Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS216296.roa
File: AS216296.roa (raw, json)
Hash identifier: wNAxeSDfpcvhSDtYCbDo1DqXms0EKysR5RRV74H+eAY=
Subject key identifier: 2E:7A:56:3F:78:BA:6C:25:38:C5:61:90:83:75:CD:8C:B6:69:44:46
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 65C14A8C1ACFD214E478D685C70C0D6A08150EC7
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS216296.roa
Signing time: Tue 28 Apr 2026 16:35:27 +0000
ROA not before: Tue 28 Apr 2026 16:30:27 +0000
ROA not after: Tue 27 Apr 2027 16:35:27 +0000
asID: 216296
IP address blocks: 2a14:7585:1000::/48 maxlen: 48
2a14:7585:3000::/48 maxlen: 48
2a14:7585:d100::/44 maxlen: 44
2a14:7585:e000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:c1:4a:8c:1a:cf:d2:14:e4:78:d6:85:c7:0c:0d:6a:08:15:0e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 28 16:30:27 2026 GMT
Not After : Apr 27 16:35:27 2027 GMT
Subject: CN=2E7A563F78BA6C2538C561908375CD8CB6694446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:17:ae:e1:e1:be:4e:31:ee:f1:62:2c:4b:e7:
f3:d1:da:81:e3:13:7b:e1:a0:a6:1f:ac:7a:63:fb:
4a:97:93:1e:47:af:b6:b5:66:64:b3:b9:b2:dc:a1:
c4:1f:0f:c1:f7:36:b6:11:21:59:f6:b0:e8:42:78:
a8:4c:bb:c1:56:3a:51:d7:cb:ae:84:3e:12:ec:c0:
2f:03:a9:c4:e6:2b:16:a9:34:a7:36:9b:e0:13:f8:
33:be:d9:70:d3:b5:5e:85:2a:20:34:ff:a2:d5:dd:
a2:ec:8e:f2:23:10:2f:42:f4:d5:98:ee:8f:cc:24:
1b:7b:0f:eb:be:11:8a:7b:d8:0e:8b:7a:77:e5:cb:
6a:a9:03:30:29:2f:1a:64:cd:86:04:f1:c6:cf:ba:
2c:42:6c:28:df:2c:43:20:75:86:ee:85:5c:9a:8f:
16:8e:d9:8c:4d:3e:56:b9:5a:bf:6d:a1:e8:33:4e:
59:0d:43:6a:22:65:96:4c:5b:90:3d:2c:f1:0e:62:
a6:f3:2f:c9:71:41:0b:84:90:07:5c:81:6a:8d:1f:
29:a4:1c:f0:f7:fa:44:31:30:7b:9d:fe:bc:ee:fa:
5e:5d:b1:37:0c:7b:21:d4:57:d0:09:cc:5b:e9:ef:
8c:fa:0d:80:a9:f3:09:1a:52:ea:2f:57:8e:2d:3b:
85:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:7A:56:3F:78:BA:6C:25:38:C5:61:90:83:75:CD:8C:B6:69:44:46
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS216296.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7585:1000::/48
2a14:7585:3000::/48
2a14:7585:d100::/44
2a14:7585:e000::/36
Signature Algorithm: sha256WithRSAEncryption
8f:82:14:48:e9:30:ce:7d:ac:e7:8f:08:be:e5:70:64:74:d6:
9f:68:f3:90:ad:1c:36:ae:18:c7:71:71:44:0d:36:b4:f7:7d:
1d:34:f0:62:43:5a:9c:6a:4f:72:1b:21:34:6d:f5:b1:a1:c0:
02:d7:aa:de:05:9e:62:d3:f4:65:0d:c0:64:3a:46:9e:38:1a:
ac:6d:7d:12:01:6e:15:16:73:cd:4d:15:3e:2f:f2:7f:a1:81:
dd:c8:f3:c0:c5:f6:7e:2b:d4:73:00:bd:8b:51:cb:30:b9:a6:
fe:9a:5d:a0:75:19:3e:4e:06:c3:a1:20:58:cc:b6:6c:24:16:
fc:c4:d5:c1:3e:55:30:d4:83:bb:7f:a8:92:ea:71:90:0d:7f:
1b:cc:34:56:1e:44:8f:0f:43:1f:18:ac:be:85:9b:76:c4:76:
87:90:48:a9:bb:ec:3e:2c:49:dd:e0:8e:11:02:5c:b4:c0:54:
28:50:12:8f:ef:ee:eb:0b:14:c2:6d:a6:b6:3e:dd:19:06:cb:
64:13:8c:6c:35:de:ed:a4:19:be:7d:76:78:75:25:c5:3f:b8:
96:df:de:ec:8f:8d:5b:47:3e:1c:4f:13:ca:73:9d:1a:f5:e0:
f9:ae:96:ab:96:19:4d:8e:b0:72:a9:3f:80:7d:69:f1:17:3f:
bc:4d:0d:8b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUZcFKjBrP0hTkeNaFxwwNaggVDscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MjgxNjMwMjdaFw0yNzA0MjcxNjM1MjdaMDMxMTAvBgNV
BAMTKDJFN0E1NjNGNzhCQTZDMjUzOEM1NjE5MDgzNzVDRDhDQjY2OTQ0NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLF67h4b5OMe7xYixL5/PR2oHj
E3vhoKYfrHpj+0qXkx5Hr7a1ZmSzubLcocQfD8H3NrYRIVn2sOhCeKhMu8FWOlHX
y66EPhLswC8DqcTmKxapNKc2m+AT+DO+2XDTtV6FKiA0/6LV3aLsjvIjEC9C9NWY
7o/MJBt7D+u+EYp72A6Lenfly2qpAzApLxpkzYYE8cbPuixCbCjfLEMgdYbuhVya
jxaO2YxNPla5Wr9toegzTlkNQ2oiZZZMW5A9LPEOYqbzL8lxQQuEkAdcgWqNHymk
HPD3+kQxMHud/rzu+l5dsTcMeyHUV9AJzFvp74z6DYCp8wkaUuovV44tO4VDAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQULnpWP3i6bCU4xWGQg3XNjLZpREYwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE2Mjk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwcAKhR1
hRAAAwcAKhR1hTAAAwcEKhR1hdEAAwYEKhR1heAwDQYJKoZIhvcNAQELBQADggEB
AI+CFEjpMM59rOePCL7lcGR01p9o85CtHDauGMdxcUQNNrT3fR008GJDWpxqT3Ib
ITRt9bGhwALXqt4FnmLT9GUNwGQ6Rp44GqxtfRIBbhUWc81NFT4v8n+hgd3I88DF
9n4r1HMAvYtRyzC5pv6aXaB1GT5OBsOhIFjMtmwkFvzE1cE+VTDUg7t/qJLqcZAN
fxvMNFYeRI8PQx8YrL6Fm3bEdoeQSKm77D4sSd3gjhECXLTAVChQEo/v7usLFMJt
prY+3RkGy2QTjGw13u2kGb59dnh1JcU/uJbf3uyPjVtHPhxPE8pznRr14PmulquW
GU2OsHKpP4B9afEXP7xNDYs=
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:55 2026 by rpki-client