Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS213606.roa
File: AS213606.roa (raw, json)
Hash identifier: lHHWWTTzwYLB9vqsFgjn1jDhj3RtXzvqu8GVefEC+Go=
Subject key identifier: 3A:45:8C:BF:D5:6F:F0:62:43:45:35:21:B4:9C:D8:AD:98:D3:95:C0
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 135D43524153A288756428E2701108CFB896E98E
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS213606.roa
Signing time: Thu 19 Jun 2025 00:03:25 +0000
ROA not before: Wed 18 Jun 2025 23:58:25 +0000
ROA not after: Thu 18 Jun 2026 00:03:25 +0000
asID: 213606
IP address blocks: 143.20.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:5d:43:52:41:53:a2:88:75:64:28:e2:70:11:08:cf:b8:96:e9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 18 23:58:25 2025 GMT
Not After : Jun 18 00:03:25 2026 GMT
Subject: CN=3A458CBFD56FF06243453521B49CD8AD98D395C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c6:55:de:16:c2:59:4d:55:2a:4e:9a:7c:5d:
a2:64:b4:3d:75:8d:3a:38:8d:b6:af:bf:2b:be:5d:
77:7d:b7:21:b8:3d:ac:dc:08:46:66:38:de:5e:38:
a9:fc:7c:d5:3a:68:e8:cb:83:98:f3:83:5c:d0:24:
7c:e5:a9:a1:01:62:9c:bf:79:6e:99:84:14:3f:5b:
bc:9e:f2:cd:31:59:a0:d0:2c:b2:41:54:81:a9:f4:
d8:68:98:53:cc:07:64:99:27:57:bf:66:f6:4c:cc:
d3:62:fd:f3:49:85:3e:c2:4d:12:43:71:99:16:c3:
9e:29:0c:b1:dc:3c:5c:ba:dc:d6:3f:42:52:2b:e5:
36:5e:31:0a:b0:ed:5f:55:46:1f:b7:a9:1e:e8:4b:
1f:8a:b9:0f:60:e3:6c:2f:a2:ea:07:2a:54:26:ce:
c5:7c:4e:10:b0:20:5c:e6:d6:07:7c:67:24:e9:1b:
94:69:e4:b4:6c:ea:2b:7c:91:86:fa:6c:e6:5e:23:
51:03:6d:c2:83:2f:bf:fe:29:9f:5d:39:58:54:25:
ba:d1:33:bb:57:8c:e8:b7:1f:07:64:66:6b:cd:82:
a8:d5:14:59:28:c7:f6:1e:0d:d1:6d:69:ce:ff:fe:
2c:76:54:4f:e4:1f:75:02:3a:08:b2:cc:c3:ab:7e:
56:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:45:8C:BF:D5:6F:F0:62:43:45:35:21:B4:9C:D8:AD:98:D3:95:C0
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS213606.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.102.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:a7:28:01:4d:14:8d:ae:77:93:c6:d2:69:01:a9:57:60:94:
2e:79:05:dc:5a:7b:e9:bc:07:c5:50:aa:6b:00:de:72:f5:bf:
f8:29:20:e8:28:5d:23:5f:fa:44:ff:fb:26:a0:60:9b:1f:ea:
b5:ba:f9:0d:5b:9a:dc:7b:b8:1e:df:ff:9b:3e:fa:f6:f0:1c:
20:04:bf:53:7b:77:09:bd:98:ea:aa:44:5e:37:c9:05:60:b8:
10:10:ad:b1:56:97:c8:4d:11:04:61:c0:3c:c4:62:7d:84:ef:
c9:50:94:50:ef:46:06:a1:00:32:4b:6f:12:53:5e:e4:d3:7c:
12:5e:45:d2:07:e9:81:43:c7:8e:6b:d1:d3:95:67:30:fa:24:
5f:54:2a:2f:c6:55:c3:0a:f3:bb:a9:d0:62:fb:e3:9d:5b:11:
02:49:5a:3f:4f:45:59:19:87:eb:be:4f:1f:d1:59:ec:76:f8:
68:71:22:60:70:81:08:e9:4e:6c:5a:33:f2:7a:7b:d6:b4:10:
a7:a9:c3:a8:72:18:50:04:e8:fd:36:8d:30:8a:0c:0e:55:27:
eb:58:76:2f:8d:40:28:0d:22:1b:cb:c3:1a:c8:9b:c6:58:df:
11:48:7b:83:20:63:9b:8e:97:0d:30:61:17:54:42:d5:06:14:
5c:d9:9d:ac
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUE11DUkFTooh1ZCjicBEIz7iW6Y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MTgyMzU4MjVaFw0yNjA2MTgwMDAzMjVaMDMxMTAvBgNV
BAMTKDNBNDU4Q0JGRDU2RkYwNjI0MzQ1MzUyMUI0OUNEOEFEOThEMzk1QzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4xlXeFsJZTVUqTpp8XaJktD11
jTo4jbavvyu+XXd9tyG4PazcCEZmON5eOKn8fNU6aOjLg5jzg1zQJHzlqaEBYpy/
eW6ZhBQ/W7ye8s0xWaDQLLJBVIGp9NhomFPMB2SZJ1e/ZvZMzNNi/fNJhT7CTRJD
cZkWw54pDLHcPFy63NY/QlIr5TZeMQqw7V9VRh+3qR7oSx+KuQ9g42wvouoHKlQm
zsV8ThCwIFzm1gd8ZyTpG5Rp5LRs6it8kYb6bOZeI1EDbcKDL7/+KZ9dOVhUJbrR
M7tXjOi3HwdkZmvNgqjVFFkox/YeDdFtac7//ix2VE/kH3UCOgiyzMOrflbTAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUOkWMv9Vv8GJDRTUhtJzYrZjTlcAwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjEzNjA2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxRm
MA0GCSqGSIb3DQEBCwUAA4IBAQB+pygBTRSNrneTxtJpAalXYJQueQXcWnvpvAfF
UKprAN5y9b/4KSDoKF0jX/pE//smoGCbH+q1uvkNW5rce7ge3/+bPvr28BwgBL9T
e3cJvZjqqkReN8kFYLgQEK2xVpfITREEYcA8xGJ9hO/JUJRQ70YGoQAyS28SU17k
03wSXkXSB+mBQ8eOa9HTlWcw+iRfVCovxlXDCvO7qdBi++OdWxECSVo/T0VZGYfr
vk8f0VnsdvhocSJgcIEI6U5sWjPyenvWtBCnqcOochhQBOj9No0wigwOVSfrWHYv
jUAoDSIby8MayJvGWN8RSHuDIGObjpcNMGEXVELVBhRc2Z2s
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:10:52 2025 by rpki-client