Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS212219.roa
File: AS212219.roa (raw, json)
Hash identifier: rkWsAwQltXhDIw+SE6p7sSeCSrYRKrGTrX5n5WM+GhA=
Subject key identifier: 8C:1C:A0:F7:1C:2C:E5:54:F9:84:26:DF:27:B8:45:16:29:75:A9:7B
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 285460C70B819A7F60E5243F1E729241B38F0A41
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS212219.roa
Signing time: Fri 19 Sep 2025 19:22:18 +0000
ROA not before: Fri 19 Sep 2025 19:17:18 +0000
ROA not after: Fri 18 Sep 2026 19:22:18 +0000
asID: 212219
IP address blocks: 5.133.102.0/24 maxlen: 24
5.133.103.0/24 maxlen: 24
92.249.61.0/24 maxlen: 24
176.96.131.0/24 maxlen: 24
193.111.77.0/24 maxlen: 24
193.111.78.0/24 maxlen: 24
217.18.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:54:60:c7:0b:81:9a:7f:60:e5:24:3f:1e:72:92:41:b3:8f:0a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Sep 19 19:17:18 2025 GMT
Not After : Sep 18 19:22:18 2026 GMT
Subject: CN=8C1CA0F71C2CE554F98426DF27B845162975A97B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c5:7e:e1:ae:df:be:f9:7a:7c:87:a6:cb:fa:
4b:97:66:96:36:5a:c0:72:cb:03:fc:b9:a2:24:a7:
70:10:94:66:2f:4d:d7:52:2e:89:13:60:85:a3:14:
56:60:a0:fc:23:c8:a3:84:3c:a9:21:8a:02:8d:eb:
47:da:30:21:bf:85:8f:f9:f0:72:37:be:f3:54:83:
a2:c3:b7:fd:22:e9:e8:4e:39:40:7c:91:d4:9a:09:
95:30:91:6e:88:1d:49:27:62:9a:98:89:22:44:7f:
4b:f4:10:4a:15:67:64:94:18:68:37:86:00:f3:e3:
34:cd:cb:d7:4c:2f:4f:54:24:32:66:18:92:d8:63:
a0:67:a8:c4:01:60:65:e1:ca:e5:e5:97:d4:79:df:
a7:b7:49:6d:f9:11:5f:93:38:67:08:a7:52:05:7a:
06:cd:38:61:a7:65:a6:c9:04:d0:64:fa:72:04:5d:
9d:d2:bf:20:2c:f9:9f:f9:fe:79:9c:5f:f5:f6:69:
06:4e:c7:f4:f8:d9:71:39:ed:f3:52:3f:46:f6:cc:
29:d8:91:c0:9f:e9:d8:d5:95:d2:45:37:86:b3:23:
25:ab:2f:c6:36:9b:f9:33:73:0f:8d:53:1f:9f:9d:
65:7b:8b:16:06:80:10:be:21:d8:d1:43:e4:37:d2:
cf:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:1C:A0:F7:1C:2C:E5:54:F9:84:26:DF:27:B8:45:16:29:75:A9:7B
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS212219.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.102.0/23
92.249.61.0/24
176.96.131.0/24
193.111.77.0-193.111.78.255
217.18.210.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:2a:85:61:e7:80:09:6a:7f:32:38:9f:15:13:93:41:a2:68:
68:ed:60:33:42:b8:f4:1a:44:57:16:82:e3:ae:99:6a:3e:80:
f3:d1:fd:61:25:2c:99:a0:da:89:15:f3:dd:55:b7:f4:20:f8:
e8:26:3d:73:c8:53:6e:a9:eb:fc:97:3f:f6:3d:c2:73:22:36:
be:92:6a:2d:7e:23:cf:0e:73:fb:0d:03:af:4b:45:05:a7:ce:
26:99:ac:63:b3:c0:ff:8c:5a:89:88:dd:3b:aa:f5:be:88:fe:
a4:38:be:c5:0e:1f:9d:5d:f7:da:2c:28:ec:89:a9:9e:33:51:
c1:c3:07:bc:22:c4:e9:b0:8e:9a:af:8c:d0:ee:b5:ef:b0:49:
38:d4:dc:62:6e:2c:36:cb:26:63:b5:79:97:90:e2:16:1c:50:
58:7c:93:38:e4:f8:59:2d:a2:63:ce:da:da:bb:7f:7f:3e:1c:
94:3e:4d:41:3f:8b:14:d2:28:2a:6d:15:8e:e0:85:51:3d:c9:
e7:bd:e5:16:80:a6:c0:12:b0:a5:7a:01:5a:c7:12:50:7f:da:
64:0b:ce:fc:d6:9c:54:6b:28:09:70:e4:91:64:25:78:32:d4:
95:47:ea:23:4c:56:81:37:1d:3b:cc:14:cc:41:b4:42:d6:47:
ab:f0:65:58
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUKFRgxwuBmn9g5SQ/HnKSQbOPCkEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA5MTkxOTE3MThaFw0yNjA5MTgxOTIyMThaMDMxMTAvBgNV
BAMTKDhDMUNBMEY3MUMyQ0U1NTRGOTg0MjZERjI3Qjg0NTE2Mjk3NUE5N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkxX7hrt+++Xp8h6bL+kuXZpY2
WsByywP8uaIkp3AQlGYvTddSLokTYIWjFFZgoPwjyKOEPKkhigKN60faMCG/hY/5
8HI3vvNUg6LDt/0i6ehOOUB8kdSaCZUwkW6IHUknYpqYiSJEf0v0EEoVZ2SUGGg3
hgDz4zTNy9dML09UJDJmGJLYY6BnqMQBYGXhyuXll9R536e3SW35EV+TOGcIp1IF
egbNOGGnZabJBNBk+nIEXZ3SvyAs+Z/5/nmcX/X2aQZOx/T42XE57fNSP0b2zCnY
kcCf6djVldJFN4azIyWrL8Y2m/kzcw+NUx+fnWV7ixYGgBC+IdjRQ+Q30s+RAgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQUjByg9xws5VT5hCbfJ7hFFil1qXswHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjEyMjE5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBBYVm
AwQAXPk9AwQAsGCDMAwDBADBb00DBADBb04DBADZEtIwDQYJKoZIhvcNAQELBQAD
ggEBABoqhWHngAlqfzI4nxUTk0GiaGjtYDNCuPQaRFcWguOumWo+gPPR/WElLJmg
2okV891Vt/Qg+OgmPXPIU26p6/yXP/Y9wnMiNr6Sai1+I88Oc/sNA69LRQWnziaZ
rGOzwP+MWomI3Tuq9b6I/qQ4vsUOH51d99osKOyJqZ4zUcHDB7wixOmwjpqvjNDu
te+wSTjU3GJuLDbLJmO1eZeQ4hYcUFh8kzjk+FktomPO2tq7f38+HJQ+TUE/ixTS
KCptFY7ghVE9yee95RaApsASsKV6AVrHElB/2mQLzvzWnFRrKAlw5JFkJXgy1JVH
6iNMVoE3HTvMFMxBtELWR6vwZVg=
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:34:48 2025 by rpki-client