Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS212027.roa
File: AS212027.roa (raw, json)
Hash identifier: Bk+EmMJc7AXTLOBF00XBWToO3C5cgdzA4jzqJJ8Vu4w=
Subject key identifier: B1:19:6A:A7:60:80:51:34:3E:AF:7F:61:9F:4E:DD:13:F0:4F:ED:BE
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 7F2A089B89B8031EBB90190D3B53231B2264677C
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS212027.roa
Signing time: Wed 13 May 2026 11:16:04 +0000
ROA not before: Wed 13 May 2026 11:11:04 +0000
ROA not after: Wed 12 May 2027 11:16:04 +0000
asID: 212027
IP address blocks: 2a14:7580:ff60::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:2a:08:9b:89:b8:03:1e:bb:90:19:0d:3b:53:23:1b:22:64:67:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 13 11:11:04 2026 GMT
Not After : May 12 11:16:04 2027 GMT
Subject: CN=B1196AA7608051343EAF7F619F4EDD13F04FEDBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ca:e1:02:e1:b6:c4:fe:81:b8:c0:6e:b2:0d:
75:c8:aa:a2:0a:5f:2e:e9:55:ab:55:04:90:ae:b3:
b4:ba:10:09:a2:e2:ac:3b:b0:69:88:22:71:ba:14:
f5:eb:64:e4:2d:bc:9c:b2:30:f6:0c:a8:d2:c1:cd:
22:bc:0c:34:b2:ba:cc:48:8d:f5:99:66:74:2f:fd:
41:d8:09:38:42:35:1a:e9:65:a7:b1:bc:26:95:d9:
24:90:41:58:56:0d:0f:92:02:c4:32:d1:e4:5e:f3:
85:7e:11:3f:6b:9c:72:10:f8:86:a8:b3:c7:95:7f:
45:83:21:9f:db:27:d8:e9:29:59:6a:be:17:2b:94:
1a:3a:b0:9b:7c:af:c6:16:c7:14:43:06:7d:e7:bc:
7d:55:76:95:f4:59:57:91:49:b1:9b:78:0d:28:af:
c9:2c:02:e6:80:c8:af:b4:2a:3b:fb:ca:d6:cb:c3:
2d:3b:2a:58:a7:6b:fa:3e:c9:61:51:17:6d:b3:2b:
dc:b7:bb:1f:d8:b8:b1:02:35:d0:95:e7:d1:a3:6c:
1b:d7:af:30:42:fb:52:b0:7d:68:c8:28:cd:bf:51:
18:e8:ec:ae:f4:10:4c:50:c4:ed:72:5a:6c:49:f3:
c8:d9:e0:ac:8d:74:53:23:ac:dc:25:b4:b1:3e:95:
92:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:19:6A:A7:60:80:51:34:3E:AF:7F:61:9F:4E:DD:13:F0:4F:ED:BE
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS212027.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ff60::/44
Signature Algorithm: sha256WithRSAEncryption
37:c8:3d:35:58:7b:4b:38:19:11:66:bc:af:3b:5b:30:91:24:
d7:2d:ff:be:dc:79:34:75:9a:00:1b:f8:df:1f:2a:e8:1c:1f:
45:a1:02:5f:b2:1a:62:7f:66:bc:db:ad:d1:11:95:20:3d:17:
fa:4e:e1:00:00:d7:23:97:54:65:ba:f3:06:73:03:06:cd:7d:
c0:7b:3d:7e:75:b3:1e:1e:33:78:de:d9:1e:a1:5a:69:e0:a8:
24:d4:80:c3:b8:79:6b:d9:17:38:73:70:6a:9d:c5:b6:1c:a8:
1f:85:f9:e4:04:21:db:34:1a:d7:5b:68:e0:79:05:cd:1a:87:
1e:1c:c6:32:d2:0c:b3:af:2a:cc:d7:47:a4:7b:11:ad:ec:72:
f7:12:ca:d8:ad:56:8a:98:ac:fc:2c:bd:dd:ae:c2:04:fa:47:
b9:a5:6d:59:dd:e5:ee:76:fb:b1:62:7f:59:01:32:8c:60:9c:
0c:a5:6f:ff:62:ac:84:b9:3b:25:f7:77:96:7e:ad:31:88:33:
0f:ba:1c:36:73:ad:8f:94:58:cf:c7:db:35:58:e3:a3:02:67:
97:19:56:a4:cd:76:b5:7c:fe:23:d8:a1:55:28:8e:0c:08:1a:
31:ae:77:0e:92:d3:10:cf:0f:e1:05:d5:c9:4b:83:59:d2:0c:
ad:b9:48:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUfyoIm4m4Ax67kBkNO1MjGyJkZ3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MTMxMTExMDRaFw0yNzA1MTIxMTE2MDRaMDMxMTAvBgNV
BAMTKEIxMTk2QUE3NjA4MDUxMzQzRUFGN0Y2MTlGNEVERDEzRjA0RkVEQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChyuEC4bbE/oG4wG6yDXXIqqIK
Xy7pVatVBJCus7S6EAmi4qw7sGmIInG6FPXrZOQtvJyyMPYMqNLBzSK8DDSyusxI
jfWZZnQv/UHYCThCNRrpZaexvCaV2SSQQVhWDQ+SAsQy0eRe84V+ET9rnHIQ+Iao
s8eVf0WDIZ/bJ9jpKVlqvhcrlBo6sJt8r8YWxxRDBn3nvH1VdpX0WVeRSbGbeA0o
r8ksAuaAyK+0Kjv7ytbLwy07Klina/o+yWFRF22zK9y3ux/YuLECNdCV59GjbBvX
rzBC+1KwfWjIKM2/URjo7K70EExQxO1yWmxJ88jZ4KyNdFMjrNwltLE+lZJPAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUsRlqp2CAUTQ+r39hn07dE/BP7b4wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjEyMDI3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1
gP9gMA0GCSqGSIb3DQEBCwUAA4IBAQA3yD01WHtLOBkRZryvO1swkSTXLf++3Hk0
dZoAG/jfHyroHB9FoQJfshpif2a8263REZUgPRf6TuEAANcjl1RluvMGcwMGzX3A
ez1+dbMeHjN43tkeoVpp4Kgk1IDDuHlr2Rc4c3BqncW2HKgfhfnkBCHbNBrXW2jg
eQXNGoceHMYy0gyzryrM10ekexGt7HL3EsrYrVaKmKz8LL3drsIE+ke5pW1Z3eXu
dvuxYn9ZATKMYJwMpW//YqyEuTsl93eWfq0xiDMPuhw2c62PlFjPx9s1WOOjAmeX
GVakzXa1fP4j2KFVKI4MCBoxrncOktMQzw/hBdXJS4NZ0gytuUh9
-----END CERTIFICATE-----
Generated at Sat Jun 6 13:55:47 2026 by rpki-client