Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207836.roa
File: AS207836.roa (raw, json)
Hash identifier: ZKb7l7S6qyCQ27OHjXjzhcsbPZN1v60A/Tmhf3rW7bs=
Subject key identifier: 32:D5:10:49:4C:86:E6:79:53:85:CB:0E:EF:C0:25:F4:72:1F:E7:F9
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 5CAC0ACE92763D3565ECF03BDD3B62775BD5D308
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207836.roa
Signing time: Mon 27 Apr 2026 23:08:34 +0000
ROA not before: Mon 27 Apr 2026 23:03:34 +0000
ROA not after: Mon 26 Apr 2027 23:08:34 +0000
asID: 207836
IP address blocks: 2a0f:85c1:c4b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:ac:0a:ce:92:76:3d:35:65:ec:f0:3b:dd:3b:62:77:5b:d5:d3:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Apr 27 23:03:34 2026 GMT
Not After : Apr 26 23:08:34 2027 GMT
Subject: CN=32D510494C86E6795385CB0EEFC025F4721FE7F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7a:30:de:b1:7c:dd:82:90:97:0a:14:a1:b2:
f3:ac:3a:14:c2:2a:b8:c5:95:4f:5d:8f:16:e2:9c:
d5:5a:cb:21:7b:fa:5e:8e:22:6d:ca:6f:60:5e:50:
26:70:b1:8b:59:ae:b8:ed:40:d7:e8:07:d3:14:ed:
1a:d7:14:36:07:51:0b:ae:c9:9a:fd:5e:7c:7c:76:
5c:2a:bf:fc:e8:60:b0:45:5f:f1:dc:67:ac:0b:fc:
7c:b0:68:2c:53:5f:40:99:a9:f2:47:f2:d3:f4:5c:
ce:d7:54:2e:5a:ee:83:32:db:de:e0:a2:56:3b:b7:
e1:d0:e1:db:c0:e1:3e:3f:be:0b:96:1a:27:5f:b6:
12:2f:b5:bc:21:85:3a:45:60:b1:52:1b:f8:ce:c3:
7c:01:fa:ae:6c:35:d3:3d:cd:a1:b4:9a:d8:19:4b:
ff:45:a3:61:fe:ad:ad:cb:27:67:22:09:8d:13:67:
92:08:64:7a:42:2a:ab:e9:f3:12:86:f7:a6:8e:eb:
c5:92:56:f1:3f:1d:61:34:ec:3c:c3:75:ad:a0:67:
bd:2c:f7:d6:91:be:6a:34:8d:c0:14:eb:d7:ca:fc:
57:75:04:a3:b4:74:a0:15:2c:0f:fc:c7:8c:20:83:
f5:df:3a:1a:a2:a6:90:92:4f:06:67:fb:e9:6f:93:
51:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D5:10:49:4C:86:E6:79:53:85:CB:0E:EF:C0:25:F4:72:1F:E7:F9
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:c4b::/48
Signature Algorithm: sha256WithRSAEncryption
03:64:b3:24:24:95:24:07:18:09:27:99:51:03:11:e9:d5:5d:
ad:73:20:3b:62:e6:a5:42:83:94:2a:d8:43:bf:7b:34:92:8c:
0c:8f:84:0d:67:a3:26:67:25:67:81:b0:98:b0:e3:e4:e5:4e:
9b:9e:2a:51:5f:8e:b6:f9:eb:06:7b:d6:42:88:64:82:78:0b:
65:53:41:75:f5:fa:37:2e:ab:af:fe:97:ec:18:92:a1:e3:c3:
ba:01:57:8f:53:6b:72:b1:64:ab:93:3a:cf:18:e3:6a:63:50:
b3:e3:8a:76:0e:d7:47:fc:e2:60:e0:9a:ec:b5:70:19:51:8e:
17:27:9f:57:4e:2b:6d:83:ba:16:15:25:f5:b1:c7:54:7b:74:
eb:30:db:c8:36:b5:e1:8b:bf:59:6f:25:34:d0:54:82:1c:fd:
70:b7:1b:d9:7b:96:cc:b7:bb:69:6e:b6:3f:4a:ae:9f:f6:6d:
6c:a3:dc:d9:a5:32:b9:61:95:74:21:d9:83:b6:3f:e3:2e:55:
94:2e:48:5c:de:fc:c2:87:2a:84:c4:be:49:af:91:10:c7:ed:
0d:bb:f6:9e:60:6c:34:8c:54:e4:24:68:a6:b1:8a:b0:15:7b:
bf:b8:af:62:7b:ed:50:0d:46:12:4b:23:4d:cf:17:e3:2f:39:
5b:d0:51:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUXKwKzpJ2PTVl7PA73Ttid1vV0wgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjA0MjcyMzAzMzRaFw0yNzA0MjYyMzA4MzRaMDMxMTAvBgNV
BAMTKDMyRDUxMDQ5NEM4NkU2Nzk1Mzg1Q0IwRUVGQzAyNUY0NzIxRkU3RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxejDesXzdgpCXChShsvOsOhTC
KrjFlU9djxbinNVayyF7+l6OIm3Kb2BeUCZwsYtZrrjtQNfoB9MU7RrXFDYHUQuu
yZr9Xnx8dlwqv/zoYLBFX/HcZ6wL/HywaCxTX0CZqfJH8tP0XM7XVC5a7oMy297g
olY7t+HQ4dvA4T4/vguWGidfthIvtbwhhTpFYLFSG/jOw3wB+q5sNdM9zaG0mtgZ
S/9Fo2H+ra3LJ2ciCY0TZ5IIZHpCKqvp8xKG96aO68WSVvE/HWE07DzDda2gZ70s
99aRvmo0jcAU69fK/Fd1BKO0dKAVLA/8x4wgg/XfOhqippCSTwZn++lvk1GzAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUMtUQSUyG5nlThcsO78Al9HIf5/kwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA3ODM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQxLMA0GCSqGSIb3DQEBCwUAA4IBAQADZLMkJJUkBxgJJ5lRAxHp1V2tcyA7Yual
QoOUKthDv3s0kowMj4QNZ6MmZyVngbCYsOPk5U6bnipRX462+esGe9ZCiGSCeAtl
U0F19fo3Lquv/pfsGJKh48O6AVePU2tysWSrkzrPGONqY1Cz44p2DtdH/OJg4Jrs
tXAZUY4XJ59XTittg7oWFSX1scdUe3TrMNvINrXhi79ZbyU00FSCHP1wtxvZe5bM
t7tpbrY/Sq6f9m1so9zZpTK5YZV0IdmDtj/jLlWULkhc3vzChyqExL5Jr5EQx+0N
u/aeYGw0jFTkJGimsYqwFXu/uK9ie+1QDUYSSyNNzxfjLzlb0FFG
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:47 2026 by rpki-client