNV
BAMTKEJDNzU0N0I5QTlCREEzQjRFNjcyMDVFM0IwRjVCQ0ZGNTY5NkEzNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDn5wBNtA66J+LcsYk2HFaQXZpf
8OXi5omzRXr0M8KLFpGvlvgS+NV0JA6OsQdF5hddRzbkeq+9ASBKa8pF8E6xjfMu
VEiK0RRdLTzpPv0dAKbfpqs/V4dwXadvXMTcOPyZ4n7mZjkPwS3Zc/lalvgPjv8Y
wbMdlJC1dxgQu19P8R5P5I2j1TVoUPVItDm9qrKENO52g1/K1aHjgSJ86U1PXClT
aFsetsuezWppEwSTrcm7m5NdG2xSPjluc4cI+rXGna+LgxFmL8R9wTAVeItlHQUg
7Td5BObjw3e75mJv74OmUdPYmydvoBDQaHMiyT8qweBzsdQtTJ8aOyEc7KMlAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUvHVHuam9o7TmcgXjsPW8/1aWo2MwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA3MzQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQzRMA0GCSqGSIb3DQEBCwUAA4IBAQA55uFl2KpuiHSAGh6wtPgPVQQa4RuSrfCe
Prqmjd87U9DhEfNlTxFreUZ8Kz5htkNZCYOUMOuWTkpyUsJLSfTzptcJTh/E1Tt/
ifAJEQv7JJdsIoon+Fqk8hbflnKOdEh+wOAhN+k0uysbh2nTAU6c3L6HmtU2zM6s
Door4aikkSE6oCvl/ZtV/x7ckFaerHUCaN/dPeb/Xxhg3HEzy3itexK7fZc5Dpf7
t2WHGBN1MJGFuxNHDN9PPHYVdUDwDg6elDJqArM8li7WBmLtoYipadLpYT47G6dh
WIs/ZGQkBsWEdr9ntG1/1kBzWBgtmAv4C+3R/L7jpDmZT/pdjZLF
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:51:46 2025 by rpki-client