Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS210937.roa
File: AS210937.roa (raw, json)
Hash identifier: b/BcwBndEB5aH+7xOpd1vrSyqX+A7q4U98EG+qgiQvw=
Subject key identifier: 78:F9:D2:FF:B6:94:A7:CD:43:02:64:0D:24:80:CC:30:60:C4:36:2F
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 71A22FA7E95CA2D25D9557900B898A9908CE1C85
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS210937.roa
Signing time: Tue 30 Sep 2025 15:55:07 +0000
ROA not before: Tue 30 Sep 2025 15:50:07 +0000
ROA not after: Tue 29 Sep 2026 15:55:07 +0000
asID: 210937
IP address blocks: 141.11.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:a2:2f:a7:e9:5c:a2:d2:5d:95:57:90:0b:89:8a:99:08:ce:1c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Sep 30 15:50:07 2025 GMT
Not After : Sep 29 15:55:07 2026 GMT
Subject: CN=78F9D2FFB694A7CD4302640D2480CC3060C4362F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9b:6a:a6:12:6a:c1:bc:01:3d:d1:70:e8:d0:
dd:20:71:34:25:65:40:27:9e:a9:02:b9:92:69:88:
4a:93:e4:f9:0d:71:27:39:02:ad:49:82:e3:2d:e2:
1d:61:33:44:fd:52:b8:30:e0:e5:c2:f2:86:24:c4:
39:24:2a:cd:56:83:99:d6:36:dc:ae:6d:f4:d1:15:
7a:99:93:60:73:1d:47:ba:56:83:82:6a:ac:da:3d:
a5:65:66:91:4f:69:e7:e7:42:67:33:c4:52:39:96:
51:ad:2c:ae:5f:7d:4d:b1:77:8e:ee:ae:4d:c4:44:
a8:b3:19:df:ce:4a:c1:c5:82:e3:db:a3:1d:af:4a:
fc:bd:c8:f3:a3:04:56:47:b5:59:b2:7a:a8:1d:9c:
56:7f:19:57:7e:a7:27:33:c9:5d:aa:5f:6a:78:cb:
a2:16:21:e5:d1:75:ae:05:ec:b5:f5:a1:71:c2:84:
da:9e:da:af:a9:13:30:89:38:fb:07:67:93:a5:69:
cf:b9:16:25:ea:38:52:52:41:17:a8:35:a9:36:17:
9d:a0:65:8c:2e:e8:11:de:9e:a3:82:3b:12:0a:a6:
9c:eb:73:20:1e:de:18:0a:82:4c:66:d5:3b:17:4a:
da:c0:76:85:1b:70:d5:3a:c7:aa:20:1d:4f:57:46:
c8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F9:D2:FF:B6:94:A7:CD:43:02:64:0D:24:80:CC:30:60:C4:36:2F
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS210937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.11.0/24
Signature Algorithm: sha256WithRSAEncryption
34:11:0e:e6:06:53:fe:0d:63:0c:89:8c:ca:33:c1:66:ad:6d:
46:27:39:9a:15:dc:fe:4f:60:a1:37:de:e7:88:3b:a6:d0:a8:
a0:d6:65:7e:46:90:e3:ef:48:e7:fb:ac:b8:4a:36:48:70:b4:
a7:d5:d6:b7:7b:7a:81:ad:a8:91:53:80:c1:0f:25:c3:d6:96:
e6:f3:99:9a:89:93:90:16:72:80:70:23:58:72:0e:c8:1c:21:
34:e8:a8:ce:c3:67:b3:8d:5c:37:33:8e:9a:f7:49:0b:ca:e5:
93:e7:22:54:38:03:91:d7:23:56:2b:13:ff:47:39:f8:9c:9a:
79:38:bd:cf:26:0b:a1:46:bf:41:88:19:e1:b4:cc:d0:c1:6b:
3b:35:c3:65:b7:8e:35:0d:14:35:45:54:6d:0d:5e:17:71:db:
e4:d5:a4:9e:4d:d7:57:ca:28:33:76:f6:14:d9:d2:e3:ac:19:
9c:db:a0:02:09:66:c4:ac:64:e0:15:27:d7:cc:0b:2b:d4:1b:
e2:84:db:de:8d:cb:e7:2a:3c:bb:a7:c8:f8:7b:f0:6b:4b:c8:
bc:8e:bc:bd:54:2c:a1:47:6f:76:fb:32:fc:c6:20:aa:84:f3:
56:9f:b3:ed:82:f4:b8:65:ef:49:48:c3:b9:bf:fb:72:36:d2:
0e:c4:78:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUcaIvp+lcotJdlVeQC4mKmQjOHIUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA5MzAxNTUwMDdaFw0yNjA5MjkxNTU1MDdaMDMxMTAvBgNV
BAMTKDc4RjlEMkZGQjY5NEE3Q0Q0MzAyNjQwRDI0ODBDQzMwNjBDNDM2MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUm2qmEmrBvAE90XDo0N0gcTQl
ZUAnnqkCuZJpiEqT5PkNcSc5Aq1JguMt4h1hM0T9Urgw4OXC8oYkxDkkKs1Wg5nW
NtyubfTRFXqZk2BzHUe6VoOCaqzaPaVlZpFPaefnQmczxFI5llGtLK5ffU2xd47u
rk3ERKizGd/OSsHFguPbox2vSvy9yPOjBFZHtVmyeqgdnFZ/GVd+pyczyV2qX2p4
y6IWIeXRda4F7LX1oXHChNqe2q+pEzCJOPsHZ5Olac+5FiXqOFJSQReoNak2F52g
ZYwu6BHenqOCOxIKppzrcyAe3hgKgkxm1TsXStrAdoUbcNU6x6ogHU9XRshFAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUePnS/7aUp81DAmQNJIDMMGDENi8wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjEwOTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQsL
MA0GCSqGSIb3DQEBCwUAA4IBAQA0EQ7mBlP+DWMMiYzKM8FmrW1GJzmaFdz+T2Ch
N97niDum0Kig1mV+RpDj70jn+6y4SjZIcLSn1da3e3qBraiRU4DBDyXD1pbm85ma
iZOQFnKAcCNYcg7IHCE06KjOw2ezjVw3M46a90kLyuWT5yJUOAOR1yNWKxP/Rzn4
nJp5OL3PJguhRr9BiBnhtMzQwWs7NcNlt441DRQ1RVRtDV4Xcdvk1aSeTddXyigz
dvYU2dLjrBmc26ACCWbErGTgFSfXzAsr1BvihNvejcvnKjy7p8j4e/BrS8i8jry9
VCyhR292+zL8xiCqhPNWn7PtgvS4Ze9JSMO5v/tyNtIOxHhs
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:10:02 2025 by rpki-client