Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
File: AS204464.roa (raw, json)
Hash identifier: Opqr6ok2QEEJp/StmuSe10DbuFiGjlMcI09Kz3l2WlI=
Subject key identifier: 55:55:54:E8:87:6B:80:A6:C9:F9:19:E1:0D:F5:20:99:47:39:CF:B6
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 5B5A8088386DE7F0481926A56EA6565551FA743B
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
Signing time: Wed 13 May 2026 11:08:33 +0000
ROA not before: Wed 13 May 2026 11:03:33 +0000
ROA not after: Wed 12 May 2027 11:08:33 +0000
asID: 204464
IP address blocks: 2a14:7580:ec00::/40 maxlen: 40
2a14:7581:e000::/44 maxlen: 44
2a14:7581:e010::/44 maxlen: 44
2a14:7581:e020::/44 maxlen: 44
2a14:7581:e030::/44 maxlen: 44
2a14:7581:e040::/44 maxlen: 44
2a14:7581:e050::/44 maxlen: 44
2a14:7581:e060::/44 maxlen: 44
2a14:7581:e070::/44 maxlen: 44
2a14:7581:e080::/44 maxlen: 44
2a14:7581:e090::/44 maxlen: 44
2a14:7581:e0a0::/44 maxlen: 44
2a14:7581:e0b0::/44 maxlen: 44
2a14:7581:e0c0::/44 maxlen: 44
2a14:7581:e0d0::/44 maxlen: 44
2a14:7581:e0e0::/44 maxlen: 44
2a14:7581:e800::/39 maxlen: 39
2a14:7583:e800::/40 maxlen: 40
2a14:7584:a000::/36 maxlen: 36
2a14:7584:b000::/36 maxlen: 36
2a14:7585::/32 maxlen: 32
2a14:7585:b000::/36 maxlen: 36
2a14:7587::/32 maxlen: 32
2a14:7587::/36 maxlen: 36
2a14:7587:1000::/36 maxlen: 36
2a14:7587:2000::/36 maxlen: 36
2a14:7587:3000::/36 maxlen: 36
2a14:7587:4000::/36 maxlen: 36
2a14:7587:5000::/36 maxlen: 36
2a14:7587:6000::/36 maxlen: 36
2a14:7587:7000::/36 maxlen: 36
2a14:7587:8000::/36 maxlen: 36
2a14:7587:9000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 14:33:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:5a:80:88:38:6d:e7:f0:48:19:26:a5:6e:a6:56:55:51:fa:74:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 13 11:03:33 2026 GMT
Not After : May 12 11:08:33 2027 GMT
Subject: CN=555554E8876B80A6C9F919E10DF520994739CFB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:db:6a:45:d3:89:7a:67:25:60:48:1a:3c:ab:
a5:72:f6:89:de:74:5e:56:82:67:94:63:39:eb:a1:
62:6d:07:ea:e6:b7:b9:5e:a5:5c:c3:f7:ab:f3:51:
ab:aa:d8:b1:3d:26:77:06:dd:a7:6b:da:08:5b:36:
66:a1:0a:13:14:5e:b3:ff:46:e3:ed:33:4c:d8:ba:
75:9d:32:89:f9:b2:ec:94:17:bb:ab:bc:b5:b7:d3:
b4:15:70:73:29:a1:85:6c:6c:c1:53:ce:ae:b7:7b:
48:89:93:1c:31:3c:db:cb:f1:de:7e:a8:18:e4:93:
d7:41:c9:1d:30:29:95:e7:d0:cc:61:64:c8:4b:af:
fe:40:73:2d:d7:2e:a8:3b:94:2b:36:82:af:57:aa:
c8:ed:b4:53:e2:be:ba:8b:11:d2:51:4a:39:45:a8:
64:c2:76:0b:e9:1f:0f:37:cc:6a:d8:d0:79:54:32:
90:65:5d:5f:54:a2:d0:a8:55:b0:82:35:60:82:07:
47:e9:80:19:94:36:a6:e9:ba:49:cd:d2:05:9b:08:
