Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS202673.roa
File: AS202673.roa (raw, json)
Hash identifier: 14hAHz9pyPXNjap2IwVsYpxOZqbmRwShL+z6vrOWOE0=
Subject key identifier: 9B:F2:7F:B2:CF:7B:7A:B6:B4:D3:AE:26:89:B2:F9:BA:8C:06:C2:D5
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 7F86209D4531E5277F83891BAB4AD5190A8047D7
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS202673.roa
Signing time: Sun 19 Apr 2026 08:42:15 +0000
ROA not before: Sun 19 Apr 2026 08:37:15 +0000
ROA not after: Sun 18 Apr 2027 08:42:15 +0000
asID: 202673
IP address blocks: 2a14:7583:f800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Apr 2026 13:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:86:20:9d:45:31:e5:27:7f:83:89:1b:ab:4a:d5:19:0a:80:47:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 19 08:37:15 2026 GMT
Not After : Apr 18 08:42:15 2027 GMT
Subject: CN=9BF27FB2CF7B7AB6B4D3AE2689B2F9BA8C06C2D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4d:a8:b9:87:53:02:e9:39:84:d7:8a:96:ae:
54:87:b1:f4:71:53:4e:35:49:0b:31:92:8c:6d:4c:
10:4e:fd:cd:a0:a0:e2:ed:01:3e:07:32:2e:cc:ab:
c0:5d:bf:1c:7b:7b:c8:01:f6:d0:89:7b:2e:b9:e1:
88:99:39:e9:b3:d5:ee:55:a5:b2:91:8e:ee:15:ef:
5e:e2:bc:26:16:79:59:cd:87:03:a8:9d:e7:71:54:
37:9f:08:6d:e8:d8:8e:2e:d1:fc:cd:97:f8:53:92:
0a:c2:c8:8f:bd:5d:3d:9a:dc:ea:be:f0:bd:0b:bc:
49:25:d9:1d:ad:d3:e7:39:ca:29:cf:25:1b:68:95:
20:f3:37:2c:23:f8:6c:47:75:05:84:b0:a7:19:76:
77:bf:fa:e7:53:27:46:5e:c4:9c:5f:89:c8:22:82:
98:f9:51:42:7d:8f:ee:b4:c6:12:19:79:ea:a4:7e:
98:a4:7a:4e:75:be:55:ee:6f:ae:59:2d:df:86:49:
05:32:d7:c1:b9:92:00:31:d8:b1:1d:c0:63:ce:5a:
47:74:e6:1b:2b:26:0c:ad:d8:6f:83:51:00:7d:c3:
a3:eb:28:8b:3b:06:69:71:e9:91:92:e1:7f:c3:0b:
d7:02:76:59:56:0b:02:67:ad:33:3c:9e:14:d6:75:
7c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F2:7F:B2:CF:7B:7A:B6:B4:D3:AE:26:89:B2:F9:BA:8C:06:C2:D5
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS202673.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7583:f800::/48
Signature Algorithm: sha256WithRSAEncryption
76:7e:14:2b:45:bb:9b:fe:12:67:83:c1:ac:e2:f7:fd:6e:45:
2c:96:2a:37:89:3c:14:a2:d5:30:9f:54:38:4b:8d:6a:d7:c9:
22:47:95:14:c7:9f:2c:e1:d1:24:8f:48:59:58:20:e1:43:e2:
6d:54:ec:f8:48:3a:7b:da:8e:41:69:9e:b9:61:52:b5:d3:5c:
1b:96:28:e5:1c:ae:a9:04:01:06:61:f1:89:79:a1:41:b1:8f:
94:3c:78:5b:aa:c8:4d:95:ba:ec:9e:f5:fd:89:3d:a1:3d:fd:
73:5a:c9:87:5d:70:04:0e:56:f9:a2:df:ef:36:28:d4:d4:58:
30:87:9e:3b:64:90:1e:55:50:a6:cd:91:1f:92:e3:c1:de:bd:
36:d7:69:92:6a:23:da:62:06:5b:96:bd:63:9c:58:1c:fd:e9:
3d:63:50:e4:f6:42:8c:ae:7f:7b:59:f0:5a:af:af:d4:28:13:
fd:2b:c9:6c:9d:1d:86:cc:82:a4:71:7c:32:aa:bc:39:85:ff:
08:f3:ee:70:50:73:47:7a:9e:6a:fd:bf:e9:fa:0a:5d:50:c5:
1b:10:21:ac:2e:98:6c:ac:46:9f:95:54:fb:e0:09:62:83:37:
a3:d4:40:ac:c8:99:aa:93:f5:eb:05:9c:c6:38:6c:c2:1e:9e:
e8:90:7b:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUf4YgnUUx5Sd/g4kbq0rVGQqAR9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MTkwODM3MTVaFw0yNzA0MTgwODQyMTVaMDMxMTAvBgNV
BAMTKDlCRjI3RkIyQ0Y3QjdBQjZCNEQzQUUyNjg5QjJGOUJBOEMwNkMyRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOTai5h1MC6TmE14qWrlSHsfRx
U041SQsxkoxtTBBO/c2goOLtAT4HMi7Mq8Bdvxx7e8gB9tCJey654YiZOemz1e5V
pbKRju4V717ivCYWeVnNhwOonedxVDefCG3o2I4u0fzNl/hTkgrCyI+9XT2a3Oq+
8L0LvEkl2R2t0+c5yinPJRtolSDzNywj+GxHdQWEsKcZdne/+udTJ0ZexJxficgi
gpj5UUJ9j+60xhIZeeqkfpikek51vlXub65ZLd+GSQUy18G5kgAx2LEdwGPOWkd0
5hsrJgyt2G+DUQB9w6PrKIs7Bmlx6ZGS4X/DC9cCdllWCwJnrTM8nhTWdXxtAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUm/J/ss97era0064mibL5uowGwtUwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjAyNjczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
g/gAMA0GCSqGSIb3DQEBCwUAA4IBAQB2fhQrRbub/hJng8Gs4vf9bkUslio3iTwU
otUwn1Q4S41q18kiR5UUx58s4dEkj0hZWCDhQ+JtVOz4SDp72o5BaZ65YVK101wb
lijlHK6pBAEGYfGJeaFBsY+UPHhbqshNlbrsnvX9iT2hPf1zWsmHXXAEDlb5ot/v
NijU1Fgwh547ZJAeVVCmzZEfkuPB3r0212mSaiPaYgZblr1jnFgc/ek9Y1Dk9kKM
rn97WfBar6/UKBP9K8lsnR2GzIKkcXwyqrw5hf8I8+5wUHNHep5q/b/p+gpdUMUb
ECGsLphsrEaflVT74Aligzej1ECsyJmqk/XrBZzGOGzCHp7okHvl
-----END CERTIFICATE-----
Generated at Mon Apr 20 20:58:40 2026 by rpki-client