Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS205733.roa
File: AS205733.roa (raw, json)
Hash identifier: wf8MqPqUa3hXtDWn0TiYnyQ8UnjJzLK9YqXefp3B8TI=
Subject key identifier: 34:0E:C8:9D:76:95:C0:1F:47:72:A0:C9:91:C5:33:82:68:82:14:0B
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 7CBC75D49AE57B4C3DB64FEBC5C0EB94835612AE
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS205733.roa
Signing time: Wed 13 May 2026 09:52:19 +0000
ROA not before: Wed 13 May 2026 09:47:19 +0000
ROA not after: Wed 12 May 2027 09:52:19 +0000
asID: 205733
IP address blocks: 31.40.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:bc:75:d4:9a:e5:7b:4c:3d:b6:4f:eb:c5:c0:eb:94:83:56:12:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: May 13 09:47:19 2026 GMT
Not After : May 12 09:52:19 2027 GMT
Subject: CN=340EC89D7695C01F4772A0C991C533826882140B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:56:16:f3:75:ff:0b:58:70:b5:df:c9:78:4a:
17:84:03:a8:32:8e:a0:08:93:37:3d:1c:86:8d:6a:
c2:71:01:ac:da:81:df:92:0e:2a:24:94:40:3f:68:
a9:33:cc:aa:71:64:91:52:93:39:e9:b4:cc:6c:43:
d7:e2:fb:9e:a6:92:52:35:3b:fe:f8:8c:bb:4c:57:
74:87:3f:86:1a:8e:91:b6:ec:7a:bf:94:23:ce:b6:
87:1f:54:29:7d:0d:3b:2e:89:1f:0c:17:6d:25:62:
c1:d9:b0:ad:3a:4b:67:18:2f:b4:4f:f8:65:38:11:
8f:d9:38:91:16:a3:07:ff:ad:a7:93:b4:5e:14:77:
75:1a:e3:b0:0b:45:99:06:f0:66:15:7f:58:ac:06:
9a:58:c2:f0:8d:ad:dd:ec:8e:27:90:0f:7e:d9:b6:
11:ce:35:93:f9:a7:70:a8:34:15:8c:0d:6b:88:b1:
8e:89:3c:42:54:ab:c0:c9:d6:8a:1f:55:5f:f9:87:
76:47:f3:27:ad:42:a2:0a:d9:80:8c:a3:a9:85:79:
a5:67:32:f8:0c:1f:e7:73:8d:e5:11:46:84:43:42:
79:f4:5b:f7:c1:5c:9d:88:e1:cd:69:4f:7b:2a:a3:
5d:0c:e5:71:42:a0:c1:7d:cc:44:c3:81:3f:9e:c0:
99:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0E:C8:9D:76:95:C0:1F:47:72:A0:C9:91:C5:33:82:68:82:14:0B
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS205733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/24
Signature Algorithm: sha256WithRSAEncryption
59:89:31:2b:53:e0:bc:95:cb:c2:b1:4f:b4:7f:24:dc:79:8c:
16:5c:6d:cf:7d:93:62:32:b4:06:78:8c:cd:8a:20:ea:46:d4:
1d:9e:25:33:9b:e2:ca:9a:a3:2d:6e:d5:29:41:f7:3d:66:36:
da:06:70:4e:a4:d1:02:3f:b9:c2:72:7d:30:63:6e:cb:b7:93:
b8:9d:0e:64:a1:29:20:af:af:58:06:02:4b:15:60:db:da:d5:
1c:d0:85:d9:95:a1:5a:4c:06:cf:1c:d9:05:4d:5b:8c:54:61:
8c:ff:41:a1:95:06:22:ec:7d:ff:6b:e8:b5:85:68:9f:8f:20:
94:ce:92:de:85:99:3b:f6:cb:c5:94:53:7a:f6:ad:13:fe:cc:
4f:cc:68:32:81:3c:f4:f0:d2:6e:c6:dd:bb:ba:f2:9f:1c:f5:
99:e2:55:62:68:7e:8b:c9:0d:99:34:48:66:53:25:8f:59:62:
fc:0f:9b:c4:cc:45:e3:3a:b1:71:61:7a:c4:cd:6a:cb:e9:cb:
fd:05:83:1e:1d:63:e3:92:21:9e:e7:7a:32:cd:90:4a:79:e1:
cb:fd:d2:85:72:68:54:81:80:14:a7:64:96:b2:2b:75:e9:f0:
08:d3:7e:ac:e2:ac:4f:ad:98:fa:bd:28:7c:9e:4f:1d:98:90:
87:d8:23:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfLx11Jrle0w9tk/rxcDrlINWEq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA1MTMwOTQ3MTlaFw0yNzA1MTIwOTUyMTlaMDMxMTAvBgNV
BAMTKDM0MEVDODlENzY5NUMwMUY0NzcyQTBDOTkxQzUzMzgyNjg4MjE0MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Vhbzdf8LWHC138l4SheEA6gy
jqAIkzc9HIaNasJxAazagd+SDioklEA/aKkzzKpxZJFSkznptMxsQ9fi+56mklI1
O/74jLtMV3SHP4YajpG27Hq/lCPOtocfVCl9DTsuiR8MF20lYsHZsK06S2cYL7RP
+GU4EY/ZOJEWowf/raeTtF4Ud3Ua47ALRZkG8GYVf1isBppYwvCNrd3sjieQD37Z
thHONZP5p3CoNBWMDWuIsY6JPEJUq8DJ1oofVV/5h3ZH8yetQqIK2YCMo6mFeaVn
MvgMH+dzjeURRoRDQnn0W/fBXJ2I4c1pT3sqo10M5XFCoMF9zETDgT+ewJmLAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUNA7InXaVwB9HcqDJkcUzgmiCFAswHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjA1NzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyjE
MA0GCSqGSIb3DQEBCwUAA4IBAQBZiTErU+C8lcvCsU+0fyTceYwWXG3PfZNiMrQG
eIzNiiDqRtQdniUzm+LKmqMtbtUpQfc9ZjbaBnBOpNECP7nCcn0wY27Lt5O4nQ5k
oSkgr69YBgJLFWDb2tUc0IXZlaFaTAbPHNkFTVuMVGGM/0GhlQYi7H3/a+i1hWif
jyCUzpLehZk79svFlFN69q0T/sxPzGgygTz08NJuxt27uvKfHPWZ4lViaH6LyQ2Z
NEhmUyWPWWL8D5vEzEXjOrFxYXrEzWrL6cv9BYMeHWPjkiGe53oyzZBKeeHL/dKF
cmhUgYAUp2SWsit16fAI036s4qxPrZj6vSh8nk8dmJCH2CPj
-----END CERTIFICATE-----
Generated at Wed May 13 11:25:14 2026 by rpki-client