Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS204535.roa
File: AS204535.roa (raw, json)
Hash identifier: wfl8aDFZnBx1eSIJYVSMoSWOwinvfSgL1Ixs93QrX5Y=
Subject key identifier: EC:D2:85:CB:64:54:03:15:70:91:E9:D6:B9:E1:16:66:71:91:C7:97
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 64CBF67758B28C25CB56BBF1D915A32E10B43C2D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS204535.roa
Signing time: Fri 08 May 2026 12:51:25 +0000
ROA not before: Fri 08 May 2026 12:46:25 +0000
ROA not after: Fri 07 May 2027 12:51:25 +0000
asID: 204535
IP address blocks: 191.96.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:12:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:cb:f6:77:58:b2:8c:25:cb:56:bb:f1:d9:15:a3:2e:10:b4:3c:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 8 12:46:25 2026 GMT
Not After : May 7 12:51:25 2027 GMT
Subject: CN=ECD285CB645403157091E9D6B9E116667191C797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a2:c0:96:38:eb:a1:38:b2:a0:a8:14:bc:89:
79:a3:c2:76:5d:62:f1:ac:0d:93:ce:6d:33:e7:d5:
35:4e:43:f0:24:1e:46:92:64:dc:05:cc:07:2d:54:
0a:25:6a:c0:3b:a1:5f:b1:6a:02:c2:c5:00:ad:a3:
3a:19:5d:14:10:f3:85:68:ff:44:65:73:de:71:a8:
25:d4:2c:c3:38:cb:02:e8:47:d5:ad:90:03:33:9b:
c1:8a:7b:4f:b7:39:e3:82:d1:a9:04:54:cd:06:ef:
5d:1a:81:c5:b5:6d:ce:8e:11:a4:65:fa:02:1e:c1:
35:f0:b5:ab:c0:0f:df:61:a2:6e:be:ba:87:18:1c:
34:4c:e3:0d:62:d3:31:81:f7:72:ff:fc:c6:79:bf:
f6:38:ad:ec:d7:a4:f1:d5:b6:4d:f9:9a:c9:fd:01:
a1:df:35:23:79:31:6b:43:d5:7e:aa:50:52:df:1d:
05:56:9e:7e:5d:ff:93:e9:bb:00:4a:09:19:b1:7f:
20:5d:5c:1a:a2:32:e8:ea:ca:d9:48:1a:0e:9b:05:
b6:21:6e:09:cd:34:2a:08:32:cf:48:d9:77:24:70:
ee:64:aa:77:05:d7:00:37:6a:bb:1d:5f:06:b3:31:
9a:32:47:c5:f9:aa:6f:de:2c:dd:27:96:4a:f7:dd:
93:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D2:85:CB:64:54:03:15:70:91:E9:D6:B9:E1:16:66:71:91:C7:97
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS204535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.80.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:ee:e9:55:41:18:ef:19:f0:02:d6:0c:43:a3:fd:d5:77:8d:
3a:65:1f:4b:ef:39:20:2a:8a:fa:f6:03:fa:13:27:5e:14:a2:
63:47:1f:8d:69:bb:4c:6e:34:a9:d0:ef:a2:e9:a8:9d:e7:cd:
27:d4:1f:e8:e9:e9:a5:2a:c7:39:f3:71:c2:f4:a9:88:7c:14:
70:7c:89:09:c5:c7:7a:99:de:8b:d2:5d:73:d0:04:75:00:c3:
07:7f:7f:3c:5c:1f:c3:64:56:85:b6:94:93:18:00:d2:d7:51:
bd:7e:38:c5:bf:67:7c:99:b2:68:2b:20:ad:eb:f5:14:c0:3d:
c3:03:03:14:3c:bf:59:2b:b5:2b:07:39:d9:5a:7e:94:ff:53:
bf:55:75:b4:43:cd:67:22:d2:ee:d0:df:13:4d:92:f2:88:45:
6c:aa:70:b0:ef:a4:8b:1c:27:2a:28:b2:62:ff:1e:a5:12:8f:
65:e3:2b:5b:b6:64:67:ef:3c:2c:cf:40:85:0e:b9:c4:32:3e:
2d:a7:ef:c7:d8:4e:c9:26:8b:40:89:ee:44:6a:29:59:21:43:
28:57:c4:52:9c:11:85:f6:97:3f:a5:a3:0c:76:07:da:f5:f9:
f3:c3:6f:77:9e:f3:d6:82:8e:ff:a9:67:fb:3d:da:04:9b:fd:
32:7c:06:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZMv2d1iyjCXLVrvx2RWjLhC0PC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MDgxMjQ2MjVaFw0yNzA1MDcxMjUxMjVaMDMxMTAvBgNV
BAMTKEVDRDI4NUNCNjQ1NDAzMTU3MDkxRTlENkI5RTExNjY2NzE5MUM3OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzosCWOOuhOLKgqBS8iXmjwnZd
YvGsDZPObTPn1TVOQ/AkHkaSZNwFzActVAolasA7oV+xagLCxQCtozoZXRQQ84Vo
/0Rlc95xqCXULMM4ywLoR9WtkAMzm8GKe0+3OeOC0akEVM0G710agcW1bc6OEaRl
+gIewTXwtavAD99hom6+uocYHDRM4w1i0zGB93L//MZ5v/Y4rezXpPHVtk35msn9
AaHfNSN5MWtD1X6qUFLfHQVWnn5d/5PpuwBKCRmxfyBdXBqiMujqytlIGg6bBbYh
bgnNNCoIMs9I2XckcO5kqncF1wA3arsdXwazMZoyR8X5qm/eLN0nlkr33ZOFAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU7NKFy2RUAxVwkenWueEWZnGRx5cwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2BQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBf7ulVQRjvGfAC1gxDo/3Vd406ZR9L7zkgKor6
9gP6EydeFKJjRx+NabtMbjSp0O+i6aid580n1B/o6emlKsc583HC9KmIfBRwfIkJ
xcd6md6L0l1z0AR1AMMHf388XB/DZFaFtpSTGADS11G9fjjFv2d8mbJoKyCt6/UU
wD3DAwMUPL9ZK7UrBznZWn6U/1O/VXW0Q81nItLu0N8TTZLyiEVsqnCw76SLHCcq
KLJi/x6lEo9l4ytbtmRn7zwsz0CFDrnEMj4tp+/H2E7JJotAie5EailZIUMoV8RS
nBGF9pc/paMMdgfa9fnzw293nvPWgo7/qWf7PdoEm/0yfAZ0
-----END CERTIFICATE-----
Generated at Tue May 12 23:24:36 2026 by rpki-client