Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214022.roa
File: AS214022.roa (raw, json)
Hash identifier: 4lHIjVl3tEOSwgDzc5RlnTc1T9RHU+qGV64orqa2Uf0=
Subject key identifier: 66:6C:90:56:45:29:BB:7C:43:65:14:19:4C:A3:61:17:04:8A:6B:8A
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 52041D8649A46CE677EB6EED394EB1401D1B3528
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214022.roa
Signing time: Thu 09 Oct 2025 19:07:56 +0000
ROA not before: Thu 09 Oct 2025 19:02:56 +0000
ROA not after: Thu 08 Oct 2026 19:07:56 +0000
asID: 214022
IP address blocks: 2a0f:85c1:8b5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:04:1d:86:49:a4:6c:e6:77:eb:6e:ed:39:4e:b1:40:1d:1b:35:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Oct 9 19:02:56 2025 GMT
Not After : Oct 8 19:07:56 2026 GMT
Subject: CN=666C90564529BB7C436514194CA36117048A6B8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3f:3b:09:59:55:d6:96:e6:9f:dd:d0:a2:50:
69:27:9a:65:69:58:76:35:45:a5:da:bd:ba:c8:4f:
3a:41:8a:45:c7:35:5c:cc:64:98:83:46:04:36:30:
f9:1d:95:55:83:fd:59:18:37:1a:52:d3:b7:1e:82:
6d:7c:e2:37:11:53:9e:5c:15:fa:b8:03:fd:f8:8b:
ad:2a:b3:c1:ff:51:5d:97:55:9c:0e:3b:8a:e4:51:
39:15:76:0c:ea:a5:eb:52:f6:2f:c5:34:24:01:74:
28:cd:fc:cc:2f:60:83:4a:65:f3:99:19:05:59:ce:
27:bb:3d:a8:8f:fe:da:a2:9f:b2:2a:ea:4a:e3:3c:
76:6c:1f:2a:87:d8:1f:a6:b0:84:22:f0:3d:5c:39:
2d:a2:29:e2:aa:a6:f4:fa:21:8d:6f:11:27:44:04:
2d:6d:be:66:b4:38:90:9a:bb:83:3d:37:b9:92:11:
59:fc:b3:ca:b1:7a:20:7a:7d:8f:4f:70:73:0f:fd:
fe:2e:ed:74:9b:17:a5:2f:3f:62:3d:2d:61:53:64:
ce:f0:57:0f:7e:56:24:45:5f:48:e4:ab:53:fa:81:
8e:e8:10:4a:2e:64:e2:04:e7:1f:41:44:4c:fc:bb:
8f:7e:7e:30:64:05:9d:a9:ca:65:4d:ce:75:9e:83:
7a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:6C:90:56:45:29:BB:7C:43:65:14:19:4C:A3:61:17:04:8A:6B:8A
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214022.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:8b5::/48
Signature Algorithm: sha256WithRSAEncryption
98:16:7b:d3:33:e7:8b:7c:1c:e7:d3:fe:12:2b:d9:5f:42:89:
32:76:30:64:91:ca:d0:de:bd:93:8c:4b:68:7a:1a:b5:61:13:
b8:ea:36:9b:99:a3:99:0a:b7:6c:0e:c5:0e:e0:4f:2c:50:a3:
18:71:29:46:0a:b5:d4:ed:3a:20:1d:34:a8:b4:7e:c4:ce:d7:
75:58:fa:4c:41:63:04:b7:dc:1d:51:45:75:e1:a4:4d:dd:50:
aa:f8:cf:9a:55:0d:90:5f:83:50:8f:b4:8a:ca:80:8a:ac:66:
de:30:8d:cf:8a:dd:21:28:1d:db:38:fb:ee:06:77:aa:d7:b0:
40:29:89:10:5d:34:d2:47:e6:32:97:61:ec:64:e6:d4:5a:7c:
61:80:6a:5e:32:be:9b:13:d9:e6:91:36:d1:1f:45:7d:4b:26:
d1:72:c7:a5:ee:ce:46:49:8e:04:f3:98:f4:75:55:0e:41:5b:
27:78:5e:fa:04:2b:fb:17:5e:16:cf:87:81:db:1e:e1:af:24:
96:a6:7f:b7:24:d2:51:60:cf:9d:d6:bd:01:b3:7e:29:d6:54:
0a:d9:91:7b:3f:06:0f:c6:f6:25:27:a7:8b:e5:1e:d7:a6:73:
37:59:d4:80:4a:37:35:04:97:91:5c:a3:5f:93:03:44:1a:5b:
29:8c:f7:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUUgQdhkmkbOZ3627tOU6xQB0bNSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTEwMDkxOTAyNTZaFw0yNjEwMDgxOTA3NTZaMDMxMTAvBgNV
BAMTKDY2NkM5MDU2NDUyOUJCN0M0MzY1MTQxOTRDQTM2MTE3MDQ4QTZCOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtPzsJWVXWluaf3dCiUGknmmVp
WHY1RaXavbrITzpBikXHNVzMZJiDRgQ2MPkdlVWD/VkYNxpS07cegm184jcRU55c
Ffq4A/34i60qs8H/UV2XVZwOO4rkUTkVdgzqpetS9i/FNCQBdCjN/MwvYINKZfOZ
GQVZzie7PaiP/tqin7Iq6krjPHZsHyqH2B+msIQi8D1cOS2iKeKqpvT6IY1vESdE
BC1tvma0OJCau4M9N7mSEVn8s8qxeiB6fY9PcHMP/f4u7XSbF6UvP2I9LWFTZM7w
Vw9+ViRFX0jkq1P6gY7oEEouZOIE5x9BREz8u49+fjBkBZ2pymVNznWeg3rVAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUZmyQVkUpu3xDZRQZTKNhFwSKa4owHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0MDIyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQi1MA0GCSqGSIb3DQEBCwUAA4IBAQCYFnvTM+eLfBzn0/4SK9lfQokydjBkkcrQ
3r2TjEtoehq1YRO46jabmaOZCrdsDsUO4E8sUKMYcSlGCrXU7TogHTSotH7Eztd1
WPpMQWMEt9wdUUV14aRN3VCq+M+aVQ2QX4NQj7SKyoCKrGbeMI3Pit0hKB3bOPvu
Bneq17BAKYkQXTTSR+Yyl2HsZObUWnxhgGpeMr6bE9nmkTbRH0V9SybRcsel7s5G
SY4E85j0dVUOQVsneF76BCv7F14Wz4eB2x7hrySWpn+3JNJRYM+d1r0Bs34p1lQK
2ZF7PwYPxvYlJ6eL5R7XpnM3WdSASjc1BJeRXKNfkwNEGlspjPcG
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:48:01 2025 by rpki-client