Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS201002.roa
File: AS201002.roa (raw, json)
Hash identifier: b8ZITxaPgT55292RXOwDGuMuOURRGinQZs7OnZ+k958=
Subject key identifier: F1:0A:F0:D4:E3:FB:55:E5:68:1F:48:CF:6F:0C:C8:5A:7D:94:48:01
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 07684C818D55EDC51F57CB856D7F9A605A680517
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS201002.roa
Signing time: Mon 13 Apr 2026 11:45:09 +0000
ROA not before: Mon 13 Apr 2026 11:40:09 +0000
ROA not after: Mon 12 Apr 2027 11:45:09 +0000
asID: 201002
IP address blocks: 82.139.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 03:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:68:4c:81:8d:55:ed:c5:1f:57:cb:85:6d:7f:9a:60:5a:68:05:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Apr 13 11:40:09 2026 GMT
Not After : Apr 12 11:45:09 2027 GMT
Subject: CN=F10AF0D4E3FB55E5681F48CF6F0CC85A7D944801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:12:60:70:bf:82:bf:b7:15:2d:03:2d:93:da:
ba:21:fb:ea:1f:b6:26:9d:01:cf:20:2e:7b:0b:0d:
d0:cf:14:87:e8:6c:75:02:af:ef:17:00:8c:10:36:
0d:83:d7:96:d7:c5:92:53:fb:11:f8:ee:d4:40:d9:
e9:9e:40:02:08:fa:99:9c:84:bc:30:92:09:54:fe:
4c:d0:40:a9:4b:ae:ee:ef:9e:2a:8e:4b:a8:44:70:
a1:f7:1c:74:5c:3a:b8:dc:1a:f3:92:ab:ce:fa:a7:
6f:1c:b6:eb:d0:f0:bb:b9:9f:28:d2:7b:55:27:e2:
08:15:db:b6:5f:88:a3:60:48:3f:4e:2c:7b:85:61:
6c:fd:ec:29:ad:c0:c9:ad:93:a0:41:2c:49:0e:86:
2a:74:af:2e:c1:6d:eb:d5:71:0f:2d:12:3c:88:ee:
23:14:5b:ab:c0:ab:2a:46:cd:3c:58:6e:dd:4e:a6:
70:f8:25:a0:cd:ec:1a:0d:db:6f:b4:8b:02:e3:03:
88:3a:ea:af:fd:d1:a2:fd:c5:4c:d4:c5:96:1d:22:
6c:62:7a:36:48:2b:ab:0a:33:49:19:fc:64:c8:e9:
e0:d8:f1:76:9e:8c:d5:24:c4:2f:2b:28:d7:28:99:
c6:81:fd:23:ba:40:ce:04:82:54:63:3e:96:a7:41:
dd:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:0A:F0:D4:E3:FB:55:E5:68:1F:48:CF:6F:0C:C8:5A:7D:94:48:01
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS201002.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.192.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:c4:d5:cd:c3:ae:82:fb:02:3f:7e:41:b9:bc:fd:71:df:db:
95:56:ae:6c:c1:90:89:78:2e:ed:d4:d2:5e:1a:48:90:b1:52:
12:8e:39:89:5e:97:e0:bd:36:ea:20:29:68:a2:57:35:ea:96:
be:5a:f2:2b:33:59:40:3e:64:1c:07:40:21:94:12:0c:2b:28:
9a:03:3b:34:b7:3a:d8:b8:58:f4:63:bc:f5:c2:1d:e0:16:de:
ff:02:7e:e3:16:d7:43:ab:8b:5a:84:02:67:d9:48:88:f1:b4:
ce:82:06:f3:68:8a:da:4f:43:f0:e5:1c:33:74:b6:cf:53:67:
75:81:c9:91:12:c3:dd:35:a7:6f:d8:3d:4c:e3:d7:cb:28:39:
90:e2:69:51:ef:1e:cb:a2:0f:5d:bf:3b:58:2e:b2:96:ed:31:
4f:3c:b0:29:da:3c:53:96:6c:dd:98:b3:b0:cc:33:7d:a2:42:
44:92:cd:00:ca:ac:d6:1e:a1:cd:9b:55:a0:ef:87:50:a0:a3:
19:1e:95:a7:8e:24:25:20:75:45:3f:f7:d9:b9:b7:80:51:aa:
9d:74:72:2c:59:72:a5:c9:a4:3b:44:72:2e:0b:53:e4:d1:2d:
96:b9:92:dc:dd:7d:84:6d:f2:9e:6d:da:cf:6d:5f:90:db:ff:
ef:a1:83:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUB2hMgY1V7cUfV8uFbX+aYFpoBRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNjA0MTMxMTQwMDlaFw0yNzA0MTIxMTQ1MDlaMDMxMTAvBgNV
BAMTKEYxMEFGMEQ0RTNGQjU1RTU2ODFGNDhDRjZGMENDODVBN0Q5NDQ4MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3EmBwv4K/txUtAy2T2roh++of
tiadAc8gLnsLDdDPFIfobHUCr+8XAIwQNg2D15bXxZJT+xH47tRA2emeQAII+pmc
hLwwkglU/kzQQKlLru7vniqOS6hEcKH3HHRcOrjcGvOSq876p28ctuvQ8Lu5nyjS
e1Un4ggV27ZfiKNgSD9OLHuFYWz97CmtwMmtk6BBLEkOhip0ry7BbevVcQ8tEjyI
7iMUW6vAqypGzTxYbt1OpnD4JaDN7BoN22+0iwLjA4g66q/90aL9xUzUxZYdImxi
ejZIK6sKM0kZ/GTI6eDY8XaejNUkxC8rKNcomcaB/SO6QM4EglRjPpanQd2dAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU8Qrw1OP7VeVoH0jPbwzIWn2USAEwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTMjAxMDAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUovA
MA0GCSqGSIb3DQEBCwUAA4IBAQBrxNXNw66C+wI/fkG5vP1x39uVVq5swZCJeC7t
1NJeGkiQsVISjjmJXpfgvTbqICloolc16pa+WvIrM1lAPmQcB0AhlBIMKyiaAzs0
tzrYuFj0Y7z1wh3gFt7/An7jFtdDq4tahAJn2UiI8bTOggbzaIraT0Pw5RwzdLbP
U2d1gcmREsPdNadv2D1M49fLKDmQ4mlR7x7Log9dvztYLrKW7TFPPLAp2jxTlmzd
mLOwzDN9okJEks0AyqzWHqHNm1Wg74dQoKMZHpWnjiQlIHVFP/fZubeAUaqddHIs
WXKlyaQ7RHIuC1Pk0S2WuZLc3X2EbfKebdrPbV+Q2//voYMc
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:02:36 2026 by rpki-client