Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS213413.roa
File: AS213413.roa (raw, json)
Hash identifier: VeQuDhvoDj54xMuiWpwG0tu8roxg05BCUUciWoXj4ps=
Subject key identifier: 9A:B8:DD:41:83:A6:AD:2C:BF:C5:AD:3E:1F:0D:B9:2B:5B:56:61:D3
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 6F52DE93B7440591A5A1EDEA9C740B9DFEAABED4
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS213413.roa
Signing time: Thu 07 May 2026 19:45:50 +0000
ROA not before: Thu 07 May 2026 19:40:50 +0000
ROA not after: Thu 06 May 2027 19:45:50 +0000
asID: 213413
IP address blocks: 2a14:7580:5000::/36 maxlen: 36
2a14:7580:5200::/40 maxlen: 40
2a14:7580:5300::/40 maxlen: 40
2a14:7580:5400::/40 maxlen: 40
2a14:7580:5500::/40 maxlen: 40
2a14:7580:5600::/40 maxlen: 40
2a14:7584:2000::/36 maxlen: 48
2a14:7585::/32 maxlen: 32
2a14:7585:8000::/44 maxlen: 44
2a14:7587::/32 maxlen: 32
2a14:7587:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:52:de:93:b7:44:05:91:a5:a1:ed:ea:9c:74:0b:9d:fe:aa:be:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 7 19:40:50 2026 GMT
Not After : May 6 19:45:50 2027 GMT
Subject: CN=9AB8DD4183A6AD2CBFC5AD3E1F0DB92B5B5661D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c6:04:c3:4a:ac:6f:24:d4:a1:bb:33:05:93:
ff:94:f7:57:eb:40:7d:1b:ce:d3:36:50:a9:1c:87:
34:85:69:d8:91:a1:f8:59:ce:bb:af:3b:80:a4:e8:
c4:66:d1:d9:71:2b:07:92:d2:cb:b3:54:87:16:84:
25:b0:78:ad:24:85:eb:3e:2c:18:63:c6:1d:51:20:
d4:03:93:d8:83:d8:ff:45:71:53:4c:47:2c:0b:ee:
fc:f3:10:4c:29:69:0e:93:e7:d9:e3:4b:8e:ee:2b:
c5:ed:bc:1b:3f:de:90:5f:4f:f9:8a:64:ea:1a:c6:
20:8f:a8:3b:97:92:bf:85:b5:47:b3:0b:b7:b3:b3:
a5:b7:86:19:3e:3d:ac:26:65:8a:7f:fa:c0:88:1a:
4e:0c:d3:9d:00:da:db:cd:4e:08:64:6c:aa:50:4f:
43:8e:f0:36:47:cd:10:ba:31:3c:e7:de:a5:ae:d1:
1d:6b:e0:50:39:71:0f:f5:45:37:45:b2:96:3c:ef:
69:5a:7e:32:28:f9:22:4d:06:b8:1e:34:0d:49:85:
65:4e:29:ec:2b:87:b3:4a:db:c9:11:9e:bd:83:d4:
b4:3c:94:00:dd:5b:e8:56:ab:21:cd:5f:a9:c2:1e:
21:c7:95:9b:45:95:99:1c:73:4d:2d:c1:17:b6:01:
4e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B8:DD:41:83:A6:AD:2C:BF:C5:AD:3E:1F:0D:B9:2B:5B:56:61:D3
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS213413.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:5000::/36
2a14:7584:2000::/36
2a14:7585::/32
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
7d:9a:29:c9:9f:9a:9d:03:22:9f:d0:87:0c:9e:fa:6b:93:ab:
4a:95:a2:c5:22:82:f0:7a:a8:38:8a:87:30:f5:ac:c3:01:67:
2b:87:e1:d7:b1:7b:39:b0:e8:20:e4:7d:2c:c5:b3:2e:19:e0:
0f:69:fe:3f:6a:ba:2b:e0:b4:aa:ee:90:de:71:60:43:97:ce:
e1:a5:50:c5:14:41:33:6f:ef:54:e8:16:c0:46:65:77:d4:da:
de:78:96:f7:c9:7e:8d:0a:ff:aa:29:d3:f5:fb:05:f1:92:0a:
e3:a4:66:46:3a:8e:a6:82:c7:6e:e7:67:69:c8:66:06:39:26:
c3:63:e6:78:c7:6a:03:4a:42:2b:c7:14:42:bc:d3:88:c0:55:
9b:bb:ef:26:75:3c:88:c7:29:3f:e2:25:3e:df:33:76:2c:95:
3f:8d:c8:d9:17:c5:72:e2:3f:61:cc:f9:27:c5:88:99:58:b2:
d7:6b:4b:ba:d5:15:63:5f:6f:df:cd:45:40:4a:f8:82:9a:36:
29:67:eb:84:1f:0f:0f:c5:36:b2:2b:19:ac:95:a7:c6:cc:f2:
5f:e4:3d:c6:be:3c:9f:37:c2:45:7a:65:d8:e7:a5:3b:6c:95:
ea:14:ba:9b:43:62:6e:5c:dc:25:c8:82:a7:69:73:2f:57:15:
bc:1f:52:33
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUb1Lek7dEBZGloe3qnHQLnf6qvtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MDcxOTQwNTBaFw0yNzA1MDYxOTQ1NTBaMDMxMTAvBgNV
BAMTKDlBQjhERDQxODNBNkFEMkNCRkM1QUQzRTFGMERCOTJCNUI1NjYxRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3xgTDSqxvJNShuzMFk/+U91fr
QH0bztM2UKkchzSFadiRofhZzruvO4Ck6MRm0dlxKweS0suzVIcWhCWweK0khes+
LBhjxh1RINQDk9iD2P9FcVNMRywL7vzzEEwpaQ6T59njS47uK8XtvBs/3pBfT/mK
ZOoaxiCPqDuXkr+FtUezC7ezs6W3hhk+PawmZYp/+sCIGk4M050A2tvNTghkbKpQ
T0OO8DZHzRC6MTzn3qWu0R1r4FA5cQ/1RTdFspY872lafjIo+SJNBrgeNA1JhWVO
Kewrh7NK28kRnr2D1LQ8lADdW+hWqyHNX6nCHiHHlZtFlZkcc00twRe2AU7lAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUmrjdQYOmrSy/xa0+Hw25K1tWYdMwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjEzNDEzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwYEKhR1
gFADBgQqFHWEIAMFACoUdYUDBQAqFHWHMA0GCSqGSIb3DQEBCwUAA4IBAQB9minJ
n5qdAyKf0IcMnvprk6tKlaLFIoLweqg4iocw9azDAWcrh+HXsXs5sOgg5H0sxbMu
GeAPaf4/aror4LSq7pDecWBDl87hpVDFFEEzb+9U6BbARmV31NreeJb3yX6NCv+q
KdP1+wXxkgrjpGZGOo6mgsdu52dpyGYGOSbDY+Z4x2oDSkIrxxRCvNOIwFWbu+8m
dTyIxyk/4iU+3zN2LJU/jcjZF8Vy4j9hzPknxYiZWLLXa0u61RVjX2/fzUVASviC
mjYpZ+uEHw8PxTayKxmslafGzPJf5D3GvjyfN8JFemXY56U7bJXqFLqbQ2JuXNwl
yIKnaXMvVxW8H1Iz
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:33 2026 by rpki-client