Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS206150.roa
File: AS206150.roa (raw, json)
Hash identifier: OR0jm4o2uucjJD/StSpC6i2+MPwvhOA+tWcSg4KZbHE=
Subject key identifier: 2F:DA:5B:01:93:0F:38:C4:C1:97:B4:94:4B:35:0E:0B:8D:28:69:63
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 74643514C1E6B788DE366B8DF82BD7302DACC08A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS206150.roa
Signing time: Wed 14 Jan 2026 15:55:33 +0000
ROA not before: Wed 14 Jan 2026 15:50:33 +0000
ROA not after: Wed 13 Jan 2027 15:55:33 +0000
asID: 206150
IP address blocks: 2a0a:4e80::/32 maxlen: 48
2a0a:4e81::/32 maxlen: 48
2a0a:4e82::/32 maxlen: 48
2a0a:4e83::/32 maxlen: 48
2a0a:4e84::/32 maxlen: 48
2a0a:4e85::/32 maxlen: 48
2a0a:4e86::/32 maxlen: 48
2a0a:4e87::/32 maxlen: 48
2a0a:8e01::/32 maxlen: 48
2a0a:8e02::/32 maxlen: 48
2a0a:8e03::/32 maxlen: 48
2a0a:8e04::/32 maxlen: 48
2a0a:8e05::/32 maxlen: 48
2a0a:8e06::/32 maxlen: 48
2a0a:8e07::/32 maxlen: 48
2a0a:9600::/32 maxlen: 48
2a0a:9601::/32 maxlen: 48
2a0a:9602::/32 maxlen: 48
2a0a:9603::/32 maxlen: 48
2a0a:9604::/32 maxlen: 48
2a0a:9605::/32 maxlen: 48
2a0a:a704::/30 maxlen: 48
2a0a:be01::/32 maxlen: 48
2a0a:be02::/32 maxlen: 48
2a0a:be03::/32 maxlen: 48
2a0a:be04::/32 maxlen: 48
2a0a:be05::/32 maxlen: 48
2a0a:be06::/32 maxlen: 48
2a0a:be07::/32 maxlen: 48
2a0a:d200::/32 maxlen: 48
2a0a:d201::/32 maxlen: 48
2a0a:d202::/32 maxlen: 48
2a0a:d203::/32 maxlen: 48
2a0a:d204::/32 maxlen: 48
2a0a:d205::/32 maxlen: 48
2a0a:d206::/32 maxlen: 48
2a0a:d207::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 11:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:64:35:14:c1:e6:b7:88:de:36:6b:8d:f8:2b:d7:30:2d:ac:c0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 14 15:50:33 2026 GMT
Not After : Jan 13 15:55:33 2027 GMT
Subject: CN=2FDA5B01930F38C4C197B4944B350E0B8D286963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0a:2e:d4:8e:14:a8:be:8d:c5:77:e3:c1:54:
0f:0e:1f:17:16:b8:62:d1:ac:67:e9:57:b6:0d:2c:
3e:b2:b9:fe:a9:9c:3a:a0:3e:5f:61:3c:e1:cf:d8:
20:fa:db:2e:71:ab:85:3c:30:d7:44:0d:16:89:79:
85:8a:0e:ee:44:1d:13:e9:4b:79:b2:99:77:75:65:
ec:94:41:27:b8:a4:14:07:f8:0c:4b:ca:1f:1b:a4:
92:75:b7:6a:25:2b:52:ce:eb:dd:e9:4b:66:f4:b0:
c0:e7:b1:f5:b4:fe:ff:95:2b:10:e0:78:12:55:81:
6f:ce:42:e2:6d:d9:0b:e3:f8:f6:fa:e8:7d:d1:2c:
49:26:80:36:54:e9:e3:a7:0d:0c:ce:8b:0d:4d:4d:
5c:fb:fe:af:b6:93:fe:74:65:62:83:f6:78:bb:7c:
a9:d4:bd:8f:a9:eb:ca:6d:c1:4e:25:d5:bb:84:f4:
f1:fd:0e:7f:12:86:22:c8:1e:6b:79:86:06:ff:4a:
ae:e6:f4:fb:e9:c5:7b:0c:7c:f2:85:3e:3a:a2:37:
92:bc:3f:cc:06:24:6e:5e:ac:fa:d7:1a:92:05:3f:
7d:03:95:6b:44:5d:96:07:60:26:bf:af:4d:0e:c9:
3f:3a:93:55:3a:2b:80:e8:83:84:19:13:91:a4:56:
