Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212071.roa
File: AS212071.roa (raw, json)
Hash identifier: oddkHhBeqq0UgQaJz+qcOgny7L/OX9K5PHTx5rFO+fk=
Subject key identifier: 1D:8D:48:27:22:0C:FE:9A:DB:CA:05:FD:A2:8C:58:3E:2B:79:CE:34
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2204F2DA4B49756F2A5E081BA32F66643C8EAB2F
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212071.roa
Signing time: Thu 07 Aug 2025 10:16:45 +0000
ROA not before: Thu 07 Aug 2025 10:11:45 +0000
ROA not after: Thu 06 Aug 2026 10:16:45 +0000
asID: 212071
IP address blocks: 2a0f:85c1:bb4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:04:f2:da:4b:49:75:6f:2a:5e:08:1b:a3:2f:66:64:3c:8e:ab:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 7 10:11:45 2025 GMT
Not After : Aug 6 10:16:45 2026 GMT
Subject: CN=1D8D4827220CFE9ADBCA05FDA28C583E2B79CE34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6d:b4:e3:ca:5c:00:c2:d4:54:c5:8c:54:89:
2f:1e:b8:24:62:30:1b:45:55:87:19:30:1b:82:e0:
95:c8:68:5c:b8:c3:8b:2e:b8:4a:cf:18:50:1e:f1:
59:54:ca:1e:6c:91:fc:35:49:af:37:4e:e2:26:a8:
4e:af:b3:03:04:84:a1:79:ae:6d:8e:d3:fc:4b:e8:
24:8e:03:6b:21:78:a0:51:dd:3f:90:39:41:8d:45:
ee:b0:15:20:08:d7:38:f9:67:66:d5:f6:9b:01:f1:
f2:d5:c4:23:05:d6:f8:bf:67:76:60:47:a6:53:bc:
3a:b0:5c:ab:1c:6f:20:d5:42:bc:7a:65:25:c0:98:
46:05:34:aa:d3:41:f7:45:af:98:09:76:ca:9a:d6:
8b:3e:e8:b3:f0:99:49:1b:0a:2e:34:42:4e:11:09:
15:8e:77:cc:80:95:66:36:2a:a6:c4:99:e1:45:50:
e7:8d:2f:56:46:55:40:20:95:76:7e:de:be:4c:1f:
7a:26:01:3e:12:52:62:62:5c:6f:8c:6b:77:ac:ee:
50:80:7e:e0:39:94:da:94:c3:8d:94:55:0a:2d:43:
bb:d7:e3:cc:16:af:77:7b:16:de:cb:50:f2:d1:47:
1b:07:d0:de:17:8d:32:84:bd:26:7d:bb:e4:9d:c8:
05:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8D:48:27:22:0C:FE:9A:DB:CA:05:FD:A2:8C:58:3E:2B:79:CE:34
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212071.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:bb4::/48
Signature Algorithm: sha256WithRSAEncryption
64:69:ed:f3:84:b7:9c:77:4f:a6:6b:ee:b3:95:a6:96:31:01:
18:e2:3e:c5:c0:07:59:bb:fe:80:e5:1c:32:e5:94:be:c6:59:
1a:ca:9e:98:aa:cd:29:e1:d6:f2:46:7d:1e:d3:c9:b0:bc:c6:
d8:98:32:da:29:e5:bb:cf:67:21:79:dd:0a:5c:ff:94:21:c4:
ed:46:5e:d1:3c:24:48:fb:41:31:9e:2d:c4:46:b7:58:0a:48:
65:a1:0b:9d:91:72:62:37:55:11:3a:6d:0f:0e:39:ec:73:1f:
73:3e:d5:3d:3f:72:37:70:51:22:b1:e1:ba:13:47:61:44:c3:
d4:cf:27:a6:9b:20:72:27:da:de:fa:63:16:81:f6:1e:0c:fe:
06:f7:ec:3c:42:d7:60:25:31:7d:31:20:09:a5:94:96:0b:f9:
a8:fb:ca:86:fa:24:ec:78:25:7a:e5:4e:89:06:d0:06:f9:c4:
8c:b7:2d:37:fc:c4:8c:e8:c4:54:2f:f1:66:71:92:93:d8:50:
16:df:ed:a2:2f:2e:36:20:e3:07:a3:25:95:85:e3:76:d3:2e:
c9:94:04:98:b7:16:2a:21:28:3c:be:eb:5c:89:df:a2:4e:5b:
ae:98:4c:e4:33:6b:f8:83:05:8d:59:98:5e:0e:40:33:ff:bf:
fe:27:b8:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUIgTy2ktJdW8qXggboy9mZDyOqy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA4MDcxMDExNDVaFw0yNjA4MDYxMDE2NDVaMDMxMTAvBgNV
BAMTKDFEOEQ0ODI3MjIwQ0ZFOUFEQkNBMDVGREEyOEM1ODNFMkI3OUNFMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFbbTjylwAwtRUxYxUiS8euCRi
MBtFVYcZMBuC4JXIaFy4w4suuErPGFAe8VlUyh5skfw1Sa83TuImqE6vswMEhKF5
rm2O0/xL6CSOA2sheKBR3T+QOUGNRe6wFSAI1zj5Z2bV9psB8fLVxCMF1vi/Z3Zg
R6ZTvDqwXKscbyDVQrx6ZSXAmEYFNKrTQfdFr5gJdsqa1os+6LPwmUkbCi40Qk4R
CRWOd8yAlWY2KqbEmeFFUOeNL1ZGVUAglXZ+3r5MH3omAT4SUmJiXG+Ma3es7lCA
fuA5lNqUw42UVQotQ7vX48wWr3d7Ft7LUPLRRxsH0N4XjTKEvSZ9u+SdyAXvAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUHY1IJyIM/prbygX9ooxYPit5zjQwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEyMDcxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQu0MA0GCSqGSIb3DQEBCwUAA4IBAQBkae3zhLecd0+ma+6zlaaWMQEY4j7FwAdZ
u/6A5Rwy5ZS+xlkayp6Yqs0p4dbyRn0e08mwvMbYmDLaKeW7z2ched0KXP+UIcTt
Rl7RPCRI+0Exni3ERrdYCkhloQudkXJiN1UROm0PDjnscx9zPtU9P3I3cFEiseG6
E0dhRMPUzyemmyByJ9re+mMWgfYeDP4G9+w8QtdgJTF9MSAJpZSWC/mo+8qG+iTs
eCV65U6JBtAG+cSMty03/MSM6MRUL/FmcZKT2FAW3+2iLy42IOMHoyWVheN20y7J
lASYtxYqISg8vutcid+iTluumEzkM2v4gwWNWZheDkAz/7/+J7gu
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:55:27 2025 by rpki-client