Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa
File: AS206540.roa (raw, json)
Hash identifier: PdrDKZ5fJfROrwpz18bZOWXCcpmSisgv5/AWJZd48Fg=
Subject key identifier: 68:42:F8:33:90:45:9F:E0:AE:45:D3:9D:93:95:51:26:6A:C7:B0:6D
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 09DC8E297254E9C189804BE45653840CD1240B56
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa
Signing time: Mon 11 May 2026 11:43:08 +0000
ROA not before: Mon 11 May 2026 11:38:08 +0000
ROA not after: Mon 10 May 2027 11:43:08 +0000
asID: 206540
IP address blocks: 2a14:7580:ffb0::/44 maxlen: 48
2a14:7580:ffc0::/44 maxlen: 48
2a14:7583:ff10::/44 maxlen: 48
2a14:7583:ff30::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:dc:8e:29:72:54:e9:c1:89:80:4b:e4:56:53:84:0c:d1:24:0b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 11 11:38:08 2026 GMT
Not After : May 10 11:43:08 2027 GMT
Subject: CN=6842F83390459FE0AE45D39D939551266AC7B06D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1f:39:28:95:f5:63:7f:54:71:d5:f7:00:e9:
01:30:94:70:69:f5:4d:a5:ca:aa:9b:d9:3a:6b:d2:
55:9e:7f:90:28:90:14:fc:27:9e:96:5c:f8:b7:e8:
21:cb:77:83:e8:8f:e1:22:82:1e:c3:21:15:38:dc:
2e:17:3f:e0:4c:67:7a:a4:de:e3:24:6d:d5:f3:92:
03:1e:47:45:2b:71:61:93:41:66:e5:50:ec:ab:8d:
82:b3:ab:91:00:05:68:8e:23:2c:e3:26:58:95:45:
29:b1:c9:20:c8:a0:41:e5:46:52:65:c8:f7:5c:38:
76:60:4f:ee:2d:d3:23:40:28:fc:5e:e5:e7:c7:22:
c8:d3:a1:fe:26:98:10:e3:1d:0d:9a:86:c2:87:fe:
33:5a:6a:4e:d5:2e:82:4e:db:42:94:47:16:f8:8c:
0f:dc:38:d4:c8:dd:39:93:ef:f4:fb:8a:cb:26:d0:
9b:69:61:12:11:f8:c7:06:3a:a3:0d:ce:3b:a2:80:
04:5b:62:d2:5d:a4:62:6d:ef:80:c2:48:24:51:05:
d4:75:73:e8:74:c1:8c:ce:9f:7d:0d:52:62:2a:fd:
c8:71:e9:85:64:e3:d7:4e:78:18:df:1a:75:f3:ff:
92:5f:1e:f9:9c:a9:ce:6d:59:7a:8f:d4:24:c0:fd:
8e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:42:F8:33:90:45:9F:E0:AE:45:D3:9D:93:95:51:26:6A:C7:B0:6D
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ffb0::-2a14:7580:ffcf:ffff:ffff:ffff:ffff:ffff
2a14:7583:ff10::/44
2a14:7583:ff30::/44
Signature Algorithm: sha256WithRSAEncryption
25:48:13:c6:f1:8f:26:59:17:02:2e:a0:5e:dc:dd:bb:6d:6f:
44:ce:68:bd:7c:e4:4f:96:50:2f:74:f3:7c:4c:5b:ae:e8:ff:
12:c5:94:0d:49:d8:70:3c:58:07:51:60:3c:80:bf:b9:f3:b5:
7f:6b:5a:36:9d:f3:5d:da:86:9b:9b:2e:ab:b8:3c:4c:46:a9:
fe:8b:a0:97:79:25:67:e7:5e:9b:65:fb:32:48:00:bf:9c:8a:
38:f4:93:47:28:22:8a:9d:73:bf:c7:4f:58:1d:1b:f7:0e:b9:
d4:40:67:a7:fc:c7:39:de:52:54:1b:43:c7:2d:c5:a2:05:71:
c5:3e:d6:f6:eb:01:a9:d0:7e:16:2c:34:07:48:6e:37:04:22:
0c:8b:34:d8:2e:fe:4a:c1:40:c6:4b:94:24:77:81:26:1c:00:
66:27:f5:e7:8b:0f:70:50:7a:77:cd:3a:e4:da:86:7c:26:3d:
b1:a7:e9:91:22:9f:78:f8:dc:ed:b4:8d:f4:a8:9d:26:3a:07:
44:83:25:ed:91:6b:7b:2d:43:d2:9e:35:83:8e:ca:ad:b1:d5:
92:72:9f:16:50:fd:a4:3c:f1:9a:b4:ec:c4:35:46:11:42:c2:
e2:c4:5d:23:76:75:b0:9b:10:bb:84:f6:b8:c8:a3:8f:88:1f:
5f:bc:fa:8a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUCdyOKXJU6cGJgEvkVlOEDNEkC1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MTExMTM4MDhaFw0yNzA1MTAxMTQzMDhaMDMxMTAvBgNV
BAMTKDY4NDJGODMzOTA0NTlGRTBBRTQ1RDM5RDkzOTU1MTI2NkFDN0IwNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpHzkolfVjf1Rx1fcA6QEwlHBp
9U2lyqqb2Tpr0lWef5AokBT8J56WXPi36CHLd4Poj+Eigh7DIRU43C4XP+BMZ3qk
3uMkbdXzkgMeR0UrcWGTQWblUOyrjYKzq5EABWiOIyzjJliVRSmxySDIoEHlRlJl
yPdcOHZgT+4t0yNAKPxe5efHIsjTof4mmBDjHQ2ahsKH/jNaak7VLoJO20KURxb4
jA/cONTI3TmT7/T7issm0JtpYRIR+McGOqMNzjuigARbYtJdpGJt74DCSCRRBdR1
c+h0wYzOn30NUmIq/chx6YVk49dOeBjfGnXz/5JfHvmcqc5tWXqP1CTA/Y6VAgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQUaEL4M5BFn+CuRdOdk5VRJmrHsG0wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA2NTQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwQq
FHWA/7ADBwQqFHWA/8ADBwQqFHWD/xADBwQqFHWD/zAwDQYJKoZIhvcNAQELBQAD
ggEBACVIE8bxjyZZFwIuoF7c3bttb0TOaL185E+WUC9083xMW67o/xLFlA1J2HA8
WAdRYDyAv7nztX9rWjad813ahpubLqu4PExGqf6LoJd5JWfnXptl+zJIAL+cijj0
k0coIoqdc7/HT1gdG/cOudRAZ6f8xzneUlQbQ8ctxaIFccU+1vbrAanQfhYsNAdI
bjcEIgyLNNgu/krBQMZLlCR3gSYcAGYn9eeLD3BQenfNOuTahnwmPbGn6ZEin3j4
3O20jfSonSY6B0SDJe2Ra3stQ9KeNYOOyq2x1ZJynxZQ/aQ88Zq07MQ1RhFCwuLE
XSN2dbCbELuE9rjIo4+IH1+8+oo=
-----END CERTIFICATE-----
Generated at Tue May 12 22:22:52 2026 by rpki-client