Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS210667.roa
File: AS210667.roa (raw, json)
Hash identifier: F5DbeodpPWi0bplWDvRxEPXsSnPMsaF08pH7AMGiJVk=
Subject key identifier: 5D:6B:0D:25:EE:A4:CC:9F:3F:8D:A4:B1:19:62:58:45:DC:91:B9:00
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 38F2F52F1BDF559ACF7D2B220FB63EA4B6882E00
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS210667.roa
Signing time: Sun 05 Apr 2026 20:34:06 +0000
ROA not before: Sun 05 Apr 2026 20:29:06 +0000
ROA not after: Sun 04 Apr 2027 20:34:06 +0000
asID: 210667
IP address blocks: 89.39.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:f2:f5:2f:1b:df:55:9a:cf:7d:2b:22:0f:b6:3e:a4:b6:88:2e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Apr 5 20:29:06 2026 GMT
Not After : Apr 4 20:34:06 2027 GMT
Subject: CN=5D6B0D25EEA4CC9F3F8DA4B119625845DC91B900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:27:be:7b:82:85:71:46:0e:05:6d:ed:bf:0e:
ab:5c:07:81:4c:11:60:cc:01:23:8f:11:d8:91:55:
8f:25:7b:8b:98:83:61:bc:b6:a3:13:c4:85:0a:93:
99:91:1d:7c:37:c6:53:fe:90:5d:aa:81:1a:c3:32:
5a:5a:54:24:08:3e:67:d6:de:42:43:8a:45:c7:6c:
b4:28:5d:ef:4d:42:fb:c4:41:9c:ce:83:7e:94:b1:
96:41:3e:8a:52:c3:ca:12:0c:c4:4d:2b:ea:b1:b1:
c7:d5:51:b8:39:c4:71:74:71:ad:c4:eb:03:4e:cd:
bd:4f:c0:7a:18:8d:75:d5:48:56:bc:66:40:18:20:
55:de:b9:0c:fe:6d:7d:53:4b:99:e0:35:bb:cb:27:
bd:16:25:e2:a1:68:94:80:bf:20:2b:03:03:92:49:
53:a5:aa:e5:40:a7:5d:b9:79:a0:ae:4b:e9:af:3c:
49:cc:46:97:ac:03:ef:3e:b8:b7:09:55:87:f3:de:
25:69:fb:98:b6:b4:8d:c4:6a:13:91:84:1c:48:78:
96:5c:d1:34:e2:79:20:89:f0:75:aa:a1:3b:7a:90:
f5:98:59:fd:00:76:7c:a5:6c:a5:31:b1:11:bd:a2:
36:74:c1:9a:52:08:be:1c:3a:59:3c:cf:49:6a:a0:
b1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6B:0D:25:EE:A4:CC:9F:3F:8D:A4:B1:19:62:58:45:DC:91:B9:00
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS210667.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.211.0/24
Signature Algorithm: sha256WithRSAEncryption
38:fc:ca:34:8f:2d:ce:f5:a0:62:04:ce:5c:d8:ad:1b:04:c5:
26:57:02:5c:01:2b:9d:ef:34:c3:c3:d9:85:5b:85:06:6b:74:
d5:23:89:a4:9a:b4:6b:d2:ee:76:ce:11:db:9a:6c:94:42:2d:
9e:05:83:3f:85:06:0b:5f:fd:0e:63:36:5b:13:fd:80:97:8a:
f3:8e:3e:da:fd:b5:da:da:ad:68:da:9d:d5:31:e8:d4:14:99:
ae:f0:05:8a:fa:ac:41:a5:49:c4:63:7e:1a:5f:f0:21:de:eb:
0b:b7:74:a3:1c:0e:d1:68:91:8d:7b:ef:af:b5:9e:32:af:81:
86:32:81:a5:00:fc:fe:2d:17:b2:55:59:a4:6b:86:30:13:a6:
83:53:a0:b2:81:c7:62:94:e1:d8:70:a4:fe:bc:54:ee:fd:7e:
96:cb:1c:e4:19:f5:a2:f0:27:01:9c:8e:12:dd:7a:30:f5:e4:
65:db:e4:3d:e0:36:10:82:43:f2:eb:af:57:2c:6f:79:be:4d:
70:fd:3c:75:db:37:b4:c5:46:16:bc:b3:dc:3d:a5:37:a2:95:
18:69:33:a4:0c:14:3d:4f:73:7b:24:69:82:72:10:b3:99:db:
7f:09:25:15:92:b4:88:63:f4:dd:a3:d9:8f:ba:cd:4d:7c:34:
8f:5a:5f:9f
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUOPL1LxvfVZrPfSsiD7Y+pLaILgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA0MDUyMDI5MDZaFw0yNzA0MDQyMDM0MDZaMDMxMTAvBgNV
BAMTKDVENkIwRDI1RUVBNENDOUYzRjhEQTRCMTE5NjI1ODQ1REM5MUI5MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXJ757goVxRg4Fbe2/DqtcB4FM
EWDMASOPEdiRVY8le4uYg2G8tqMTxIUKk5mRHXw3xlP+kF2qgRrDMlpaVCQIPmfW
3kJDikXHbLQoXe9NQvvEQZzOg36UsZZBPopSw8oSDMRNK+qxscfVUbg5xHF0ca3E
6wNOzb1PwHoYjXXVSFa8ZkAYIFXeuQz+bX1TS5ngNbvLJ70WJeKhaJSAvyArAwOS
SVOlquVAp125eaCuS+mvPEnMRpesA+8+uLcJVYfz3iVp+5i2tI3EahORhBxIeJZc
0TTieSCJ8HWqoTt6kPWYWf0AdnylbKUxsRG9ojZ0wZpSCL4cOlk8z0lqoLG5AgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUXWsNJe6kzJ8/jaSxGWJYRdyRuQAwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjEwNjY3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAWSfTMA0GCSqGSIb3DQEBCwUAA4IBAQA4/Mo0jy3O
9aBiBM5c2K0bBMUmVwJcASud7zTDw9mFW4UGa3TVI4mkmrRr0u52zhHbmmyUQi2e
BYM/hQYLX/0OYzZbE/2Al4rzjj7a/bXa2q1o2p3VMejUFJmu8AWK+qxBpUnEY34a
X/Ah3usLt3SjHA7RaJGNe++vtZ4yr4GGMoGlAPz+LReyVVmka4YwE6aDU6Cygcdi
lOHYcKT+vFTu/X6WyxzkGfWi8CcBnI4S3Xow9eRl2+Q94DYQgkPy669XLG95vk1w
/Tx12ze0xUYWvLPcPaU3opUYaTOkDBQ9T3N7JGmCchCzmdt/CSUVkrSIY/Tdo9mP
us1NfDSPWl+f
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:21:50 2026 by rpki-client