Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS208437.roa
File: AS208437.roa (raw, json)
Hash identifier: s+tXpb2Ywll6BLPam4dWE3H0EslatKT8xwiYSptj9bo=
Subject key identifier: 4A:67:1D:62:B4:37:2F:17:15:47:BE:66:37:B2:D4:5A:4A:61:87:20
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 481EB30AF7CBE1A8777B8A4B3422F1BD7DA6C882
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS208437.roa
Signing time: Thu 30 Apr 2026 11:44:31 +0000
ROA not before: Thu 30 Apr 2026 11:39:31 +0000
ROA not after: Thu 29 Apr 2027 11:44:31 +0000
asID: 208437
IP address blocks: 2a14:7586:f000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:1e:b3:0a:f7:cb:e1:a8:77:7b:8a:4b:34:22:f1:bd:7d:a6:c8:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 30 11:39:31 2026 GMT
Not After : Apr 29 11:44:31 2027 GMT
Subject: CN=4A671D62B4372F171547BE6637B2D45A4A618720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:23:e8:78:40:45:f3:df:7e:32:c4:9e:5b:d1:
d1:2d:93:dc:f4:9d:98:18:2c:9f:53:4a:4e:f5:14:
98:1a:ba:32:58:48:b4:b3:11:b9:55:06:39:73:ca:
dd:80:08:56:37:63:96:16:51:ae:94:69:ed:60:89:
17:48:44:55:1f:a9:63:1b:0e:16:7a:b4:c2:07:ac:
eb:ef:92:48:8d:3b:b6:0a:21:a5:3f:b8:1a:44:14:
c5:3d:0c:8b:02:dc:01:3c:1b:60:cb:27:a8:52:6c:
67:e8:a7:d7:a1:3b:53:a5:35:8c:37:f1:19:70:db:
e4:98:eb:21:7a:3e:6a:83:b6:1d:a8:6a:01:93:e8:
44:f1:67:10:6c:98:40:f0:a4:0c:96:4f:f0:b8:f4:
7c:69:51:4d:28:0f:56:4a:05:f5:1d:9d:68:a9:b8:
fe:f3:57:f0:38:26:8e:02:40:5e:3e:64:38:82:d2:
05:b2:f1:78:78:ba:59:4d:db:4a:19:7d:db:18:57:
8d:e8:dc:d1:db:cf:fd:ab:cd:12:3c:8b:2e:a6:94:
de:5d:3c:b4:a4:72:60:8f:63:98:a0:74:d8:8a:7d:
f9:9f:66:b6:00:13:95:de:4d:0b:2b:4f:24:0d:ec:
7a:33:34:85:02:fa:a0:99:7f:2b:3d:ba:69:2b:fc:
f6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:67:1D:62:B4:37:2F:17:15:47:BE:66:37:B2:D4:5A:4A:61:87:20
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS208437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7586:f000::/36
Signature Algorithm: sha256WithRSAEncryption
14:bb:43:3d:cb:60:a8:0d:70:3f:83:83:aa:7e:2c:61:eb:22:
c2:47:ef:93:93:3a:8d:57:65:63:65:d6:10:2a:a9:ec:b3:37:
8a:73:92:0a:4c:ea:61:b7:12:39:4e:21:84:ac:8b:f3:15:42:
fe:3a:85:53:54:78:12:4b:66:e0:a6:c4:49:9c:8f:6e:3f:bc:
ba:48:7c:db:91:61:e1:42:63:1a:f9:db:60:73:66:3a:b9:6d:
0d:cb:ae:14:b8:3a:d3:7d:38:f4:98:75:83:d2:e0:ec:05:a4:
6d:35:2c:86:4c:ba:b5:71:e0:09:f8:b4:72:e3:d3:1d:57:54:
e6:12:7c:f8:e9:eb:82:fb:67:94:23:6c:05:15:c3:df:5b:7d:
74:93:45:10:d1:43:92:ce:d9:95:58:8b:e5:1b:53:e1:39:8e:
8a:f0:85:f3:ef:ba:bf:9d:f8:21:34:1f:3d:d3:6d:fa:28:71:
13:11:b9:c8:b1:db:fa:33:69:fd:78:d1:2e:fd:a5:af:50:ee:
0f:e0:01:bd:15:d2:a8:6b:b4:08:d3:34:a8:0d:67:3f:9d:8e:
9c:83:cc:8a:f1:b8:20:08:52:84:b6:72:06:2b:bc:3e:35:d9:
78:1a:d0:c8:d5:33:fd:cd:9e:3b:ff:ee:fc:45:c4:4a:7a:d0:
f9:83:67:a2
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUSB6zCvfL4ah3e4pLNCLxvX2myIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MzAxMTM5MzFaFw0yNzA0MjkxMTQ0MzFaMDMxMTAvBgNV
BAMTKDRBNjcxRDYyQjQzNzJGMTcxNTQ3QkU2NjM3QjJENDVBNEE2MTg3MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiI+h4QEXz334yxJ5b0dEtk9z0
nZgYLJ9TSk71FJgaujJYSLSzEblVBjlzyt2ACFY3Y5YWUa6Uae1giRdIRFUfqWMb
DhZ6tMIHrOvvkkiNO7YKIaU/uBpEFMU9DIsC3AE8G2DLJ6hSbGfop9ehO1OlNYw3
8Rlw2+SY6yF6PmqDth2oagGT6ETxZxBsmEDwpAyWT/C49HxpUU0oD1ZKBfUdnWip
uP7zV/A4Jo4CQF4+ZDiC0gWy8Xh4ullN20oZfdsYV43o3NHbz/2rzRI8iy6mlN5d
PLSkcmCPY5igdNiKffmfZrYAE5XeTQsrTyQN7HozNIUC+qCZfys9umkr/PbVAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUSmcdYrQ3LxcVR75mN7LUWkphhyAwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA4NDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1
hvAwDQYJKoZIhvcNAQELBQADggEBABS7Qz3LYKgNcD+Dg6p+LGHrIsJH75OTOo1X
ZWNl1hAqqeyzN4pzkgpM6mG3EjlOIYSsi/MVQv46hVNUeBJLZuCmxEmcj24/vLpI
fNuRYeFCYxr522BzZjq5bQ3LrhS4OtN9OPSYdYPS4OwFpG01LIZMurVx4An4tHLj
0x1XVOYSfPjp64L7Z5QjbAUVw99bfXSTRRDRQ5LO2ZVYi+UbU+E5jorwhfPvur+d
+CE0Hz3TbfoocRMRucix2/ozaf140S79pa9Q7g/gAb0V0qhrtAjTNKgNZz+djpyD
zIrxuCAIUoS2cgYrvD412Xga0MjVM/3Nnjv/7vxFxEp60PmDZ6I=
-----END CERTIFICATE-----
Generated at Tue May 12 23:09:00 2026 by rpki-client