
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214372.roa
File: AS214372.roa (raw, json)
Hash identifier: nr15eM1WGwVAdUOBEY0GmeIakpJYSYEyBbSbpko2gww=
Subject key identifier: 43:01:BC:FF:F2:F2:85:DB:D8:EB:22:2F:9F:FA:47:F1:39:3A:B3:CD
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 44AFE702D9EE11FEB1405B0CC8845BA5AA3D463C
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214372.roa
Signing time: Tue 19 Aug 2025 05:07:49 +0000
ROA not before: Tue 19 Aug 2025 05:02:49 +0000
ROA not after: Tue 18 Aug 2026 05:07:49 +0000
asID: 214372
IP address blocks: 2a0f:85c1:884::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:af:e7:02:d9:ee:11:fe:b1:40:5b:0c:c8:84:5b:a5:aa:3d:46:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 19 05:02:49 2025 GMT
Not After : Aug 18 05:07:49 2026 GMT
Subject: CN=4301BCFFF2F285DBD8EB222F9FFA47F1393AB3CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:93:51:72:1c:72:45:9d:f1:5a:e7:8a:29:c8:
02:ea:62:6e:38:cd:0f:2c:d9:04:4e:6e:0f:cc:43:
c7:da:99:d6:ee:56:73:e1:85:7e:b8:f8:ff:32:7f:
5d:c9:82:d0:c9:20:93:74:40:19:c5:27:d1:2a:ff:
6b:2c:20:fd:80:3c:66:f6:fe:ac:4d:e3:86:a6:f5:
ba:46:32:a1:26:6b:59:ed:4c:77:df:9a:e7:fa:66:
72:ab:67:2a:d6:a0:4a:e6:6c:a2:88:f4:6b:92:79:
88:81:62:55:f6:1a:50:cf:65:df:54:f1:17:45:d0:
1e:55:61:3a:08:26:de:c4:af:67:52:ed:68:00:89:
61:ca:69:9e:42:4c:da:43:9a:fb:92:da:66:79:62:
f1:a3:db:50:c3:38:03:11:bc:5e:a1:8e:73:0d:71:
06:6d:23:ef:74:3e:1a:fa:32:6a:e6:58:f1:90:91:
eb:53:cd:c5:1d:d4:e9:00:79:f5:0a:5b:a7:a7:0e:
91:43:c2:5f:39:e3:92:bb:9c:88:e4:43:7b:29:46:
f2:44:b2:cc:51:88:b6:92:1f:48:8b:14:59:24:e9:
34:fc:0c:b1:14:89:dd:34:6e:8a:7a:30:d4:ad:39:
89:bf:9a:4e:4c:23:de:dc:2e:e8:80:72:e3:b6:77:
37:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:01:BC:FF:F2:F2:85:DB:D8:EB:22:2F:9F:FA:47:F1:39:3A:B3:CD
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214372.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:884::/48
Signature Algorithm: sha256WithRSAEncryption
5a:4f:a4:da:93:8e:42:e7:4d:6b:48:85:f3:3c:74:1d:ce:d2:
d4:47:8c:96:8e:b9:63:7d:f0:19:01:d7:e0:67:7f:f6:68:da:
c5:93:02:52:53:55:89:07:f5:b1:d5:5b:9f:47:15:f4:4b:71:
d2:b4:89:41:60:5b:cc:95:fe:be:a3:3e:59:d6:4a:f6:7b:fe:
ad:5e:51:73:41:bb:b6:e4:65:c3:dc:e3:50:96:98:a9:8d:a4:
96:c6:17:39:c7:85:78:b5:61:aa:e0:b1:f6:7e:24:75:df:ca:
53:2c:ce:a1:45:2e:41:ef:b6:fe:fd:56:47:4b:dc:70:a1:73:
64:cd:e9:03:66:e0:0e:00:d3:26:cf:bc:7a:f6:b1:ea:4d:e1:
91:34:de:a9:c8:4e:a0:12:c7:e6:b8:6e:07:4f:1f:d1:6a:10:
dd:df:d8:21:a9:97:b9:9b:80:db:49:e7:a0:48:82:44:bd:2c:
9c:0a:41:4f:fc:ff:64:00:92:33:09:1d:1b:2c:35:07:6c:9c:
2c:c3:44:a0:d7:f5:cd:20:c8:75:94:cc:e1:38:9a:36:64:24:
47:23:1a:dc:ae:ca:43:9c:e1:be:97:f1:0d:4a:42:ce:04:13:
50:6c:2f:ef:96:31:da:4f:b8:54:0c:20:bd:20:0c:ea:e9:a4:
78:e2:8a:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIURK/nAtnuEf6xQFsMyIRbpao9RjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA4MTkwNTAyNDlaFw0yNjA4MTgwNTA3NDlaMDMxMTAvBgNV
BAMTKDQzMDFCQ0ZGRjJGMjg1REJEOEVCMjIyRjlGRkE0N0YxMzkzQUIzQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGk1FyHHJFnfFa54opyALqYm44
zQ8s2QRObg/MQ8famdbuVnPhhX64+P8yf13JgtDJIJN0QBnFJ9Eq/2ssIP2APGb2
/qxN44am9bpGMqEma1ntTHffmuf6ZnKrZyrWoErmbKKI9GuSeYiBYlX2GlDPZd9U
8RdF0B5VYToIJt7Er2dS7WgAiWHKaZ5CTNpDmvuS2mZ5YvGj21DDOAMRvF6hjnMN
cQZtI+90Phr6MmrmWPGQketTzcUd1OkAefUKW6enDpFDwl8545K7nIjkQ3spRvJE
ssxRiLaSH0iLFFkk6TT8DLEUid00bop6MNStOYm/mk5MI97cLuiAcuO2dzehAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUQwG8//LyhdvY6yIvn/pH8Tk6s80wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0MzcyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQiEMA0GCSqGSIb3DQEBCwUAA4IBAQBaT6Tak45C501rSIXzPHQdztLUR4yWjrlj
ffAZAdfgZ3/2aNrFkwJSU1WJB/Wx1VufRxX0S3HStIlBYFvMlf6+oz5Z1kr2e/6t
XlFzQbu25GXD3ONQlpipjaSWxhc5x4V4tWGq4LH2fiR138pTLM6hRS5B77b+/VZH
S9xwoXNkzekDZuAOANMmz7x69rHqTeGRNN6pyE6gEsfmuG4HTx/RahDd39ghqZe5
m4DbSeegSIJEvSycCkFP/P9kAJIzCR0bLDUHbJwsw0Sg1/XNIMh1lMzhOJo2ZCRH
IxrcrspDnOG+l/ENSkLOBBNQbC/vljHaT7hUDCC9IAzq6aR44ooR
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:57:05 2025 by rpki-client