Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200464.roa
File: AS200464.roa (raw, json)
Hash identifier: hsumhzC838Ff7kjJG9j3rC7IzSm08z/e4yUDZuN3gH8=
Subject key identifier: 25:54:8F:1B:ED:BA:2D:8B:DC:7E:BD:9E:45:F0:BC:B9:DD:FB:B2:0B
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 0D43259980C4484BDFC3028C18A40265846C2E45
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200464.roa
Signing time: Fri 24 Apr 2026 09:43:21 +0000
ROA not before: Fri 24 Apr 2026 09:38:21 +0000
ROA not after: Fri 23 Apr 2027 09:43:21 +0000
asID: 200464
IP address blocks: 2a14:7581:ffa::/48 maxlen: 48
2a14:7583:e700::/40 maxlen: 48
2a14:7583:e700::/41 maxlen: 48
2a14:7583:e700::/48 maxlen: 48
2a14:7583:e703::/48 maxlen: 48
2a14:7583:e710::/44 maxlen: 48
2a14:7583:e780::/41 maxlen: 48
2a14:7583:e7fe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:43:25:99:80:c4:48:4b:df:c3:02:8c:18:a4:02:65:84:6c:2e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 24 09:38:21 2026 GMT
Not After : Apr 23 09:43:21 2027 GMT
Subject: CN=25548F1BEDBA2D8BDC7EBD9E45F0BCB9DDFBB20B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8f:63:ea:52:56:ec:15:50:1e:39:9d:0b:86:
5d:ef:9a:4c:cd:df:50:17:50:99:83:be:51:ab:82:
a1:b7:4d:11:f7:68:b2:17:03:46:c1:df:38:3b:8c:
41:98:ff:2d:63:93:00:2b:e6:e3:29:07:37:a8:56:
e8:87:90:27:f0:e8:cd:61:5c:0c:d1:cb:76:ff:08:
64:45:18:dd:10:86:7a:33:79:26:f7:39:66:c8:71:
86:5b:d7:b3:71:e7:84:e0:7c:d6:33:5e:71:0d:bd:
93:d0:01:78:12:de:f6:4c:9e:d5:ff:79:34:23:03:
a0:0d:f1:6c:b0:f9:8f:f3:31:9b:27:e8:7b:f4:0a:
2b:d8:ac:a2:7a:7f:e7:46:79:24:6f:8b:3a:49:a0:
8f:ca:a3:df:ae:4b:29:1b:a0:64:73:b4:82:50:9a:
c3:d5:cd:ff:db:39:48:42:0b:74:f9:cc:7a:07:27:
03:d1:1a:1f:3d:68:a2:fc:66:71:db:23:62:53:93:
c4:5f:d4:24:c8:24:01:69:e6:ae:26:3a:8e:04:dc:
42:9d:b8:ce:5e:e4:be:d6:7f:ff:64:c1:f9:68:12:
60:6f:2a:17:71:09:ff:42:a2:9d:38:92:16:89:52:
ea:5c:95:b7:29:b7:dc:51:cb:36:4d:93:5c:45:56:
74:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:54:8F:1B:ED:BA:2D:8B:DC:7E:BD:9E:45:F0:BC:B9:DD:FB:B2:0B
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:ffa::/48
2a14:7583:e700::/40
Signature Algorithm: sha256WithRSAEncryption
36:8e:64:91:3c:54:88:75:2c:b4:35:4c:83:e2:e5:c4:b3:5c:
2b:b4:ae:57:2a:ee:ad:e4:c9:e9:e1:69:25:da:e1:04:94:89:
8d:03:e6:1d:c3:06:f5:82:8d:e3:23:a7:4b:5b:cb:30:21:66:
90:05:8b:de:12:85:14:02:26:94:88:fe:ed:7b:7d:af:9a:14:
9d:51:fe:8a:05:e9:25:2f:65:9d:24:9a:72:0e:91:25:eb:3b:
16:00:29:d8:12:0f:c3:cc:f0:5e:d8:44:2b:8e:06:01:67:92:
ae:2e:3a:42:bb:da:b6:fd:1c:15:76:bb:bf:9d:ed:66:cf:30:
3a:57:7d:aa:22:27:00:a0:ea:20:57:e9:c7:12:55:85:ad:96:
7e:81:55:d3:04:fc:74:38:40:79:db:9b:89:b6:d4:74:90:ae:
26:b9:ad:3e:c7:2b:a6:b8:ba:dc:78:4c:9e:54:8a:c9:f3:35:
02:f3:95:ab:a8:a3:da:1d:99:ad:26:2c:ae:c4:d9:d4:9a:fe:
68:8f:fc:72:2a:e8:8e:0e:be:31:8f:6f:8f:5a:f7:ae:f3:68:
37:79:fa:ac:34:d6:5d:ec:bc:9a:06:5c:9a:6d:f5:ca:f3:50:
4b:ac:78:db:bd:49:84:2f:33:d3:c9:a6:f1:9f:89:91:e9:7c:
d0:68:78:46
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUDUMlmYDESEvfwwKMGKQCZYRsLkUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MjQwOTM4MjFaFw0yNzA0MjMwOTQzMjFaMDMxMTAvBgNV
BAMTKDI1NTQ4RjFCRURCQTJEOEJEQzdFQkQ5RTQ1RjBCQ0I5RERGQkIyMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZj2PqUlbsFVAeOZ0Lhl3vmkzN
31AXUJmDvlGrgqG3TRH3aLIXA0bB3zg7jEGY/y1jkwAr5uMpBzeoVuiHkCfw6M1h
XAzRy3b/CGRFGN0QhnozeSb3OWbIcYZb17Nx54TgfNYzXnENvZPQAXgS3vZMntX/
eTQjA6AN8Wyw+Y/zMZsn6Hv0CivYrKJ6f+dGeSRvizpJoI/Ko9+uSykboGRztIJQ
msPVzf/bOUhCC3T5zHoHJwPRGh89aKL8ZnHbI2JTk8Rf1CTIJAFp5q4mOo4E3EKd
uM5e5L7Wf/9kwfloEmBvKhdxCf9Cop04khaJUupclbcpt9xRyzZNk1xFVnSNAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUJVSPG+26LYvcfr2eRfC8ud37sgswHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjAwNDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhR1
gQ/6AwYAKhR1g+cwDQYJKoZIhvcNAQELBQADggEBADaOZJE8VIh1LLQ1TIPi5cSz
XCu0rlcq7q3kyenhaSXa4QSUiY0D5h3DBvWCjeMjp0tbyzAhZpAFi94ShRQCJpSI
/u17fa+aFJ1R/ooF6SUvZZ0kmnIOkSXrOxYAKdgSD8PM8F7YRCuOBgFnkq4uOkK7
2rb9HBV2u7+d7WbPMDpXfaoiJwCg6iBX6ccSVYWtln6BVdME/HQ4QHnbm4m21HSQ
ria5rT7HK6a4utx4TJ5UisnzNQLzlauoo9odma0mLK7E2dSa/miP/HIq6I4OvjGP
b49a967zaDd5+qw01l3svJoGXJpt9crzUEuseNu9SYQvM9PJpvGfiZHpfNBoeEY=
-----END CERTIFICATE-----
Generated at Wed May 13 01:05:25 2026 by rpki-client