
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS210202.roa
File: AS210202.roa (raw, json)
Hash identifier: JZtpozIt96iLS10hBGD1lkOGfxw3fulVHm/kftvcaO0=
Subject key identifier: 8B:C7:92:45:4F:11:5A:46:27:4A:83:13:1B:B4:A3:1A:EE:8F:5F:16
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 0DA36565AB47BA6609E16C7C5D194FD8B7DBC0E3
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS210202.roa
Signing time: Fri 26 Jun 2026 08:08:39 +0000
ROA not before: Fri 26 Jun 2026 08:03:39 +0000
ROA not after: Fri 25 Jun 2027 08:08:39 +0000
asID: 210202
IP address blocks: 2a0f:85c1:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 20:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:a3:65:65:ab:47:ba:66:09:e1:6c:7c:5d:19:4f:d8:b7:db:c0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jun 26 08:03:39 2026 GMT
Not After : Jun 25 08:08:39 2027 GMT
Subject: CN=8BC792454F115A46274A83131BB4A31AEE8F5F16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d8:f1:10:bf:8a:97:bb:7e:cc:ed:c6:93:fb:
2a:00:f6:30:26:0b:9a:27:87:7f:d3:9b:51:37:60:
e5:91:8a:8a:05:cd:c8:4e:9d:00:95:a1:8f:e7:e5:
05:a5:c4:90:28:0e:8e:15:43:10:97:6f:db:27:71:
c2:53:cb:e6:dc:f9:fa:32:7f:10:5f:78:1b:33:9e:
4b:f4:41:6a:7a:92:32:ff:f5:30:43:6c:92:a3:3f:
ee:76:75:22:7a:73:01:98:07:73:0d:9d:d0:ad:b4:
2b:a8:c6:57:96:bb:f5:6d:a2:c6:d5:90:df:3f:53:
72:72:d6:28:08:59:dd:c4:b8:5e:bb:ec:0a:96:75:
f2:a9:2f:71:41:08:53:a3:14:31:d1:f4:74:b0:ea:
6f:5f:e0:35:02:5c:16:f0:39:40:cf:12:fa:68:9d:
95:c9:db:3b:f3:2a:72:06:ab:ab:cf:94:ab:de:a9:
bb:66:d6:ca:fc:87:d1:2c:09:74:e7:ce:b8:62:a5:
49:fb:5c:10:98:e2:39:9a:76:37:e2:1e:ef:40:d6:
e4:51:30:6e:c5:55:0f:eb:fe:e2:74:93:06:3a:76:
63:a5:91:2b:01:9d:f1:e4:1b:b9:30:bb:be:b5:67:
f6:05:c1:c0:f0:17:00:c5:fe:ee:b5:ca:ba:fa:ef:
44:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C7:92:45:4F:11:5A:46:27:4A:83:13:1B:B4:A3:1A:EE:8F:5F:16
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS210202.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:50::/48
Signature Algorithm: sha256WithRSAEncryption
8d:95:55:51:e7:7c:92:68:b3:d1:3c:c9:17:ab:cb:8e:a4:e9:
86:d4:5a:35:a6:00:ce:90:7c:c3:b0:68:7e:a5:10:53:13:f0:
4b:ac:0d:a8:cf:84:c7:12:42:30:3a:e8:75:ac:42:62:6b:3e:
f5:80:7e:bb:8f:61:ae:f0:05:eb:32:54:38:d8:20:8b:8a:e0:
0c:e6:5e:81:32:dc:88:6f:32:af:6a:f4:53:7e:4e:2e:c7:b8:
6b:2d:ca:f4:85:3d:c0:2d:6e:5c:e7:9e:ed:cc:33:a1:fa:e5:
23:4b:89:50:8e:c2:6f:8c:79:b5:aa:62:d0:dc:2f:bc:55:85:
cb:d7:e2:d5:72:ad:3d:93:14:0e:6f:ba:a6:8c:e1:df:29:b4:
8d:68:4f:67:7b:ac:97:d7:d9:da:ee:f7:4f:e8:c8:47:d2:9c:
4e:d9:7f:af:3a:ef:6a:e6:ae:89:c5:f9:06:d2:fc:9b:66:3b:
90:21:d2:82:44:53:f5:c5:fa:61:24:5a:2c:fe:1e:3d:94:59:
09:a5:40:a9:55:5e:0a:b0:17:09:ce:c7:6e:23:cd:4d:ee:92:
48:ab:de:c1:43:a3:1f:84:10:02:17:9b:1b:2a:f3:e2:37:7d:
f0:b4:08:b0:86:52:a0:cc:40:3f:58:d9:78:66:de:b1:05:3b:
80:bc:94:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUDaNlZatHumYJ4Wx8XRlP2LfbwOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjA2MjYwODAzMzlaFw0yNzA2MjUwODA4MzlaMDMxMTAvBgNV
BAMTKDhCQzc5MjQ1NEYxMTVBNDYyNzRBODMxMzFCQjRBMzFBRUU4RjVGMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL2PEQv4qXu37M7caT+yoA9jAm
C5onh3/Tm1E3YOWRiooFzchOnQCVoY/n5QWlxJAoDo4VQxCXb9snccJTy+bc+foy
fxBfeBsznkv0QWp6kjL/9TBDbJKjP+52dSJ6cwGYB3MNndCttCuoxleWu/VtosbV
kN8/U3Jy1igIWd3EuF677AqWdfKpL3FBCFOjFDHR9HSw6m9f4DUCXBbwOUDPEvpo
nZXJ2zvzKnIGq6vPlKveqbtm1sr8h9EsCXTnzrhipUn7XBCY4jmadjfiHu9A1uRR
MG7FVQ/r/uJ0kwY6dmOlkSsBnfHkG7kwu761Z/YFwcDwFwDF/u61yrr670QzAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUi8eSRU8RWkYnSoMTG7SjGu6PXxYwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEwMjAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQBQMA0GCSqGSIb3DQEBCwUAA4IBAQCNlVVR53ySaLPRPMkXq8uOpOmG1Fo1pgDO
kHzDsGh+pRBTE/BLrA2oz4THEkIwOuh1rEJiaz71gH67j2Gu8AXrMlQ42CCLiuAM
5l6BMtyIbzKvavRTfk4ux7hrLcr0hT3ALW5c557tzDOh+uUjS4lQjsJvjHm1qmLQ
3C+8VYXL1+LVcq09kxQOb7qmjOHfKbSNaE9ne6yX19na7vdP6MhH0pxO2X+vOu9q
5q6JxfkG0vybZjuQIdKCRFP1xfphJFos/h49lFkJpUCpVV4KsBcJzsduI81N7pJI
q97BQ6MfhBACF5sbKvPiN33wtAiwhlKgzEA/WNl4Zt6xBTuAvJSS
-----END CERTIFICATE-----
Generated at Wed Jul 1 02:35:55 2026 by rpki-client