c7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:DA:5B:01:93:0F:38:C4:C1:97:B4:94:4B:35:0E:0B:8D:28:69:63
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS206150.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:4e80::/29
2a0a:8e01::-2a0a:8e07:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:9600::-2a0a:9605:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:a704::/30
2a0a:be01::-2a0a:be07:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:d200::/29
Signature Algorithm: sha256WithRSAEncryption
aa:37:7d:25:63:31:32:97:95:24:c5:0e:42:0c:60:65:bf:a4:
a2:d8:97:5a:be:6e:87:f3:4b:80:db:d5:eb:c5:6f:24:38:ec:
d7:73:fd:5b:3e:d3:51:e2:ad:ae:c6:53:49:8f:34:05:e9:1c:
8c:a1:fd:76:ed:c7:0f:2f:fb:db:cd:49:e5:1a:0a:01:98:3d:
30:69:35:61:fe:22:a9:ae:0f:d0:94:ee:2f:2f:d3:ca:9e:68:
38:4c:93:fe:cf:75:91:eb:1f:65:02:05:ff:21:83:90:24:a2:
51:56:27:e6:67:7b:0d:9d:f9:07:95:79:4b:56:2a:ad:1e:d9:
f1:a7:d0:73:c4:73:c6:c6:e0:62:8a:f4:d8:6f:64:fe:85:1b:
24:19:4a:28:08:f3:cb:0b:d1:bf:3d:e8:96:1f:f0:f7:9b:0c:
0e:46:8e:8e:b7:0d:7d:20:e6:64:b7:5b:45:d6:c7:a5:4f:17:
91:b7:92:a8:0a:b8:09:2f:01:0a:d8:c9:6b:7c:fc:51:f3:39:
3b:f7:6b:a2:9d:b8:fb:85:ec:c4:84:77:b0:69:d3:26:be:37:
0e:38:c9:f3:a8:03:1d:b3:1b:4e:ad:ec:df:21:3c:61:71:38:
00:07:61:09:4c:47:1d:f0:f2:3e:e9:2e:fa:50:9a:2b:e2:70:
c9:b6:be:64
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUdGQ1FMHmt4jeNmuN+CvXMC2swIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAxMTQxNTUwMzNaFw0yNzAxMTMxNTU1MzNaMDMxMTAvBgNV
BAMTKDJGREE1QjAxOTMwRjM4QzRDMTk3QjQ5NDRCMzUwRTBCOEQyODY5NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWCi7UjhSovo3Fd+PBVA8OHxcW
uGLRrGfpV7YNLD6yuf6pnDqgPl9hPOHP2CD62y5xq4U8MNdEDRaJeYWKDu5EHRPp
S3mymXd1ZeyUQSe4pBQH+AxLyh8bpJJ1t2olK1LO693pS2b0sMDnsfW0/v+VKxDg
eBJVgW/OQuJt2Qvj+Pb66H3RLEkmgDZU6eOnDQzOiw1NTVz7/q+2k/50ZWKD9ni7
fKnUvY+p68ptwU4l1buE9PH9Dn8ShiLIHmt5hgb/Sq7m9PvpxXsMfPKFPjqiN5K8
P8wGJG5erPrXGpIFP30DlWtEXZYHYCa/r00OyT86k1U6K4Dog4QZE5GkVseZAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUL9pbAZMPOMTBl7SUSzUOC40oaWMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA2MTUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAAjBEAwUDKgpO
gDAOAwUAKgqOAQMFAyoKjgAwDQMEASoKlgMFASoKlgQDBQIqCqcEMA4DBQAqCr4B
AwUDKgq+AAMFAyoK0gAwDQYJKoZIhvcNAQELBQADggEBAKo3fSVjMTKXlSTFDkIM
YGW/pKLYl1q+bofzS4Db1evFbyQ47Ndz/Vs+01Hira7GU0mPNAXpHIyh/Xbtxw8v
+9vNSeUaCgGYPTBpNWH+IqmuD9CU7i8v08qeaDhMk/7PdZHrH2UCBf8hg5AkolFW
J+Znew2d+QeVeUtWKq0e2fGn0HPEc8bG4GKK9NhvZP6FGyQZSigI88sL0b896JYf
8PebDA5Gjo63DX0g5mS3W0XWx6VPF5G3kqgKuAkvAQrYyWt8/FHzOTv3a6KduPuF
7MSEd7Bp0ya+Nw44yfOoAx2zG06t7N8hPGFxOAAHYQlMRx3w8j7pLvpQmivicMm2
vmQ=
-----END CERTIFICATE-----
Generated at Mon Feb 23 02:43:52 2026 by rpki-client