41:d0:16:ca:40:72:7e:55:ee:ac:31:4b:9e:6c:42:
52:9a:84:9e:7e:9d:37:34:ab:2c:23:0c:88:bb:1f:
ec:db:ae:d1:db:fb:3d:a2:25:fe:b8:42:e8:4d:cf:
c4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:55:54:E8:87:6B:80:A6:C9:F9:19:E1:0D:F5:20:99:47:39:CF:B6
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ec00::/40
2a14:7581:e000::-2a14:7581:e0ef:ffff:ffff:ffff:ffff:ffff
2a14:7581:e800::/39
2a14:7583:e800::/40
2a14:7584:a000::/35
2a14:7585::/32
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
01:95:35:1e:60:61:31:fd:ce:9b:24:43:15:99:23:76:0f:7b:
f1:81:3f:84:af:45:f4:a7:5d:e2:4c:e2:42:a5:e4:65:02:88:
89:35:7f:4a:2b:12:69:37:e3:7d:02:47:5a:44:6b:4e:d4:4b:
23:63:25:9b:4f:ea:e3:b8:ed:c6:e7:15:ad:4b:e1:d1:53:22:
c1:65:0a:a3:83:64:30:b8:b1:5b:ff:52:26:60:ad:b8:71:7d:
c0:5f:1f:23:bb:56:62:35:fe:9e:1c:99:54:0f:79:47:ad:a4:
4f:67:40:ad:43:83:49:ea:f9:ad:32:f2:9e:ad:65:87:b1:dc:
be:34:01:8a:ff:c6:1b:1d:b5:87:dd:73:58:ec:17:21:8c:70:
ee:e8:78:36:27:28:2b:2c:0b:de:72:72:22:69:50:bc:b4:26:
82:b0:83:79:3c:db:35:7b:e1:e6:25:d2:0c:ce:74:c4:2c:cd:
9b:29:bc:93:43:bc:2f:3f:4f:a9:3d:ec:aa:b8:58:fa:7a:d9:
c3:e5:91:cd:f3:4d:8e:87:d7:98:d3:32:30:9c:52:3f:c9:e1:
ce:a5:bf:4a:04:13:db:83:99:f7:a9:32:7f:c1:5c:44:35:ca:
80:2e:bd:15:7f:29:8b:d1:31:f0:56:cb:1e:4a:5f:01:7a:85:
99:41:0e:b7
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUW1qAiDht5/BIGSalbqZWVVH6dDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MTMxMTAzMzNaFw0yNzA1MTIxMTA4MzNaMDMxMTAvBgNV
BAMTKDU1NTU1NEU4ODc2QjgwQTZDOUY5MTlFMTBERjUyMDk5NDczOUNGQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk22pF04l6ZyVgSBo8q6Vy9one
dF5WgmeUYznroWJtB+rmt7lepVzD96vzUauq2LE9JncG3adr2ghbNmahChMUXrP/
RuPtM0zYunWdMon5suyUF7urvLW307QVcHMpoYVsbMFTzq63e0iJkxwxPNvL8d5+
qBjkk9dByR0wKZXn0MxhZMhLr/5Acy3XLqg7lCs2gq9XqsjttFPivrqLEdJRSjlF
qGTCdgvpHw83zGrY0HlUMpBlXV9UotCoVbCCNWCCB0fpgBmUNqbpuknN0gWbCEHQ
FspAcn5V7qwxS55sQlKahJ5+nTc0qywjDIi7H+zbrtHb+z2iJf64QuhNz8T1AgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUVVVU6IdrgKbJ+RnhDfUgmUc5z7YwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwYAKhR1
gOwwEQMGBSoUdYHgAwcEKhR1geDgAwYBKhR1gegDBgAqFHWD6AMGBSoUdYSgAwUA
KhR1hQMFACoUdYcwDQYJKoZIhvcNAQELBQADggEBAAGVNR5gYTH9zpskQxWZI3YP
e/GBP4SvRfSnXeJM4kKl5GUCiIk1f0orEmk3430CR1pEa07USyNjJZtP6uO47cbn
Fa1L4dFTIsFlCqODZDC4sVv/UiZgrbhxfcBfHyO7VmI1/p4cmVQPeUetpE9nQK1D
g0nq+a0y8p6tZYex3L40AYr/xhsdtYfdc1jsFyGMcO7oeDYnKCssC95yciJpULy0
JoKwg3k82zV74eYl0gzOdMQszZspvJNDvC8/T6k97Kq4WPp62cPlkc3zTY6H15jT
MjCcUj/J4c6lv0oEE9uDmfepMn/BXEQ1yoAuvRV/KYvRMfBWyx5KXwF6hZlBDrc=
-----END CERTIFICATE-----
Generated at Wed May 13 16:08:35 2026 by rpki-client