Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS211851.roa
File: AS211851.roa (raw, json)
Hash identifier: ErEjYfWs+aO5MckcQHTZruGPuKSwJrXTU9uxee3Y33w=
Subject key identifier: 09:9F:CE:A1:EB:8C:DD:02:CD:DE:E2:BF:D9:9E:96:64:C8:25:84:A1
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 696163858B2CC2F397B533B85B83D9123064F669
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS211851.roa
Signing time: Wed 10 Sep 2025 18:18:55 +0000
ROA not before: Wed 10 Sep 2025 18:13:55 +0000
ROA not after: Wed 09 Sep 2026 18:18:55 +0000
asID: 211851
IP address blocks: 37.221.76.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:54:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:61:63:85:8b:2c:c2:f3:97:b5:33:b8:5b:83:d9:12:30:64:f6:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Sep 10 18:13:55 2025 GMT
Not After : Sep 9 18:18:55 2026 GMT
Subject: CN=099FCEA1EB8CDD02CDDEE2BFD99E9664C82584A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:35:d4:3c:8e:cf:87:61:7f:b1:8d:66:dc:97:
06:5e:7d:bb:af:df:9d:03:28:09:55:59:5e:c5:ce:
3f:ab:b6:0e:30:32:10:16:e9:e7:3c:f0:c0:34:f3:
49:7e:24:f0:73:94:96:1e:a2:03:5d:f8:56:f9:7d:
5b:d3:82:bc:0d:48:f1:56:61:ef:94:7c:81:01:c2:
d9:3a:d0:45:dc:33:3e:8f:8c:19:c4:26:0f:09:0f:
fc:df:a0:66:23:7a:46:1b:cd:26:21:b7:8b:c7:ef:
84:47:0e:56:89:77:fe:b7:de:e8:19:4c:cc:14:66:
23:df:aa:d2:9f:54:23:9e:ff:6d:de:75:16:d3:9b:
46:61:df:7c:9d:bb:28:9f:be:25:0b:c5:31:64:17:
9a:89:59:29:f8:9d:5e:cd:0b:b0:62:1c:5e:7f:87:
e1:79:f0:79:71:cc:4b:4d:89:50:d4:e6:d8:ec:0a:
1d:4b:f3:45:19:65:3f:bf:55:bf:5d:33:c0:ef:65:
a3:79:f2:ab:2a:c6:ba:29:72:43:5e:9f:e5:cb:f6:
e3:5e:e2:5f:67:27:a5:91:f7:0c:e4:67:80:2b:65:
fd:07:3e:8b:05:c4:59:f8:7c:c2:e7:22:34:fe:f8:
1a:91:b7:f8:96:ea:25:e7:ee:ec:7b:3e:11:da:24:
af:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9F:CE:A1:EB:8C:DD:02:CD:DE:E2:BF:D9:9E:96:64:C8:25:84:A1
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS211851.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.76.0/23
Signature Algorithm: sha256WithRSAEncryption
68:13:56:20:4a:b3:57:a1:26:71:43:26:3b:32:e6:29:a8:15:
8b:a5:0d:16:2b:24:59:a1:fd:b9:f6:f9:8c:ca:59:79:4d:a0:
22:09:cb:32:bd:65:6a:be:b5:1f:b3:9f:00:e3:9a:ae:31:13:
10:a2:68:db:a1:34:e4:5d:e6:d3:e3:20:be:d9:09:f0:f8:a2:
51:cb:ff:7d:e3:c5:80:6d:31:2f:62:58:7a:3a:8d:89:57:27:
c1:25:07:14:a7:e4:f6:63:57:13:3e:81:f1:50:a2:eb:a4:bd:
9c:a3:78:6a:87:c7:0f:a8:0c:e0:c4:e8:d8:19:82:d4:a3:63:
b7:b3:69:4b:9c:d6:92:28:8d:73:eb:d1:94:66:81:5c:3a:e2:
42:e7:43:90:3f:6a:ed:f4:2a:1b:0a:75:95:a6:fc:00:65:bc:
0e:d2:5e:3b:b6:14:16:d6:e1:f4:16:39:eb:a5:2d:38:ac:dc:
30:2c:52:bc:99:3f:be:3e:97:03:bc:fa:f7:7e:ad:f0:82:c8:
ac:de:a9:97:f8:28:34:13:93:5b:f2:37:de:08:02:88:35:79:
b4:f5:a4:e5:ca:ac:7a:31:62:cf:8b:ed:81:88:93:d2:d4:35:
46:76:b3:6e:8a:ad:76:f8:dd:f0:31:b3:bc:fc:bb:15:07:7b:
b4:af:bc:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUaWFjhYsswvOXtTO4W4PZEjBk9mkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA5MTAxODEzNTVaFw0yNjA5MDkxODE4NTVaMDMxMTAvBgNV
BAMTKDA5OUZDRUExRUI4Q0REMDJDRERFRTJCRkQ5OUU5NjY0QzgyNTg0QTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwNdQ8js+HYX+xjWbclwZefbuv
350DKAlVWV7Fzj+rtg4wMhAW6ec88MA080l+JPBzlJYeogNd+Fb5fVvTgrwNSPFW
Ye+UfIEBwtk60EXcMz6PjBnEJg8JD/zfoGYjekYbzSYht4vH74RHDlaJd/633ugZ
TMwUZiPfqtKfVCOe/23edRbTm0Zh33yduyifviULxTFkF5qJWSn4nV7NC7BiHF5/
h+F58HlxzEtNiVDU5tjsCh1L80UZZT+/Vb9dM8DvZaN58qsqxropckNen+XL9uNe
4l9nJ6WR9wzkZ4ArZf0HPosFxFn4fMLnIjT++BqRt/iW6iXn7ux7PhHaJK/vAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUCZ/OoeuM3QLN3uK/2Z6WZMglhKEwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjExODUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJd1M
MA0GCSqGSIb3DQEBCwUAA4IBAQBoE1YgSrNXoSZxQyY7MuYpqBWLpQ0WKyRZof25
9vmMyll5TaAiCcsyvWVqvrUfs58A45quMRMQomjboTTkXebT4yC+2Qnw+KJRy/99
48WAbTEvYlh6Oo2JVyfBJQcUp+T2Y1cTPoHxUKLrpL2co3hqh8cPqAzgxOjYGYLU
o2O3s2lLnNaSKI1z69GUZoFcOuJC50OQP2rt9CobCnWVpvwAZbwO0l47thQW1uH0
FjnrpS04rNwwLFK8mT++PpcDvPr3fq3wgsis3qmX+Cg0E5Nb8jfeCAKINXm09aTl
yqx6MWLPi+2BiJPS1DVGdrNuiq12+N3wMbO8/LsVB3u0r7y/
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:14 2025 by rpki-client