Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS212219.roa
File: AS212219.roa (raw, json)
Hash identifier: bN1ijLtTWdQbuPQMMHNueIZqDv9/5SZ8lrPjW46VfkY=
Subject key identifier: 4D:A1:9E:1F:E0:CA:B3:8D:80:3B:23:B9:8F:24:08:5B:24:C3:E9:4C
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 7A5EEB524F44F04AF85BBAB63E7E7DD22B1C2CC9
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS212219.roa
Signing time: Wed 30 Apr 2025 09:19:39 +0000
ROA not before: Wed 30 Apr 2025 09:14:39 +0000
ROA not after: Wed 29 Apr 2026 09:19:39 +0000
asID: 212219
IP address blocks: 5.133.102.0/24 maxlen: 24
5.133.103.0/24 maxlen: 24
92.249.61.0/24 maxlen: 24
176.96.131.0/24 maxlen: 24
193.111.77.0/24 maxlen: 24
193.111.78.0/24 maxlen: 24
217.18.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 09:41:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:5e:eb:52:4f:44:f0:4a:f8:5b:ba:b6:3e:7e:7d:d2:2b:1c:2c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Apr 30 09:14:39 2025 GMT
Not After : Apr 29 09:19:39 2026 GMT
Subject: CN=4DA19E1FE0CAB38D803B23B98F24085B24C3E94C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:af:bd:69:02:1c:ea:5b:fe:6c:3a:27:85:20:
c6:d7:65:88:4e:c7:ee:00:7d:a6:2c:8d:b4:c4:83:
b2:15:d7:6e:41:1a:5e:f4:9a:58:90:ef:c3:f4:f4:
85:37:26:01:1f:36:7d:fc:51:0f:cc:dd:f6:a8:3f:
50:28:65:64:59:a8:ce:cb:37:56:ad:dd:bf:f9:aa:
23:a4:39:d7:da:23:c8:01:6a:8b:04:6a:22:c5:8f:
bc:38:2d:65:2a:16:59:33:f1:9b:9c:11:9b:ed:f4:
8e:5e:be:06:70:70:ef:11:38:10:d2:96:d2:7c:0c:
37:63:78:e1:15:54:88:7d:70:b5:a2:24:bc:4d:ab:
27:b2:61:ef:77:c8:e1:f3:a6:42:a5:7d:56:da:bb:
7f:38:95:8b:f0:9a:28:65:f4:eb:ab:67:dd:d1:48:
7e:10:7c:a9:27:b9:b0:75:fe:7d:b9:c4:24:89:da:
0b:5a:ca:4f:c9:32:85:42:7d:4d:c4:c8:b5:4b:72:
27:16:cf:cf:fe:a4:3b:ec:1f:76:6e:a6:d2:06:53:
67:8a:cc:3a:eb:1b:9e:46:83:99:d1:9c:fc:ee:f3:
9a:9e:a7:c5:3f:fc:74:cb:d0:eb:95:8f:b1:32:7a:
14:7d:bf:6e:f5:20:86:b2:79:4e:cf:04:52:49:4e:
55:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A1:9E:1F:E0:CA:B3:8D:80:3B:23:B9:8F:24:08:5B:24:C3:E9:4C
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS212219.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.102.0/23
92.249.61.0/24
176.96.131.0/24
193.111.77.0-193.111.78.255
217.18.210.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:e4:4f:5e:d9:a9:46:cc:ae:61:ee:43:99:59:6c:93:3f:c5:
bb:91:af:cc:10:88:a8:58:15:1e:24:7c:11:ac:5c:ce:b5:b7:
a2:60:20:13:4b:e1:c7:49:ab:23:10:df:78:59:c0:fb:3b:48:
78:da:3a:29:98:36:5c:bb:51:e5:10:55:02:0a:7a:ac:3d:ad:
e3:f4:3f:24:b8:8c:7e:03:f9:56:ed:6d:92:00:cd:f7:b7:76:
2e:3c:37:70:87:6d:fe:ba:dc:91:e2:9c:85:a3:38:7a:49:f7:
f5:70:f3:5e:7f:a9:e1:f2:cb:21:bb:c5:b5:8b:3e:a1:95:ae:
9f:7a:1c:b2:a8:e2:2f:4b:5c:7c:b7:1e:c1:0d:ef:6f:ab:4d:
55:cb:5f:c2:71:02:ca:6a:b3:75:1b:a0:54:5a:f7:c3:99:bc:
17:77:c1:22:5b:38:c5:22:88:9d:88:ad:0b:94:44:2d:b6:4b:
d5:c4:c9:c7:26:7a:d0:8b:95:dc:6a:94:60:c0:44:de:b1:21:
99:4a:fe:b5:36:a5:f6:22:a1:f9:66:e3:c8:25:47:c1:54:89:
e5:59:89:17:e4:43:5c:93:3e:4e:63:f0:f5:f9:6f:5f:cb:bc:
80:93:1e:52:ae:03:24:76:0c:77:8a:21:74:3f:6f:c5:79:e4:
ae:a8:9a:61
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUel7rUk9E8Er4W7q2Pn590iscLMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA0MzAwOTE0MzlaFw0yNjA0MjkwOTE5MzlaMDMxMTAvBgNV
BAMTKDREQTE5RTFGRTBDQUIzOEQ4MDNCMjNCOThGMjQwODVCMjRDM0U5NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkr71pAhzqW/5sOieFIMbXZYhO
x+4AfaYsjbTEg7IV125BGl70mliQ78P09IU3JgEfNn38UQ/M3faoP1AoZWRZqM7L
N1at3b/5qiOkOdfaI8gBaosEaiLFj7w4LWUqFlkz8ZucEZvt9I5evgZwcO8ROBDS
ltJ8DDdjeOEVVIh9cLWiJLxNqyeyYe93yOHzpkKlfVbau384lYvwmihl9OurZ93R
SH4QfKknubB1/n25xCSJ2gtayk/JMoVCfU3EyLVLcicWz8/+pDvsH3ZuptIGU2eK
zDrrG55Gg5nRnPzu85qep8U//HTL0OuVj7EyehR9v271IIayeU7PBFJJTlXfAgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQUTaGeH+DKs42AOyO5jyQIWyTD6UwwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjEyMjE5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBBYVm
AwQAXPk9AwQAsGCDMAwDBADBb00DBADBb04DBADZEtIwDQYJKoZIhvcNAQELBQAD
ggEBADrkT17ZqUbMrmHuQ5lZbJM/xbuRr8wQiKhYFR4kfBGsXM61t6JgIBNL4cdJ
qyMQ33hZwPs7SHjaOimYNly7UeUQVQIKeqw9reP0PyS4jH4D+VbtbZIAzfe3di48
N3CHbf663JHinIWjOHpJ9/Vw815/qeHyyyG7xbWLPqGVrp96HLKo4i9LXHy3HsEN
72+rTVXLX8JxAspqs3UboFRa98OZvBd3wSJbOMUiiJ2IrQuURC22S9XEyccmetCL
ldxqlGDARN6xIZlK/rU2pfYioflm48glR8FUieVZiRfkQ1yTPk5j8PX5b1/LvICT
HlKuAyR2DHeKIXQ/b8V55K6ommE=
-----END CERTIFICATE-----
Generated at Wed May 7 00:12:43 2025 by rpki-client