Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS219421.roa
File: AS219421.roa (raw, json)
Hash identifier: /MfInkS/y9Tq4BETR6+bOlRBxJ7xn3tn/GRl1ySi9PM=
Subject key identifier: AC:B0:FA:DA:96:C9:6B:02:DA:43:54:AE:1C:2B:24:BF:AF:8B:F5:B8
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 387906843AF3B23AB8476DC497D218AD96D9C19D
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS219421.roa
Signing time: Tue 16 Jun 2026 23:14:18 +0000
ROA not before: Tue 16 Jun 2026 23:09:18 +0000
ROA not after: Tue 15 Jun 2027 23:14:18 +0000
asID: 219421
IP address blocks: 2a14:7581::/44 maxlen: 44
2a14:7581:40::/44 maxlen: 44
2a14:7581:c0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 18:11:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:79:06:84:3a:f3:b2:3a:b8:47:6d:c4:97:d2:18:ad:96:d9:c1:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 16 23:09:18 2026 GMT
Not After : Jun 15 23:14:18 2027 GMT
Subject: CN=ACB0FADA96C96B02DA4354AE1C2B24BFAF8BF5B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:80:2a:cd:0b:59:60:21:52:c7:5f:29:4c:10:
0a:90:a0:61:3d:49:50:fc:b0:c6:71:35:34:eb:e8:
fa:11:4a:f4:63:20:45:79:6e:15:fd:25:1c:6a:28:
a5:47:90:a5:02:9d:ad:97:a4:79:15:8f:6c:35:78:
c9:84:4b:0f:38:95:fd:45:71:3d:a0:ac:11:7c:ce:
1b:f8:da:e5:8e:e5:0a:78:f8:61:ed:3a:70:df:9f:
ba:b8:66:da:2b:48:d6:1e:cb:e1:ff:1c:7e:a7:06:
38:d4:52:46:28:06:4a:d7:9d:0a:13:c8:59:6d:3d:
22:22:bf:05:ba:d9:87:2b:87:1b:c3:27:aa:d9:b1:
6b:da:15:ed:db:d1:86:41:e8:c4:1a:aa:9d:9d:e6:
b9:46:35:f7:69:59:74:3c:f4:86:b5:c7:1b:e5:71:
3d:95:19:ca:57:46:a4:d4:85:e8:f4:b0:0d:a5:df:
e7:3e:e4:80:24:85:b3:13:84:20:4c:22:12:5b:7d:
8c:43:03:7e:e3:93:7a:de:fd:a2:24:0a:14:bd:86:
f5:bf:32:c1:f6:3b:38:95:33:10:fd:48:64:71:a8:
4c:de:56:16:25:ce:ea:41:eb:a3:31:bc:a8:47:6a:
c8:32:0a:d0:26:7d:3f:b7:c5:e8:99:c7:8f:71:26:
03:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B0:FA:DA:96:C9:6B:02:DA:43:54:AE:1C:2B:24:BF:AF:8B:F5:B8
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS219421.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581::/44
2a14:7581:40::/44
2a14:7581:c0::/44
Signature Algorithm: sha256WithRSAEncryption
2c:b9:1d:70:4c:01:6f:f5:da:ba:85:d2:2c:d1:22:eb:fa:f0:
32:94:eb:dd:7b:ef:cb:ae:f4:00:85:a2:d1:14:46:82:93:8d:
ee:17:00:b7:a8:af:91:44:86:f8:2d:04:72:a5:9b:6b:d4:8c:
f3:2f:70:32:7e:be:f7:8a:af:31:7c:13:d9:72:54:34:9e:3d:
59:00:2e:71:6b:98:59:fa:fe:4d:15:e0:ea:fb:1a:2c:0a:7d:
23:86:f0:4c:bb:c3:e4:c5:dc:c9:3f:91:cc:00:ec:54:9b:c4:
c8:48:96:0c:a8:97:ee:ca:07:00:a7:c1:32:72:bd:5a:39:18:
83:f8:31:6c:62:07:82:8d:2e:f5:6f:3c:3d:51:0f:be:e6:d1:
e2:c3:e5:fb:03:d3:04:bd:3a:88:6c:5a:39:c2:a3:24:b5:48:
28:27:0a:8b:d3:46:13:95:f1:90:64:34:ff:f0:4e:b6:8e:34:
60:0e:0a:30:14:4d:16:cb:a6:29:e5:73:c1:cc:12:7f:a5:73:
1c:83:d9:83:10:cc:85:31:55:63:81:7e:26:ee:48:5d:68:cc:
c1:2e:0b:e8:36:a4:5e:a0:86:a2:ab:01:95:82:72:33:02:69:
30:82:4d:92:30:ed:2d:ab:c9:1a:ca:f3:a8:4d:0c:64:8f:eb:
a8:b5:d4:a3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIUOHkGhDrzsjq4R23El9IYrZbZwZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA2MTYyMzA5MThaFw0yNzA2MTUyMzE0MThaMDMxMTAvBgNV
BAMTKEFDQjBGQURBOTZDOTZCMDJEQTQzNTRBRTFDMkIyNEJGQUY4QkY1QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUgCrNC1lgIVLHXylMEAqQoGE9
SVD8sMZxNTTr6PoRSvRjIEV5bhX9JRxqKKVHkKUCna2XpHkVj2w1eMmESw84lf1F
cT2grBF8zhv42uWO5Qp4+GHtOnDfn7q4ZtorSNYey+H/HH6nBjjUUkYoBkrXnQoT
yFltPSIivwW62YcrhxvDJ6rZsWvaFe3b0YZB6MQaqp2d5rlGNfdpWXQ89Ia1xxvl
cT2VGcpXRqTUhej0sA2l3+c+5IAkhbMThCBMIhJbfYxDA37jk3re/aIkChS9hvW/
MsH2OziVMxD9SGRxqEzeVhYlzupB66MxvKhHasgyCtAmfT+3xeiZx49xJgPjAgMB
AAGjggIfMIICGzAdBgNVHQ4EFgQUrLD62pbJawLaQ1SuHCskv6+L9bgwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE5NDIxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKhR1
gQAAAwcEKhR1gQBAAwcEKhR1gQDAMA0GCSqGSIb3DQEBCwUAA4IBAQAsuR1wTAFv
9dq6hdIs0SLr+vAylOvde+/LrvQAhaLRFEaCk43uFwC3qK+RRIb4LQRypZtr1Izz
L3Ayfr73iq8xfBPZclQ0nj1ZAC5xa5hZ+v5NFeDq+xosCn0jhvBMu8PkxdzJP5HM
AOxUm8TISJYMqJfuygcAp8Eycr1aORiD+DFsYgeCjS71bzw9UQ++5tHiw+X7A9ME
vTqIbFo5wqMktUgoJwqL00YTlfGQZDT/8E62jjRgDgowFE0Wy6Yp5XPBzBJ/pXMc
g9mDEMyFMVVjgX4m7khdaMzBLgvoNqReoIaiqwGVgnIzAmkwgk2SMO0tq8kayvOo
TQxkj+uotdSj
-----END CERTIFICATE-----
Generated at Sun Jun 28 04:00:21 2026 by rpki-client