Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS212895.roa
File: AS212895.roa (raw, json)
Hash identifier: YOHggUviqKv5fNykNUkaeKKG4O1ZWvxxZ/vw/WW/n+E=
Subject key identifier: B8:11:02:A5:DB:AE:03:B6:2A:A9:50:6E:3E:D6:B9:5D:75:58:7B:A4
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 0CB49C47749AE8EFE22C4C28B1584DE783509BE9
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS212895.roa
Signing time: Fri 20 Mar 2026 15:50:33 +0000
ROA not before: Fri 20 Mar 2026 15:45:33 +0000
ROA not after: Fri 19 Mar 2027 15:50:33 +0000
asID: 212895
IP address blocks: 2a14:7583:ea00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:06:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:b4:9c:47:74:9a:e8:ef:e2:2c:4c:28:b1:58:4d:e7:83:50:9b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Mar 20 15:45:33 2026 GMT
Not After : Mar 19 15:50:33 2027 GMT
Subject: CN=B81102A5DBAE03B62AA9506E3ED6B95D75587BA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3b:f6:18:0d:58:0f:c0:14:1d:0e:26:f7:77:
fb:68:7f:34:1a:48:0e:44:00:ff:26:81:b4:ba:05:
a6:03:d7:0a:ed:11:b9:ef:d4:44:32:ce:be:f2:30:
a7:d2:67:22:ee:0d:dc:9e:45:30:3d:82:5d:9d:6f:
2c:46:c4:10:28:2c:20:70:03:9b:72:f1:a2:be:6e:
3e:43:f1:4b:0c:08:3f:09:35:d0:b7:0a:4c:b1:64:
e4:01:6f:51:91:a6:6b:44:dd:5a:6d:14:61:7e:35:
bf:c7:af:aa:b5:d1:82:5a:f7:bb:9a:14:95:64:0e:
3b:0f:71:da:88:43:ea:04:4b:0f:a3:a4:5b:58:5f:
d8:b3:21:96:e9:29:0f:fd:e9:9c:8d:06:cc:83:bd:
2e:2f:88:22:88:9e:e5:e4:36:ae:03:0e:95:f5:d1:
e9:13:96:ba:c0:c5:07:75:36:f4:b7:52:69:e1:51:
f7:bf:93:6f:12:9e:6d:9b:ef:98:d8:92:75:61:23:
8c:43:c3:13:cc:11:28:8f:8f:e9:06:3e:38:ab:b2:
26:72:a4:43:e7:56:8d:fe:b6:e3:c6:2e:6e:dd:97:
82:d3:63:da:87:1c:c8:4a:5f:5d:f4:d2:83:6e:0e:
3f:19:eb:ae:58:27:48:e5:7c:cf:9b:47:38:80:4d:
87:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:11:02:A5:DB:AE:03:B6:2A:A9:50:6E:3E:D6:B9:5D:75:58:7B:A4
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS212895.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7583:ea00::/40
Signature Algorithm: sha256WithRSAEncryption
85:32:2f:bd:79:89:10:f1:cf:f8:64:ba:a0:b5:7f:e7:f9:04:
9c:01:c4:2b:a8:b7:a3:07:55:59:59:22:ed:35:d8:05:47:02:
1c:95:2f:eb:6f:d9:26:68:98:cc:a2:21:e6:e7:50:4c:6a:4b:
3d:ae:df:ca:e7:42:d3:c6:56:85:b8:9b:5c:ba:dd:30:13:4a:
b8:07:64:cd:d2:5e:4b:3d:ae:cb:ac:0a:89:d9:67:fb:b4:39:
ce:5e:68:6f:ac:4b:b4:5a:6c:83:93:88:be:03:f7:2d:91:d7:
32:6e:0f:59:06:00:a7:02:15:53:5b:c5:b8:e3:ef:b7:17:b2:
00:72:5f:de:5a:43:a9:92:c7:8e:48:f8:63:42:e4:d9:6d:07:
d1:26:32:c1:45:b1:2b:d4:9e:10:99:5e:f7:29:9c:82:51:14:
54:ca:2f:39:91:91:12:b6:33:fe:fa:81:42:02:fb:7d:84:fd:
95:6a:35:cf:84:8e:9c:a2:49:c2:ac:df:0c:9d:14:c9:8a:35:
0c:91:6e:e5:af:84:ed:71:04:45:2e:ba:50:ea:4f:2a:86:86:
21:a3:bf:9b:a2:ad:79:1f:0e:96:2f:59:44:6f:6f:ad:28:c0:
8a:62:e0:a8:c4:6a:db:eb:6e:40:b1:53:c3:44:cf:62:7e:b0:
5a:ed:a8:2b
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUDLScR3Sa6O/iLEwosVhN54NQm+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAzMjAxNTQ1MzNaFw0yNzAzMTkxNTUwMzNaMDMxMTAvBgNV
BAMTKEI4MTEwMkE1REJBRTAzQjYyQUE5NTA2RTNFRDZCOTVENzU1ODdCQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5O/YYDVgPwBQdDib3d/tofzQa
SA5EAP8mgbS6BaYD1wrtEbnv1EQyzr7yMKfSZyLuDdyeRTA9gl2dbyxGxBAoLCBw
A5ty8aK+bj5D8UsMCD8JNdC3CkyxZOQBb1GRpmtE3VptFGF+Nb/Hr6q10YJa97ua
FJVkDjsPcdqIQ+oESw+jpFtYX9izIZbpKQ/96ZyNBsyDvS4viCKInuXkNq4DDpX1
0ekTlrrAxQd1NvS3UmnhUfe/k28Snm2b75jYknVhI4xDwxPMESiPj+kGPjirsiZy
pEPnVo3+tuPGLm7dl4LTY9qHHMhKX1300oNuDj8Z665YJ0jlfM+bRziATYelAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUuBECpduuA7YqqVBuPta5XXVYe6QwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjEyODk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1
g+owDQYJKoZIhvcNAQELBQADggEBAIUyL715iRDxz/hkuqC1f+f5BJwBxCuot6MH
VVlZIu012AVHAhyVL+tv2SZomMyiIebnUExqSz2u38rnQtPGVoW4m1y63TATSrgH
ZM3SXks9rsusConZZ/u0Oc5eaG+sS7RabIOTiL4D9y2R1zJuD1kGAKcCFVNbxbjj
77cXsgByX95aQ6mSx45I+GNC5NltB9EmMsFFsSvUnhCZXvcpnIJRFFTKLzmRkRK2
M/76gUIC+32E/ZVqNc+EjpyiScKs3wydFMmKNQyRbuWvhO1xBEUuulDqTyqGhiGj
v5uirXkfDpYvWURvb60owIpi4KjEatvrbkCxU8NEz2J+sFrtqCs=
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:04:23 2026 by rpki-client