Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214205.roa
File: AS214205.roa (raw, json)
Hash identifier: WeHM5aGaRPwiwCAh1Rm6AvQ/WUbzLqVqXXumyZY7Glg=
Subject key identifier: 4F:93:96:79:78:50:16:CF:5C:6F:D5:7D:2F:2C:AE:1C:29:2B:A9:97
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 613201B043D2BF40248F920FF78EC20FA07A91EC
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214205.roa
Signing time: Tue 15 Apr 2025 00:48:02 +0000
ROA not before: Tue 15 Apr 2025 00:43:02 +0000
ROA not after: Tue 14 Apr 2026 00:48:02 +0000
asID: 214205
IP address blocks: 2a0f:85c1:8ba::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:32:01:b0:43:d2:bf:40:24:8f:92:0f:f7:8e:c2:0f:a0:7a:91:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Apr 15 00:43:02 2025 GMT
Not After : Apr 14 00:48:02 2026 GMT
Subject: CN=4F939679785016CF5C6FD57D2F2CAE1C292BA997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2b:ba:f9:c8:b1:6c:8a:65:07:4d:fb:59:e6:
2a:9e:39:4b:26:c9:68:d5:b6:fc:e6:95:19:0e:19:
ee:9a:08:52:69:90:37:2d:9a:0a:64:03:bb:46:3e:
a9:eb:59:94:c8:b5:0a:95:c8:e5:a4:76:2e:f3:b8:
e6:1a:56:a4:26:83:11:e8:05:94:0c:51:07:12:40:
97:32:da:47:70:3a:bd:26:60:10:25:19:56:cc:ac:
b4:c8:07:40:77:13:22:50:23:07:e2:f1:d4:44:e4:
a2:ac:de:31:83:1a:25:09:60:51:5e:71:0f:d5:27:
c3:e7:50:e3:8d:3c:53:0a:da:27:09:af:8c:5e:53:
5f:69:2b:2f:94:7d:12:9f:55:82:58:21:54:00:02:
72:c6:87:4c:87:a2:6f:42:4d:07:d0:c9:84:b8:5b:
55:99:30:d4:99:0c:ba:37:a2:0b:18:03:96:35:03:
cd:0f:e1:1c:7c:ee:2f:f6:6a:19:5b:46:b1:6f:25:
7e:d1:4a:0c:1b:30:5d:3a:c0:68:76:d2:6d:e9:75:
82:3a:46:3e:97:68:b9:cb:1f:df:3b:95:e4:09:1b:
10:b7:ee:38:49:24:08:d1:51:dd:3b:ae:a7:01:4f:
1e:22:bb:b2:40:52:b9:9d:bf:03:ad:9b:4c:16:ed:
e7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:93:96:79:78:50:16:CF:5C:6F:D5:7D:2F:2C:AE:1C:29:2B:A9:97
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214205.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:8ba::/48
Signature Algorithm: sha256WithRSAEncryption
24:ea:53:f7:e6:78:b2:64:01:9c:26:dd:64:4c:21:bb:f7:6a:
95:72:51:aa:de:b3:0a:2e:f7:1a:18:a6:e8:1b:8b:bb:f9:6f:
9e:73:6e:10:c7:2f:42:74:1b:6b:3a:17:2c:1a:3c:bc:58:f6:
5d:82:da:4f:b1:19:3c:cb:fb:42:d2:32:b8:2b:08:7e:eb:44:
05:49:23:cf:95:ca:f7:e8:79:ad:fe:69:c8:3c:4b:2b:c4:a7:
e0:66:4a:12:ca:b2:4f:6b:54:a3:b0:90:a3:9f:7a:78:7e:82:
ac:90:8a:4b:44:1f:92:ea:e3:c4:fa:36:8c:40:55:19:b6:44:
3a:52:db:11:5f:20:97:65:84:7f:f7:54:ba:24:fa:56:52:56:
7f:df:1d:eb:ed:4e:ae:9b:ae:4e:54:bc:50:58:ce:c8:ae:d8:
a5:44:45:ed:5c:fe:13:ca:d4:6a:35:ca:3c:a6:a5:74:0f:f2:
a7:2d:20:8d:b3:47:9b:dc:18:e2:d8:4f:87:42:7c:cd:fb:3c:
e0:cd:09:8a:de:25:13:13:7b:fc:c0:b5:30:76:75:34:ca:e5:
dc:ce:f1:50:8f:9e:39:3e:11:96:29:e0:53:dd:ea:15:24:d5:
d3:22:93:e1:f3:34:10:9f:a4:c8:fa:64:1f:e6:85:c1:dc:11:
f8:7d:61:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUYTIBsEPSv0Akj5IP947CD6B6kewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA0MTUwMDQzMDJaFw0yNjA0MTQwMDQ4MDJaMDMxMTAvBgNV
BAMTKDRGOTM5Njc5Nzg1MDE2Q0Y1QzZGRDU3RDJGMkNBRTFDMjkyQkE5OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLK7r5yLFsimUHTftZ5iqeOUsm
yWjVtvzmlRkOGe6aCFJpkDctmgpkA7tGPqnrWZTItQqVyOWkdi7zuOYaVqQmgxHo
BZQMUQcSQJcy2kdwOr0mYBAlGVbMrLTIB0B3EyJQIwfi8dRE5KKs3jGDGiUJYFFe
cQ/VJ8PnUOONPFMK2icJr4xeU19pKy+UfRKfVYJYIVQAAnLGh0yHom9CTQfQyYS4
W1WZMNSZDLo3ogsYA5Y1A80P4Rx87i/2ahlbRrFvJX7RSgwbMF06wGh20m3pdYI6
Rj6XaLnLH987leQJGxC37jhJJAjRUd07rqcBTx4iu7JAUrmdvwOtm0wW7edBAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUT5OWeXhQFs9cb9V9LyyuHCkrqZcwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0MjA1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQi6MA0GCSqGSIb3DQEBCwUAA4IBAQAk6lP35niyZAGcJt1kTCG792qVclGq3rMK
LvcaGKboG4u7+W+ec24Qxy9CdBtrOhcsGjy8WPZdgtpPsRk8y/tC0jK4Kwh+60QF
SSPPlcr36Hmt/mnIPEsrxKfgZkoSyrJPa1SjsJCjn3p4foKskIpLRB+S6uPE+jaM
QFUZtkQ6UtsRXyCXZYR/91S6JPpWUlZ/3x3r7U6um65OVLxQWM7IrtilREXtXP4T
ytRqNco8pqV0D/KnLSCNs0eb3Bji2E+HQnzN+zzgzQmK3iUTE3v8wLUwdnU0yuXc
zvFQj545PhGWKeBT3eoVJNXTIpPh8zQQn6TI+mQf5oXB3BH4fWFD
-----END CERTIFICATE-----
Generated at Fri May 9 18:08:09 2025 by rpki-client