Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200464.roa
File: AS200464.roa (raw, json)
Hash identifier: lCsS6BrDImYCpW71KGF3hzogIOVJzqGvHWlEWM98rEM=
Subject key identifier: 06:4F:DC:5B:D6:2D:A3:7A:45:11:DD:FE:0F:88:17:83:A1:42:A0:13
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 41E952F7B2542502C8B033BFDA02E6A6FBDE5A8C
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200464.roa
Signing time: Wed 04 Mar 2026 20:55:03 +0000
ROA not before: Wed 04 Mar 2026 20:50:03 +0000
ROA not after: Wed 03 Mar 2027 20:55:03 +0000
asID: 200464
IP address blocks: 2a14:7581:ffa::/48 maxlen: 48
2a14:7583:e700::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e9:52:f7:b2:54:25:02:c8:b0:33:bf:da:02:e6:a6:fb:de:5a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Mar 4 20:50:03 2026 GMT
Not After : Mar 3 20:55:03 2027 GMT
Subject: CN=064FDC5BD62DA37A4511DDFE0F881783A142A013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:94:df:06:25:7b:a9:09:61:e1:71:89:3c:da:
19:5d:8c:d4:0b:b3:5f:90:fa:83:0e:23:80:53:da:
3e:d9:43:4b:b3:fc:4b:35:b7:f2:7d:0e:01:9a:ed:
1e:3a:63:c5:66:92:4d:21:53:5e:55:cf:d8:98:27:
bf:77:bd:27:63:5e:11:e0:51:ed:75:7c:e4:7d:7a:
33:f2:a2:7b:f5:bd:54:4c:ab:11:f5:23:ab:62:61:
8b:a2:e5:55:9d:07:b3:b2:2c:9c:6b:a5:df:eb:fa:
2c:c7:3d:d2:40:63:15:a8:ed:34:d5:09:b3:c2:70:
f2:41:40:8f:20:9b:a4:8b:46:e4:01:b4:95:05:e9:
0f:7a:18:82:69:3a:b2:d2:3a:3b:dd:c3:45:86:18:
1a:d3:a8:29:81:51:6e:95:db:04:d9:f5:df:3b:d0:
c7:39:2d:3a:82:32:cf:a8:7c:de:6a:10:52:16:51:
43:37:6e:ad:98:2a:42:9e:06:64:e8:44:39:78:9b:
1b:93:f2:5a:d0:b1:69:3d:3b:d4:7c:09:88:fd:f4:
74:c2:73:0a:b5:11:b5:d9:d1:cf:6f:38:1f:cd:2d:
20:67:85:83:43:7a:05:4d:3a:ea:28:7f:81:be:a9:
e9:0f:24:f8:b9:64:4f:38:b3:29:ad:ed:d4:07:8e:
eb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4F:DC:5B:D6:2D:A3:7A:45:11:DD:FE:0F:88:17:83:A1:42:A0:13
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:ffa::/48
2a14:7583:e700::/40
Signature Algorithm: sha256WithRSAEncryption
9b:c0:39:eb:1a:fc:f9:80:65:8a:69:d9:55:9b:83:32:c3:1f:
9b:0e:2a:2f:33:38:35:4e:2c:03:b7:31:5b:c8:89:20:44:fe:
74:06:eb:a9:67:4c:4c:fc:4c:60:e4:b4:de:15:0a:e7:a1:35:
87:19:8e:40:ce:09:a2:23:09:b5:77:e1:84:75:2c:7c:ba:25:
f0:ec:17:4f:88:03:72:a2:05:7a:4e:2b:e0:8c:55:e9:b4:03:
68:af:6c:03:6d:c1:68:62:bf:79:18:e5:98:a6:1f:04:7d:95:
01:75:91:b8:cb:bb:92:48:36:2c:8e:e4:7a:6c:39:e5:05:4f:
a4:e9:c0:52:6c:17:c9:26:ff:56:18:e7:0b:2e:f7:95:bc:23:
47:4f:f5:8a:56:09:d5:2d:9f:a9:8d:8f:a4:a8:90:75:25:d1:
37:8e:d1:6e:7d:9c:cd:f3:2b:e3:80:0d:50:80:16:14:08:dc:
2f:aa:17:0e:30:7f:ec:db:12:81:f7:7f:47:7d:de:e7:6d:f7:
19:e9:74:ee:0a:a8:20:c4:9d:75:b8:57:b5:ac:c9:ea:a8:38:
80:eb:65:21:1f:61:20:43:81:98:03:f8:0e:c3:43:f3:80:85:
53:79:c8:d5:b9:41:f7:b2:19:ab:32:5f:93:34:56:23:29:f2:
e4:5f:d4:59
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUQelS97JUJQLIsDO/2gLmpvveWowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAzMDQyMDUwMDNaFw0yNzAzMDMyMDU1MDNaMDMxMTAvBgNV
BAMTKDA2NEZEQzVCRDYyREEzN0E0NTExRERGRTBGODgxNzgzQTE0MkEwMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBlN8GJXupCWHhcYk82hldjNQL
s1+Q+oMOI4BT2j7ZQ0uz/Es1t/J9DgGa7R46Y8Vmkk0hU15Vz9iYJ793vSdjXhHg
Ue11fOR9ejPyonv1vVRMqxH1I6tiYYui5VWdB7OyLJxrpd/r+izHPdJAYxWo7TTV
CbPCcPJBQI8gm6SLRuQBtJUF6Q96GIJpOrLSOjvdw0WGGBrTqCmBUW6V2wTZ9d87
0Mc5LTqCMs+ofN5qEFIWUUM3bq2YKkKeBmToRDl4mxuT8lrQsWk9O9R8CYj99HTC
cwq1EbXZ0c9vOB/NLSBnhYNDegVNOuoof4G+qekPJPi5ZE84symt7dQHjuvpAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUBk/cW9Yto3pFEd3+D4gXg6FCoBMwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjAwNDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhR1
gQ/6AwYAKhR1g+cwDQYJKoZIhvcNAQELBQADggEBAJvAOesa/PmAZYpp2VWbgzLD
H5sOKi8zODVOLAO3MVvIiSBE/nQG66lnTEz8TGDktN4VCuehNYcZjkDOCaIjCbV3
4YR1LHy6JfDsF0+IA3KiBXpOK+CMVem0A2ivbANtwWhiv3kY5ZimHwR9lQF1kbjL
u5JINiyO5HpsOeUFT6TpwFJsF8km/1YY5wsu95W8I0dP9YpWCdUtn6mNj6SokHUl
0TeO0W59nM3zK+OADVCAFhQI3C+qFw4wf+zbEoH3f0d93udt9xnpdO4KqCDEnXW4
V7WsyeqoOIDrZSEfYSBDgZgD+A7DQ/OAhVN5yNW5QfeyGasyX5M0ViMp8uRf1Fk=
-----END CERTIFICATE-----
Generated at Fri Mar 6 22:27:17 2026 by rpki-client