Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS201061.roa
File: AS201061.roa (raw, json)
Hash identifier: 9bQSZnKxd+ZnXw0iisnI/OHWqRryFGm2BkLog2EoA2Q=
Subject key identifier: 88:90:9B:D1:87:69:E9:EB:D2:70:A3:1D:EB:53:78:1D:EB:62:97:EE
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 5C7A72ECB7B2764F2449645E6A48A5EB6879EEE2
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS201061.roa
Signing time: Mon 09 Mar 2026 09:33:49 +0000
ROA not before: Mon 09 Mar 2026 09:28:49 +0000
ROA not after: Mon 08 Mar 2027 09:33:49 +0000
asID: 201061
IP address blocks: 2a0f:85c1:e41::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:7a:72:ec:b7:b2:76:4f:24:49:64:5e:6a:48:a5:eb:68:79:ee:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Mar 9 09:28:49 2026 GMT
Not After : Mar 8 09:33:49 2027 GMT
Subject: CN=88909BD18769E9EBD270A31DEB53781DEB6297EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:26:3c:75:1f:b9:33:91:5a:19:0d:aa:ca:16:
20:24:da:ea:10:c2:a5:63:4b:45:7e:09:2b:cf:01:
fd:5c:a9:4e:98:e3:55:b0:f0:5b:7b:35:b8:20:90:
ca:9a:24:ab:1d:6f:34:ea:d1:e6:3a:08:2e:51:80:
ef:b3:cc:09:df:aa:bb:9d:6e:cf:e6:5d:41:c8:6b:
66:e0:07:0d:94:cd:5f:0b:aa:f7:92:80:0d:18:e7:
d9:bb:99:43:3c:b3:e0:a5:0e:ec:66:b5:be:6f:29:
de:74:cb:4f:11:59:69:f0:a0:1e:4d:81:6a:af:af:
06:15:e4:76:5c:05:5a:15:ce:4b:df:73:a6:3e:cc:
2c:6f:bc:0f:a3:81:82:a5:37:c1:52:15:e5:25:c6:
58:f3:a7:81:77:dd:82:17:e4:26:24:b7:68:bb:65:
d2:25:ab:4b:b5:70:3b:47:ed:c9:a9:a4:9c:da:25:
42:60:48:07:17:c5:ec:77:69:61:e4:c5:90:85:ff:
03:88:a8:48:58:57:77:da:87:e1:dd:a0:8f:4f:49:
76:92:ea:2d:a5:c5:85:a3:f2:f7:fd:4c:11:eb:fd:
a6:ea:6a:b1:30:60:38:1f:a4:9b:bb:a3:ae:e5:db:
64:f9:7f:08:03:94:c5:33:4f:7c:dd:af:44:5a:7e:
7f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:90:9B:D1:87:69:E9:EB:D2:70:A3:1D:EB:53:78:1D:EB:62:97:EE
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS201061.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:e41::/48
Signature Algorithm: sha256WithRSAEncryption
83:3b:a8:65:8d:77:e2:28:b6:f4:cf:56:11:a6:9d:41:27:2d:
22:a0:a5:6b:81:54:ba:d5:12:98:a8:d6:36:d7:1c:aa:1b:1e:
f7:a7:0b:28:d4:b4:92:75:37:2d:4a:a3:52:47:a7:27:56:ca:
c6:aa:7b:43:15:b4:30:18:de:3d:e1:ad:ea:d5:64:6b:b5:21:
ae:5a:2b:35:36:8a:87:13:85:e6:f4:90:fb:be:e0:ce:05:27:
54:d9:5f:11:79:17:a8:93:03:7a:2c:24:bc:91:d7:8a:04:d6:
3a:6f:10:f5:68:88:a6:a6:cf:0e:e0:bb:e6:c9:7a:df:97:fb:
f3:02:7c:71:91:f7:b5:d4:4d:c4:72:69:0b:66:ff:d0:6f:93:
e9:a3:f4:e7:6b:81:39:a8:4a:ab:ec:80:fd:f8:ae:e0:dd:16:
84:25:1e:f9:84:42:fa:64:bd:de:90:2e:c7:92:fa:f4:b8:99:
ea:70:e8:33:38:30:e5:89:f6:7e:c6:5e:67:57:b2:6c:1c:5a:
e7:ba:21:06:b7:73:aa:3f:b8:b6:e2:bb:30:de:bf:13:9c:2a:
74:47:5c:76:57:e1:3e:ba:1b:f8:b2:e6:24:ff:d3:c8:b5:6f:
7d:b8:05:23:44:eb:7a:15:22:b1:21:13:83:c5:bf:18:df:77:
df:85:95:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUXHpy7Leydk8kSWReakil62h57uIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjAzMDkwOTI4NDlaFw0yNzAzMDgwOTMzNDlaMDMxMTAvBgNV
BAMTKDg4OTA5QkQxODc2OUU5RUJEMjcwQTMxREVCNTM3ODFERUI2Mjk3RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAJjx1H7kzkVoZDarKFiAk2uoQ
wqVjS0V+CSvPAf1cqU6Y41Ww8Ft7NbggkMqaJKsdbzTq0eY6CC5RgO+zzAnfqrud
bs/mXUHIa2bgBw2UzV8LqveSgA0Y59m7mUM8s+ClDuxmtb5vKd50y08RWWnwoB5N
gWqvrwYV5HZcBVoVzkvfc6Y+zCxvvA+jgYKlN8FSFeUlxljzp4F33YIX5CYkt2i7
ZdIlq0u1cDtH7cmppJzaJUJgSAcXxex3aWHkxZCF/wOIqEhYV3fah+HdoI9PSXaS
6i2lxYWj8vf9TBHr/abqarEwYDgfpJu7o67l22T5fwgDlMUzT3zdr0Rafn9RAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUiJCb0Ydp6evScKMd61N4Hetil+4wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjAxMDYxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQ5BMA0GCSqGSIb3DQEBCwUAA4IBAQCDO6hljXfiKLb0z1YRpp1BJy0ioKVrgVS6
1RKYqNY21xyqGx73pwso1LSSdTctSqNSR6cnVsrGqntDFbQwGN494a3q1WRrtSGu
Wis1NoqHE4Xm9JD7vuDOBSdU2V8ReReokwN6LCS8kdeKBNY6bxD1aIimps8O4Lvm
yXrfl/vzAnxxkfe11E3EcmkLZv/Qb5Ppo/Tna4E5qEqr7ID9+K7g3RaEJR75hEL6
ZL3ekC7Hkvr0uJnqcOgzODDlifZ+xl5nV7JsHFrnuiEGt3OqP7i24rsw3r8TnCp0
R1x2V+E+uhv4suYk/9PItW99uAUjROt6FSKxIRODxb8Y33ffhZUE
-----END CERTIFICATE-----
Generated at Wed Mar 25 22:55:21 2026 by rpki-client