Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS203494.roa
File: AS203494.roa (raw, json)
Hash identifier: kcgOW+NTWlfLjRZyz31fJSrLuDtAGNsZ4AtsDBxSILc=
Subject key identifier: 74:A0:16:7F:A2:E6:31:CC:0B:49:15:7D:55:FD:9D:54:B0:91:B6:A5
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 7FC633EC5398BB4210B1EC1FE1FF7F28D2241386
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS203494.roa
Signing time: Tue 12 May 2026 13:58:10 +0000
ROA not before: Tue 12 May 2026 13:53:10 +0000
ROA not after: Tue 11 May 2027 13:58:10 +0000
asID: 203494
IP address blocks: 217.18.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:c6:33:ec:53:98:bb:42:10:b1:ec:1f:e1:ff:7f:28:d2:24:13:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: May 12 13:53:10 2026 GMT
Not After : May 11 13:58:10 2027 GMT
Subject: CN=74A0167FA2E631CC0B49157D55FD9D54B091B6A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:dc:9d:b2:cb:ec:9f:b3:ee:46:dc:2c:0a:ef:
a7:72:f5:61:be:b3:03:d8:8f:bf:69:89:ec:a7:0b:
33:84:a2:a1:b9:2d:50:f0:9d:e0:3c:e0:5d:aa:9f:
94:f5:36:0c:26:e9:1b:04:63:6f:cd:2e:31:7f:f0:
cf:c9:e3:54:e5:a0:e9:d3:4f:69:af:fa:e9:37:d3:
9a:92:4c:bf:48:4d:b3:7e:3b:f2:13:26:d7:3d:95:
7d:3d:17:cc:95:94:c8:55:1c:d3:7e:d4:3d:af:05:
29:e9:94:26:4b:12:66:2c:9b:ab:a9:f4:11:3e:e6:
58:7e:bc:d4:91:7d:3a:75:92:aa:2c:ff:0f:1a:62:
46:7d:2f:10:77:3f:58:57:a3:b9:ff:f8:d1:42:61:
d0:31:aa:44:03:02:74:09:2d:e4:cf:07:a9:0d:4b:
b2:30:8e:d7:b7:77:46:9e:6d:b9:d6:b7:9a:9b:2e:
71:4b:d9:35:e4:5e:7b:54:52:13:61:48:69:49:a8:
86:c2:82:ba:97:e5:80:d4:27:6d:61:e9:19:31:a6:
d7:12:75:a5:68:4c:5f:f7:4b:65:cb:e7:68:93:f2:
7f:de:bf:e6:f4:56:61:1f:5f:25:8b:9f:b7:7c:ca:
a3:99:3c:0f:50:70:66:27:95:69:d9:5a:0d:d2:ec:
1d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A0:16:7F:A2:E6:31:CC:0B:49:15:7D:55:FD:9D:54:B0:91:B6:A5
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS203494.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.209.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:5e:2e:1e:30:38:e4:49:b3:37:f7:67:75:3e:2b:32:6c:ab:
f1:78:6e:19:e1:48:a6:75:c4:ae:b2:8f:be:d1:1b:ce:20:70:
04:b3:28:b7:0e:a3:bd:9f:fe:47:51:cb:f2:5d:04:9c:43:4f:
3e:6a:54:99:51:bf:bd:6b:b8:8b:a2:b1:9b:c1:25:91:69:82:
5d:7d:0b:7d:42:23:e4:cd:dd:21:cd:a8:8e:a1:d9:b4:a7:bc:
ea:a7:f3:04:23:b0:ad:4c:68:0e:4c:89:7c:71:83:7c:9b:ef:
4a:a4:61:15:8d:8a:65:22:f8:ca:66:12:d6:c6:cb:40:87:53:
9b:f2:57:9a:c0:15:73:77:58:52:5d:d3:e5:6d:b3:19:0f:7d:
5a:9a:6f:b4:19:2d:42:d8:f7:c6:b3:b5:58:fb:ee:6f:b7:86:
51:b5:0b:7e:9e:4d:79:a8:75:23:3a:b7:6c:30:ad:33:73:25:
7d:af:e1:09:6e:d0:0c:58:a3:6f:c8:ea:7f:bd:14:bf:0a:7d:
dc:b8:e9:c9:65:2e:ef:10:f9:60:6d:35:dd:32:bc:6b:10:96:
d6:84:62:fe:49:68:d9:d7:62:eb:0c:8b:22:4a:87:0c:ac:1a:
21:29:5d:a2:89:98:14:fa:e7:9a:eb:87:f9:61:fc:6c:18:9a:
ca:b9:89:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUf8Yz7FOYu0IQsewf4f9/KNIkE4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA1MTIxMzUzMTBaFw0yNzA1MTExMzU4MTBaMDMxMTAvBgNV
BAMTKDc0QTAxNjdGQTJFNjMxQ0MwQjQ5MTU3RDU1RkQ5RDU0QjA5MUI2QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR3J2yy+yfs+5G3CwK76dy9WG+
swPYj79pieynCzOEoqG5LVDwneA84F2qn5T1Ngwm6RsEY2/NLjF/8M/J41TloOnT
T2mv+uk305qSTL9ITbN+O/ITJtc9lX09F8yVlMhVHNN+1D2vBSnplCZLEmYsm6up
9BE+5lh+vNSRfTp1kqos/w8aYkZ9LxB3P1hXo7n/+NFCYdAxqkQDAnQJLeTPB6kN
S7Iwjte3d0aebbnWt5qbLnFL2TXkXntUUhNhSGlJqIbCgrqX5YDUJ21h6RkxptcS
daVoTF/3S2XL52iT8n/ev+b0VmEfXyWLn7d8yqOZPA9QcGYnlWnZWg3S7B3pAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUdKAWf6LmMcwLSRV9Vf2dVLCRtqUwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjAzNDk0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RLR
MA0GCSqGSIb3DQEBCwUAA4IBAQCMXi4eMDjkSbM392d1PisybKvxeG4Z4UimdcSu
so++0RvOIHAEsyi3DqO9n/5HUcvyXQScQ08+alSZUb+9a7iLorGbwSWRaYJdfQt9
QiPkzd0hzaiOodm0p7zqp/MEI7CtTGgOTIl8cYN8m+9KpGEVjYplIvjKZhLWxstA
h1Ob8leawBVzd1hSXdPlbbMZD31amm+0GS1C2PfGs7VY++5vt4ZRtQt+nk15qHUj
OrdsMK0zcyV9r+EJbtAMWKNvyOp/vRS/Cn3cuOnJZS7vEPlgbTXdMrxrEJbWhGL+
SWjZ12LrDIsiSocMrBohKV2iiZgU+uea64f5YfxsGJrKuYk5
-----END CERTIFICATE-----
Generated at Wed May 13 04:31:41 2026 by rpki-client