Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
File: AS204464.roa (raw, json)
Hash identifier: 6o7DVc1AQXH41XanJ6AYnA7RAlIJPzTBErRx3joNYSA=
Subject key identifier: 50:30:AD:FA:80:BA:53:44:DA:FE:F4:3A:AF:AC:0B:50:B0:CE:64:E1
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 68C0C00022E8989E2FFB9C90BCAB21037230924C
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
Signing time: Mon 11 May 2026 16:40:04 +0000
ROA not before: Mon 11 May 2026 16:35:04 +0000
ROA not after: Mon 10 May 2027 16:40:04 +0000
asID: 204464
IP address blocks: 2a14:7580:ec00::/40 maxlen: 40
2a14:7581:e000::/44 maxlen: 44
2a14:7581:e010::/44 maxlen: 44
2a14:7581:e020::/44 maxlen: 44
2a14:7581:e030::/44 maxlen: 44
2a14:7581:e040::/44 maxlen: 44
2a14:7581:e050::/44 maxlen: 44
2a14:7581:e060::/44 maxlen: 44
2a14:7581:e070::/44 maxlen: 44
2a14:7581:e080::/44 maxlen: 44
2a14:7581:e090::/44 maxlen: 44
2a14:7581:e0a0::/44 maxlen: 44
2a14:7581:e0b0::/44 maxlen: 44
2a14:7581:e0c0::/44 maxlen: 44
2a14:7581:e0d0::/44 maxlen: 44
2a14:7581:e0e0::/44 maxlen: 44
2a14:7581:e800::/39 maxlen: 39
2a14:7583:e800::/40 maxlen: 40
2a14:7584:a000::/36 maxlen: 36
2a14:7584:b000::/36 maxlen: 36
2a14:7585::/32 maxlen: 32
2a14:7585:a000::/36 maxlen: 36
2a14:7585:b000::/36 maxlen: 36
2a14:7587::/32 maxlen: 32
2a14:7587::/36 maxlen: 36
2a14:7587:1000::/36 maxlen: 36
2a14:7587:2000::/36 maxlen: 36
2a14:7587:3000::/36 maxlen: 36
2a14:7587:4000::/36 maxlen: 36
2a14:7587:5000::/36 maxlen: 36
2a14:7587:6000::/36 maxlen: 36
2a14:7587:7000::/36 maxlen: 36
2a14:7587:8000::/36 maxlen: 36
2a14:7587:9000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:c0:c0:00:22:e8:98:9e:2f:fb:9c:90:bc:ab:21:03:72:30:92:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 11 16:35:04 2026 GMT
Not After : May 10 16:40:04 2027 GMT
Subject: CN=5030ADFA80BA5344DAFEF43AAFAC0B50B0CE64E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b2:15:76:41:cc:3f:ce:ba:de:39:1f:94:ee:
39:b8:91:26:13:85:7f:f1:89:8f:23:96:bc:3e:ee:
46:74:43:0d:dc:46:eb:3e:6f:51:2c:6b:b0:55:fa:
19:3d:a6:31:90:62:46:71:17:60:70:0c:3d:70:b8:
5a:4a:72:dc:f1:9e:bb:85:52:b3:63:d4:28:74:5b:
4a:6d:31:55:89:b4:5a:f8:6a:93:d0:dd:fe:ae:6a:
bf:f4:20:f9:fa:09:76:48:ee:a1:84:f7:22:59:20:
08:e0:cf:5e:c2:3f:3d:a4:be:30:94:38:b8:53:4c:
13:a3:2c:b7:cc:d7:0d:a3:4a:89:46:a2:da:00:2a:
b0:70:0f:8d:d1:07:74:60:3e:43:d0:53:d6:3b:60:
92:27:cd:b6:94:b2:44:6e:00:5b:5b:6b:a4:ca:02:
83:df:a7:b7:e1:65:db:36:c2:3c:db:ea:fd:63:22:
53:ff:5d:01:0b:d8:2a:6a:24:e1:7b:1f:56:e3:27:
a9:37:2f:ab:1b:ab:d0:84:f2:f2:d7:22:56:ea:c4:
82:65:60:3a:cb:ec:e8:03:0f:97:4e:c6:49:97:f6:
