Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209630.roa
File: AS209630.roa (raw, json)
Hash identifier: GVyDbE7DTvf3wDhG8CFm88tBd7tRbh1oZRJG9J7XP/c=
Subject key identifier: 56:76:91:8B:CF:6F:D3:02:AB:D4:7F:97:31:27:35:DB:BF:88:84:60
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0F3D760718147DD2D10DA1B890BDB15EED0BE1A4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209630.roa
Signing time: Tue 24 Mar 2026 16:30:58 +0000
ROA not before: Tue 24 Mar 2026 16:25:58 +0000
ROA not after: Tue 23 Mar 2027 16:30:58 +0000
asID: 209630
IP address blocks: 181.214.125.0/24 maxlen: 24
181.215.41.0/24 maxlen: 24
181.215.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:3d:76:07:18:14:7d:d2:d1:0d:a1:b8:90:bd:b1:5e:ed:0b:e1:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 24 16:25:58 2026 GMT
Not After : Mar 23 16:30:58 2027 GMT
Subject: CN=5676918BCF6FD302ABD47F97312735DBBF888460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e8:e1:13:e7:81:4c:21:2c:22:94:42:de:b0:
a8:27:86:58:42:60:2a:97:57:7c:a9:06:23:9d:50:
fb:72:45:bd:1d:78:78:5a:4b:be:54:d0:23:fd:1c:
78:e2:04:e9:ee:0a:2e:95:e8:83:7f:d0:95:d3:6b:
f6:5f:c5:b3:41:07:a9:f8:71:3a:5c:7a:97:36:d3:
86:d3:d2:69:16:b3:5d:2d:b5:dc:96:2f:ec:ee:53:
45:25:17:f3:47:0a:81:3e:e0:df:d8:82:7d:90:5e:
70:e9:6d:f2:7b:08:87:6d:56:18:4b:64:ab:94:1d:
fb:e6:e2:21:44:1d:22:44:08:62:26:90:68:98:76:
00:30:20:fe:59:3c:9c:ea:91:4e:fe:83:07:ae:63:
f2:94:67:fa:6c:a3:bc:57:3c:1b:4b:96:8b:70:a5:
6d:f6:da:59:80:37:ab:6b:26:1e:67:23:e8:84:3c:
16:99:25:2e:1c:c3:34:b9:99:8f:73:7b:f2:7c:e5:
e3:49:a6:37:8e:60:fc:c5:28:50:32:c5:68:9b:ec:
39:2e:cd:ad:7c:20:77:43:da:56:4b:99:fa:48:36:
51:9d:96:2a:1d:2a:12:a5:a4:93:d5:f8:b3:8c:f5:
ad:d3:c7:89:91:90:ad:01:52:c3:68:f2:7d:9a:67:
f1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:76:91:8B:CF:6F:D3:02:AB:D4:7F:97:31:27:35:DB:BF:88:84:60
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.125.0/24
181.215.41.0/24
181.215.186.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d7:a5:c2:59:f0:de:f6:70:8a:b0:a3:fe:b6:e4:fe:42:b0:
82:54:be:2a:81:33:b3:87:8e:dd:7f:c8:d3:96:30:da:ba:49:
8a:b6:81:2f:ed:26:50:55:68:1c:a8:7f:99:ba:1e:b4:5d:92:
36:37:0d:38:0f:96:38:44:4b:7b:cf:a7:70:da:b4:1e:9f:aa:
31:5e:88:db:d8:61:36:ba:14:97:55:95:ac:93:d0:85:51:79:
1b:b4:e1:5a:c8:e0:74:74:60:b7:5c:92:56:cc:43:c1:ee:b0:
8c:f6:91:a6:07:f0:ed:44:dd:c2:e9:79:d9:7a:62:d7:e3:43:
7c:3a:1b:1a:27:e3:b5:4d:ea:14:ed:12:5e:b4:07:a2:98:5e:
e7:36:db:76:06:18:ca:85:36:94:5e:50:b5:28:a4:61:c3:fb:
e7:39:07:bd:ba:33:8f:a2:9a:62:06:30:21:32:34:2c:5b:53:
ce:a7:a4:f3:77:69:9e:e8:6a:60:74:b5:e1:01:4b:3b:ae:e8:
00:90:91:1d:0e:f6:c2:ff:df:88:ce:d7:d8:f9:1a:0a:d5:65:
1c:73:9b:19:45:21:d8:67:fd:34:d7:25:a5:28:d0:49:8a:3b:
f9:42:a9:17:0b:39:f4:92:45:66:7f:5c:73:bb:40:78:02:96:
54:f5:c8:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUDz12BxgUfdLRDaG4kL2xXu0L4aQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMjQxNjI1NThaFw0yNzAzMjMxNjMwNThaMDMxMTAvBgNV
BAMTKDU2NzY5MThCQ0Y2RkQzMDJBQkQ0N0Y5NzMxMjczNURCQkY4ODg0NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo6OET54FMISwilELesKgnhlhC
YCqXV3ypBiOdUPtyRb0deHhaS75U0CP9HHjiBOnuCi6V6IN/0JXTa/ZfxbNBB6n4
cTpcepc204bT0mkWs10ttdyWL+zuU0UlF/NHCoE+4N/Ygn2QXnDpbfJ7CIdtVhhL
ZKuUHfvm4iFEHSJECGImkGiYdgAwIP5ZPJzqkU7+gweuY/KUZ/pso7xXPBtLlotw
pW322lmAN6trJh5nI+iEPBaZJS4cwzS5mY9ze/J85eNJpjeOYPzFKFAyxWib7Dku
za18IHdD2lZLmfpINlGdliodKhKlpJPV+LOM9a3Tx4mRkK0BUsNo8n2aZ/EPAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUVnaRi89v0wKr1H+XMSc127+IhGAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA5NjMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAtdZ9
AwQAtdcpAwQAtde6MA0GCSqGSIb3DQEBCwUAA4IBAQAw16XCWfDe9nCKsKP+tuT+
QrCCVL4qgTOzh47df8jTljDaukmKtoEv7SZQVWgcqH+Zuh60XZI2Nw04D5Y4REt7
z6dw2rQen6oxXojb2GE2uhSXVZWsk9CFUXkbtOFayOB0dGC3XJJWzEPB7rCM9pGm
B/DtRN3C6XnZemLX40N8OhsaJ+O1TeoU7RJetAeimF7nNtt2BhjKhTaUXlC1KKRh
w/vnOQe9ujOPoppiBjAhMjQsW1POp6Tzd2me6GpgdLXhAUs7rugAkJEdDvbC/9+I
ztfY+RoK1WUcc5sZRSHYZ/001yWlKNBJijv5QqkXCzn0kkVmf1xzu0B4ApZU9cjy
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:04:25 2026 by rpki-client