Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
File: AS204464.roa (raw, json)
Hash identifier: Fpr4aj/RGFfdJSqzkBh2oDozSb0KVypaQp0NkiQz6dQ=
Subject key identifier: 09:24:2B:D2:10:3F:1C:CB:47:76:6B:60:6D:7B:86:F6:AE:16:40:1A
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 638223428A4B074DF103664E242F7CF12DB1996E
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
Signing time: Wed 25 Mar 2026 18:07:59 +0000
ROA not before: Wed 25 Mar 2026 18:02:59 +0000
ROA not after: Wed 24 Mar 2027 18:07:59 +0000
asID: 204464
IP address blocks: 2a14:7581:e000::/36 maxlen: 36
2a14:7581:e000::/39 maxlen: 39
2a14:7581:e200::/39 maxlen: 39
2a14:7581:e400::/39 maxlen: 39
2a14:7581:e600::/39 maxlen: 39
2a14:7581:e800::/39 maxlen: 39
2a14:7581:ea00::/39 maxlen: 39
2a14:7581:ec00::/39 maxlen: 39
2a14:7581:ee00::/39 maxlen: 39
2a14:7581:ee10::/48 maxlen: 48
2a14:7584:a000::/36 maxlen: 36
2a14:7584:b000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:82:23:42:8a:4b:07:4d:f1:03:66:4e:24:2f:7c:f1:2d:b1:99:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Mar 25 18:02:59 2026 GMT
Not After : Mar 24 18:07:59 2027 GMT
Subject: CN=09242BD2103F1CCB47766B606D7B86F6AE16401A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:75:2d:ed:e0:24:47:9f:63:58:1d:ec:66:e2:
90:5d:e1:2b:2d:0e:de:96:93:d8:86:aa:1a:1a:61:
33:a0:68:8c:72:f5:55:e4:6c:8d:ce:d9:80:39:13:
73:ff:dc:ae:8b:59:df:e7:6c:84:e4:e9:99:88:24:
5a:4b:1d:e5:5c:87:93:54:d9:45:f4:47:8c:58:82:
66:ba:7b:d8:49:44:84:56:5e:5d:5c:4a:9f:83:91:
b1:db:82:65:17:49:31:e9:fd:5e:92:f1:d7:d2:e7:
b8:eb:5a:a0:a9:b7:80:03:7e:da:dd:ec:07:be:f9:
05:55:d5:7d:f8:8c:26:6f:43:09:9c:f9:1b:75:b3:
51:61:09:40:a6:32:25:ec:42:4b:ba:f2:65:d8:48:
07:2a:45:13:57:35:fd:7a:06:8d:82:8d:83:a0:c6:
be:78:29:99:62:bc:43:8d:84:e8:48:ab:29:da:91:
b1:50:05:17:3b:66:f5:c2:cb:73:76:59:1d:b5:cd:
f4:0c:ac:c3:1f:69:68:93:8c:67:85:64:5c:41:ae:
45:22:cf:d2:a3:56:e0:4f:31:76:5d:da:4c:40:03:
d0:8e:51:a6:0c:a6:d0:7c:7a:9f:88:1f:e2:80:5e:
23:af:f7:c7:05:f3:2b:16:b1:f1:7e:e8:fa:2d:2e:
0c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:24:2B:D2:10:3F:1C:CB:47:76:6B:60:6D:7B:86:F6:AE:16:40:1A
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:e000::/36
2a14:7584:a000::/35
Signature Algorithm: sha256WithRSAEncryption
79:8f:b5:1e:e1:d5:0b:28:e7:f5:aa:85:a1:d5:0b:00:78:6d:
74:eb:1d:76:84:8f:29:2b:94:9f:b5:25:ca:1a:45:65:23:49:
dc:2a:3d:31:b8:09:08:1e:bc:04:c4:c6:08:b8:8d:ef:eb:ac:
6b:f4:f6:36:47:bf:9d:d0:37:aa:e9:d3:17:f3:84:53:ea:26:
6c:9c:cb:06:c5:21:6e:10:72:bd:cb:52:03:e3:56:86:00:ea:
3e:96:78:d3:d0:fa:fe:87:72:24:0e:b8:a9:15:d8:fd:28:47:
f9:88:0b:b5:84:a9:32:a8:aa:27:aa:5d:53:0b:f7:df:6f:dd:
b8:e5:58:19:20:22:e4:5f:a4:e1:63:3f:b5:94:45:6d:7f:63:
e5:0f:fd:9c:53:af:e8:78:31:d5:a6:72:75:de:1e:8b:5c:ca:
c4:5a:65:41:10:3b:82:06:fb:1f:3b:5a:ec:d3:dd:21:6e:7f:
73:1e:54:f0:59:0f:57:3f:91:27:65:31:7e:73:6e:5c:b3:cb:
1a:1f:59:03:c7:82:6e:44:73:58:7e:ec:3d:7e:74:af:a3:10:
87:ae:8f:b2:e2:5a:f5:38:12:c4:a9:20:da:ad:8a:ed:94:2e:
8f:36:cf:3a:77:bf:27:69:0e:ca:ef:37:10:dc:56:17:d7:6f:
ad:c3:ac:81
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUY4IjQopLB03xA2ZOJC988S2xmW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAzMjUxODAyNTlaFw0yNzAzMjQxODA3NTlaMDMxMTAvBgNV
BAMTKDA5MjQyQkQyMTAzRjFDQ0I0Nzc2NkI2MDZEN0I4NkY2QUUxNjQwMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEdS3t4CRHn2NYHexm4pBd4Sst
Dt6Wk9iGqhoaYTOgaIxy9VXkbI3O2YA5E3P/3K6LWd/nbITk6ZmIJFpLHeVch5NU
2UX0R4xYgma6e9hJRIRWXl1cSp+DkbHbgmUXSTHp/V6S8dfS57jrWqCpt4ADftrd
7Ae++QVV1X34jCZvQwmc+Rt1s1FhCUCmMiXsQku68mXYSAcqRRNXNf16Bo2CjYOg
xr54KZlivEONhOhIqynakbFQBRc7ZvXCy3N2WR21zfQMrMMfaWiTjGeFZFxBrkUi
z9KjVuBPMXZd2kxAA9COUaYMptB8ep+IH+KAXiOv98cF8ysWsfF+6PotLgwtAgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQUCSQr0hA/HMtHdmtgbXuG9q4WQBowHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKhR1
geADBgUqFHWEoDANBgkqhkiG9w0BAQsFAAOCAQEAeY+1HuHVCyjn9aqFodULAHht
dOsddoSPKSuUn7UlyhpFZSNJ3Co9MbgJCB68BMTGCLiN7+usa/T2Nke/ndA3qunT
F/OEU+ombJzLBsUhbhByvctSA+NWhgDqPpZ409D6/odyJA64qRXY/ShH+YgLtYSp
MqiqJ6pdUwv332/duOVYGSAi5F+k4WM/tZRFbX9j5Q/9nFOv6Hgx1aZydd4ei1zK
xFplQRA7ggb7Hzta7NPdIW5/cx5U8FkPVz+RJ2UxfnNuXLPLGh9ZA8eCbkRzWH7s
PX50r6MQh66PsuJa9TgSxKkg2q2K7ZQujzbPOne/J2kOyu83ENxWF9dvrcOsgQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:17:21 2026 by rpki-client