b4:bd:cf:5e:04:01:05:fa:c1:37:00:d1:83:90:2d:
1f:e1:38:d5:e0:6b:00:7d:34:ea:46:9c:11:cb:4c:
df:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:30:AD:FA:80:BA:53:44:DA:FE:F4:3A:AF:AC:0B:50:B0:CE:64:E1
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ec00::/40
2a14:7581:e000::-2a14:7581:e0ef:ffff:ffff:ffff:ffff:ffff
2a14:7581:e800::/39
2a14:7583:e800::/40
2a14:7584:a000::/35
2a14:7585::/32
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
71:1a:7c:02:9f:56:7f:d1:b9:d5:74:ee:1e:03:33:ad:76:c2:
ad:a4:96:b5:4a:78:8a:b6:6a:88:4a:8a:62:ee:9a:36:5c:44:
a5:fb:c6:3f:6f:a5:4a:c1:d9:bf:57:75:5c:14:8d:00:b4:a8:
e8:39:e7:37:d0:45:b1:42:8b:63:a9:e2:14:dd:e7:ab:bf:e4:
5f:98:4e:76:75:dc:f7:f7:3d:09:8d:b7:58:5f:43:96:10:cd:
3a:76:dc:39:6e:a0:bb:f7:f8:5d:4e:50:f9:3b:c7:66:29:1f:
2f:df:33:45:b8:1b:39:0b:85:01:57:2b:b2:c4:1d:04:32:16:
66:e4:70:cf:65:f6:c2:ac:c6:e9:98:38:dd:b9:b4:01:61:50:
67:32:79:06:72:f7:3a:7d:76:5f:7e:5a:ef:46:98:67:26:32:
18:de:c2:5a:9c:58:f4:7e:f7:3b:8d:89:e9:7e:ac:5f:95:36:
b8:51:39:21:6b:1e:14:d5:22:35:9d:13:58:8d:ba:8d:8e:16:
47:b1:1a:6c:fb:25:e1:12:2e:5c:a9:5e:6d:5b:51:cb:09:d5:
b9:89:3b:f0:de:94:d0:c9:30:0a:46:ea:ce:3b:d8:99:0f:c2:
8b:60:f0:3e:98:bc:ed:5a:f1:e0:5b:3e:f3:08:f3:b7:36:67:
41:1c:6a:58
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUaMDAACLomJ4v+5yQvKshA3IwkkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MTExNjM1MDRaFw0yNzA1MTAxNjQwMDRaMDMxMTAvBgNV
BAMTKDUwMzBBREZBODBCQTUzNDREQUZFRjQzQUFGQUMwQjUwQjBDRTY0RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXshV2Qcw/zrreOR+U7jm4kSYT
hX/xiY8jlrw+7kZ0Qw3cRus+b1Esa7BV+hk9pjGQYkZxF2BwDD1wuFpKctzxnruF
UrNj1Ch0W0ptMVWJtFr4apPQ3f6uar/0IPn6CXZI7qGE9yJZIAjgz17CPz2kvjCU
OLhTTBOjLLfM1w2jSolGotoAKrBwD43RB3RgPkPQU9Y7YJInzbaUskRuAFtba6TK
AoPfp7fhZds2wjzb6v1jIlP/XQEL2CpqJOF7H1bjJ6k3L6sbq9CE8vLXIlbqxIJl
YDrL7OgDD5dOxkmX9rS9z14EAQX6wTcA0YOQLR/hONXgawB9NOpGnBHLTN+fAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUUDCt+oC6U0Ta/vQ6r6wLULDOZOEwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwYAKhR1
gOwwEQMGBSoUdYHgAwcEKhR1geDgAwYBKhR1gegDBgAqFHWD6AMGBSoUdYSgAwUA
KhR1hQMFACoUdYcwDQYJKoZIhvcNAQELBQADggEBAHEafAKfVn/RudV07h4DM612
wq2klrVKeIq2aohKimLumjZcRKX7xj9vpUrB2b9XdVwUjQC0qOg55zfQRbFCi2Op
4hTd56u/5F+YTnZ13Pf3PQmNt1hfQ5YQzTp23DluoLv3+F1OUPk7x2YpHy/fM0W4
GzkLhQFXK7LEHQQyFmbkcM9l9sKsxumYON25tAFhUGcyeQZy9zp9dl9+Wu9GmGcm
MhjewlqcWPR+9zuNiel+rF+VNrhROSFrHhTVIjWdE1iNuo2OFkexGmz7JeESLlyp
Xm1bUcsJ1bmJO/DelNDJMApG6s472JkPwotg8D6YvO1a8eBbPvMI87c2Z0Ecalg=
-----END CERTIFICATE-----
Generated at Tue May 12 22:02:18 2026 by rpki-client