Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200236.roa
File: AS200236.roa (raw, json)
Hash identifier: wsW4kPp66lrnQxMvtQb66WReV+MxbBzADJyStIcJBwY=
Subject key identifier: 0D:0B:33:FC:ED:A4:E9:52:D8:AF:6C:81:42:35:D6:12:62:12:27:6E
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 2FC9968F5BFF4459CD0FB87A559DE65D8E0E09E5
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200236.roa
Signing time: Fri 05 Jun 2026 04:29:43 +0000
ROA not before: Fri 05 Jun 2026 04:24:43 +0000
ROA not after: Fri 04 Jun 2027 04:29:43 +0000
asID: 200236
IP address blocks: 2a14:7580:ffed::/48 maxlen: 48
2a14:7583:8000::/36 maxlen: 36
2a14:7584:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:c9:96:8f:5b:ff:44:59:cd:0f:b8:7a:55:9d:e6:5d:8e:0e:09:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 5 04:24:43 2026 GMT
Not After : Jun 4 04:29:43 2027 GMT
Subject: CN=0D0B33FCEDA4E952D8AF6C814235D6126212276E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7f:80:29:f5:de:1a:5f:18:ab:b8:c0:5b:0b:
3a:a8:a1:3a:e4:95:9f:ce:1f:08:ff:90:f9:39:74:
3e:7e:c3:b5:d9:93:4f:10:89:6c:41:df:3c:fc:ff:
05:5c:01:68:7b:f0:d0:ac:12:a7:65:09:64:44:38:
96:8b:37:6e:bd:b3:47:e1:15:57:4a:22:16:13:2c:
88:d4:b3:bd:05:af:3c:04:0c:0d:9f:a4:17:8c:e2:
ab:5b:8f:24:bc:38:2e:61:1a:ff:6f:24:ed:7d:00:
53:1d:93:bd:3b:88:6b:86:dd:d8:b9:50:7d:57:a6:
79:30:fb:2b:1d:12:7a:74:b6:e5:81:be:84:70:81:
96:19:9a:b3:26:1e:8f:d9:27:da:62:d5:45:f3:7f:
a3:89:ff:93:10:6e:28:e4:9e:e3:02:9d:34:09:59:
c3:df:77:30:f2:4c:d0:2f:2f:cf:e6:ce:32:d5:e9:
45:1f:e1:65:db:f0:7a:53:5e:f1:48:c7:2e:c1:58:
0d:87:74:76:b1:cb:27:6d:9b:4e:7b:c5:61:ed:9c:
7e:e9:2f:d4:1e:52:c9:c6:86:60:32:7b:61:96:78:
ae:59:a2:6f:da:5c:bf:6a:e7:aa:0a:63:14:51:8f:
74:a7:a8:0e:6d:88:94:d5:c2:50:98:e1:74:ee:8b:
d5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0B:33:FC:ED:A4:E9:52:D8:AF:6C:81:42:35:D6:12:62:12:27:6E
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ffed::/48
2a14:7583:8000::/36
2a14:7584:c000::/36
Signature Algorithm: sha256WithRSAEncryption
62:71:f6:69:42:ef:18:cf:a2:79:1c:3f:72:a2:c7:5d:3b:89:
88:2e:d1:62:29:b9:06:57:21:35:18:bf:ec:63:f2:32:c5:a2:
fd:25:32:b1:32:af:8a:1c:54:d8:54:5d:07:af:bc:39:6e:1f:
50:89:d3:2b:7b:99:98:38:0a:f9:60:e8:4a:f6:dd:13:21:59:
85:ee:76:bf:18:c5:e1:e7:fb:5f:94:93:8e:82:b1:47:29:f1:
e4:81:7b:4f:f9:a7:30:f7:34:e0:b4:52:22:ac:fe:c2:5f:87:
06:28:47:ed:4c:c5:0f:17:b4:73:78:38:f0:3e:57:ba:68:87:
32:b6:d5:d1:39:ae:ea:b6:3e:23:39:60:8c:1d:6e:d9:a2:5d:
48:71:a2:6a:2d:e2:14:1f:e0:51:08:d1:45:9d:02:11:67:64:
09:25:2d:ce:97:94:28:ea:f0:d6:65:69:4d:29:80:99:b0:0b:
80:3c:7f:37:af:56:b1:40:bc:6d:cb:69:e3:42:de:34:f5:5e:
85:7e:00:1f:61:d2:35:3a:de:13:f4:cd:3f:4c:f4:13:bd:c1:
c9:f7:65:3a:18:ee:80:3e:26:76:be:c2:00:32:37:c8:7f:d7:
9f:cb:43:9c:ca:90:17:46:68:6e:d3:1b:af:09:63:8b:a1:ce:
32:7e:ab:84
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUL8mWj1v/RFnND7h6VZ3mXY4OCeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA2MDUwNDI0NDNaFw0yNzA2MDQwNDI5NDNaMDMxMTAvBgNV
BAMTKDBEMEIzM0ZDRURBNEU5NTJEOEFGNkM4MTQyMzVENjEyNjIxMjI3NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNf4Ap9d4aXxiruMBbCzqooTrk
lZ/OHwj/kPk5dD5+w7XZk08QiWxB3zz8/wVcAWh78NCsEqdlCWREOJaLN269s0fh
FVdKIhYTLIjUs70FrzwEDA2fpBeM4qtbjyS8OC5hGv9vJO19AFMdk707iGuG3di5
UH1Xpnkw+ysdEnp0tuWBvoRwgZYZmrMmHo/ZJ9pi1UXzf6OJ/5MQbijknuMCnTQJ
WcPfdzDyTNAvL8/mzjLV6UUf4WXb8HpTXvFIxy7BWA2HdHaxyydtm057xWHtnH7p
L9QeUsnGhmAye2GWeK5Zom/aXL9q56oKYxRRj3SnqA5tiJTVwlCY4XTui9XrAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUDQsz/O2k6VLYr2yBQjXWEmISJ24wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjAwMjM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcAKhR1
gP/tAwYEKhR1g4ADBgQqFHWEwDANBgkqhkiG9w0BAQsFAAOCAQEAYnH2aULvGM+i
eRw/cqLHXTuJiC7RYim5BlchNRi/7GPyMsWi/SUysTKvihxU2FRdB6+8OW4fUInT
K3uZmDgK+WDoSvbdEyFZhe52vxjF4ef7X5STjoKxRynx5IF7T/mnMPc04LRSIqz+
wl+HBihH7UzFDxe0c3g48D5XumiHMrbV0Tmu6rY+IzlgjB1u2aJdSHGiai3iFB/g
UQjRRZ0CEWdkCSUtzpeUKOrw1mVpTSmAmbALgDx/N69WsUC8bctp40LeNPVehX4A
H2HSNTreE/TNP0z0E73ByfdlOhjugD4mdr7CADI3yH/Xn8tDnMqQF0ZobtMbrwlj
i6HOMn6rhA==
-----END CERTIFICATE-----
Generated at Sat Jun 6 02:29:57 2026 by rpki-client