Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214299.roa
File: AS214299.roa (raw, json)
Hash identifier: 0rUXQ5O1VYDbo2tPSU0aV++GGdpnk+0kVNuOeRAirbc=
Subject key identifier: 5D:DB:78:81:E0:16:CB:4B:B1:02:B4:BC:A2:59:93:0E:A6:AB:44:7C
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 619E1E14E58AFF43D56C1E5662E93E5BDB0518AE
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214299.roa
Signing time: Tue 19 Aug 2025 05:07:49 +0000
ROA not before: Tue 19 Aug 2025 05:02:49 +0000
ROA not after: Tue 18 Aug 2026 05:07:49 +0000
asID: 214299
IP address blocks: 2a0f:85c1:895::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:9e:1e:14:e5:8a:ff:43:d5:6c:1e:56:62:e9:3e:5b:db:05:18:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 19 05:02:49 2025 GMT
Not After : Aug 18 05:07:49 2026 GMT
Subject: CN=5DDB7881E016CB4BB102B4BCA259930EA6AB447C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:97:8d:bc:72:e2:6a:ac:1b:63:4c:88:b9:95:
9d:a6:d8:ef:9d:64:6c:ef:04:18:91:fe:6e:b2:e5:
b2:91:e1:d3:7b:76:a5:c8:a7:52:09:fd:f5:08:9c:
04:1f:52:a7:d1:f1:49:34:83:dd:88:32:c5:be:d2:
f5:38:c9:b5:30:c5:36:f1:c7:2e:c8:f9:90:07:87:
05:71:16:59:c1:b6:3d:f9:55:64:0a:3a:ad:d7:60:
ad:d7:70:9f:cf:16:69:65:d2:69:2d:d9:5b:80:b4:
80:c4:08:5d:24:b1:7a:f2:dc:e3:34:61:24:6f:83:
f6:2b:13:e0:88:f3:37:dd:70:45:19:61:46:6f:02:
fd:50:68:d6:c3:69:e1:ef:87:5f:05:4e:ca:b2:be:
ce:7c:31:52:9b:46:8e:05:4e:21:26:3b:38:44:f4:
52:fb:74:99:65:cb:d1:22:fa:f3:23:9b:e6:3d:3c:
0b:2e:83:aa:d9:29:b0:a3:78:54:69:b9:4b:d3:6b:
75:88:52:8b:c3:67:36:dc:a9:62:4b:37:d9:d1:0e:
bf:8c:ab:d6:86:e1:1e:fa:e5:af:84:5b:10:aa:4a:
f5:8d:c6:82:d2:61:cd:23:0e:e0:3a:27:aa:35:ca:
4f:fb:2a:ae:89:7f:f9:73:fd:4a:6a:0a:6b:f6:35:
1e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DB:78:81:E0:16:CB:4B:B1:02:B4:BC:A2:59:93:0E:A6:AB:44:7C
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214299.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:895::/48
Signature Algorithm: sha256WithRSAEncryption
b1:cb:6e:fd:12:5e:c8:fc:03:fd:22:85:5f:44:60:99:b0:77:
d7:ad:c6:20:03:fe:55:ff:ed:75:e8:d1:3d:8b:ea:51:38:e8:
eb:7a:42:24:44:eb:b4:5e:07:14:f7:63:ae:02:e1:d7:6d:88:
7a:30:af:52:d7:82:d6:83:d4:a6:54:bf:9b:b5:3c:d3:76:3a:
e6:ad:e5:03:ef:d5:60:b0:67:34:7b:f7:a7:11:49:24:40:b4:
44:f5:17:28:c6:af:d4:00:13:47:64:08:71:cc:75:ec:3c:06:
00:6e:09:3d:43:13:4d:27:18:aa:d4:59:c2:48:bb:71:95:89:
a5:7b:7b:7d:9d:2e:47:08:95:60:19:e6:22:cc:2e:0f:d9:c4:
34:18:ff:de:b4:45:38:05:11:d8:0a:f1:97:1a:2d:51:af:c9:
a1:a9:c3:af:4f:72:95:96:21:57:28:9a:0d:14:28:31:54:38:
56:95:c3:8c:ae:1e:09:31:19:b8:c4:42:e2:48:2b:03:c9:c5:
19:d6:2c:d1:b9:7f:56:8d:f6:cd:2a:6e:8d:88:41:51:32:26:
e8:2e:ad:80:fe:ab:26:cc:58:f7:61:b3:0b:e6:bd:e1:b8:ef:
91:7f:35:b9:c5:ce:b2:42:3e:5b:f9:4c:dd:13:70:b6:44:85:
a7:31:1f:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUYZ4eFOWK/0PVbB5WYuk+W9sFGK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA4MTkwNTAyNDlaFw0yNjA4MTgwNTA3NDlaMDMxMTAvBgNV
BAMTKDVEREI3ODgxRTAxNkNCNEJCMTAyQjRCQ0EyNTk5MzBFQTZBQjQ0N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvl428cuJqrBtjTIi5lZ2m2O+d
ZGzvBBiR/m6y5bKR4dN7dqXIp1IJ/fUInAQfUqfR8Uk0g92IMsW+0vU4ybUwxTbx
xy7I+ZAHhwVxFlnBtj35VWQKOq3XYK3XcJ/PFmll0mkt2VuAtIDECF0ksXry3OM0
YSRvg/YrE+CI8zfdcEUZYUZvAv1QaNbDaeHvh18FTsqyvs58MVKbRo4FTiEmOzhE
9FL7dJlly9Ei+vMjm+Y9PAsug6rZKbCjeFRpuUvTa3WIUovDZzbcqWJLN9nRDr+M
q9aG4R765a+EWxCqSvWNxoLSYc0jDuA6J6o1yk/7Kq6Jf/lz/UpqCmv2NR5/AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUXdt4geAWy0uxArS8olmTDqarRHwwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0Mjk5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQiVMA0GCSqGSIb3DQEBCwUAA4IBAQCxy279El7I/AP9IoVfRGCZsHfXrcYgA/5V
/+116NE9i+pROOjrekIkROu0XgcU92OuAuHXbYh6MK9S14LWg9SmVL+btTzTdjrm
reUD79VgsGc0e/enEUkkQLRE9Rcoxq/UABNHZAhxzHXsPAYAbgk9QxNNJxiq1FnC
SLtxlYmle3t9nS5HCJVgGeYizC4P2cQ0GP/etEU4BRHYCvGXGi1Rr8mhqcOvT3KV
liFXKJoNFCgxVDhWlcOMrh4JMRm4xELiSCsDycUZ1izRuX9WjfbNKm6NiEFRMibo
Lq2A/qsmzFj3YbML5r3huO+RfzW5xc6yQj5b+UzdE3C2RIWnMR9T
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:03:18 2025 by rpki-client