Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS201233.roa
File: AS201233.roa (raw, json)
Hash identifier: mYm8/bJ7Fh5McHGmmQJOoB41TQpMVqhflAad+e4v0Hk=
Subject key identifier: 23:25:6A:CE:1E:43:17:B8:7D:46:74:D9:C8:53:88:92:67:73:C2:69
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3BAE43AE44896615F3219ECB579CED75B79BB9A5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS201233.roa
Signing time: Sat 06 Jun 2026 07:47:29 +0000
ROA not before: Sat 06 Jun 2026 07:42:29 +0000
ROA not after: Sat 05 Jun 2027 07:47:29 +0000
asID: 201233
IP address blocks: 2a13:9500:a4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:ae:43:ae:44:89:66:15:f3:21:9e:cb:57:9c:ed:75:b7:9b:b9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 6 07:42:29 2026 GMT
Not After : Jun 5 07:47:29 2027 GMT
Subject: CN=23256ACE1E4317B87D4674D9C85388926773C269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2d:11:fc:75:8b:84:9f:c8:df:bc:e9:f8:0b:
0a:27:b7:f9:b2:81:26:a3:5c:a2:6f:4b:61:a5:51:
23:1c:b9:c2:50:6f:71:60:08:22:94:3b:05:ee:cf:
97:5d:03:63:d4:a1:22:56:9b:d7:4e:f3:ab:5d:a3:
48:9e:5b:0f:4f:69:85:dd:49:81:61:35:7c:49:3b:
6d:a8:17:9f:5c:ba:f7:97:ed:5b:eb:99:b2:7e:67:
a3:cb:b5:ea:53:e4:12:15:ee:6d:df:85:6a:f5:e0:
ee:35:4d:77:74:86:1d:54:bd:d7:d8:1d:e1:63:23:
9f:9a:b0:83:46:9a:84:18:9d:9c:65:b6:93:f2:52:
aa:fc:fc:41:37:9d:91:f7:89:6a:0c:9d:6f:96:e3:
5b:8f:7a:f9:14:72:03:0c:a4:23:e5:ce:1d:42:68:
5f:25:dd:81:af:a6:13:93:74:e8:2c:28:a1:1f:6c:
7b:7d:71:10:de:fd:05:c5:04:da:75:2b:40:96:22:
bb:ed:59:3d:a1:d0:1d:f4:f5:6b:16:25:0f:d6:89:
f8:88:ac:de:69:f2:60:c8:b6:ba:3c:ba:83:ec:4a:
b0:8b:0b:bd:0c:a2:2f:7c:ab:3f:8e:9b:e6:3b:57:
a9:59:f8:69:33:82:e4:34:6c:31:c6:93:81:d4:ae:
58:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:25:6A:CE:1E:43:17:B8:7D:46:74:D9:C8:53:88:92:67:73:C2:69
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS201233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:a4::/48
Signature Algorithm: sha256WithRSAEncryption
3d:11:87:fb:41:02:59:1e:27:32:d7:d3:16:35:21:e9:7a:23:
4b:17:13:c1:8b:c5:8d:ae:d1:4e:07:10:3b:59:32:69:9c:62:
02:64:fc:b4:94:0b:8d:55:d9:66:16:0d:a1:07:71:b3:92:7c:
f0:63:ff:b6:04:82:1b:84:4e:dd:fd:02:fa:ef:75:2c:30:ab:
74:63:dc:df:c2:37:ae:65:7e:ce:a1:6d:23:ee:c5:3a:f0:74:
f3:d1:0f:5f:c3:de:79:7f:34:19:c9:e2:44:51:af:78:5f:f9:
7a:20:78:c7:14:8b:ef:40:a2:96:1e:c7:37:83:88:a8:f8:0a:
9f:c6:dc:43:79:a2:22:2d:55:06:e5:70:94:2f:ed:7d:3e:07:
6d:ac:71:ca:1e:a9:4a:ae:74:4e:f7:03:86:13:65:19:6e:7f:
3d:b6:c4:e4:db:bb:76:f2:d6:be:03:86:6e:a0:b9:d4:72:f3:
ab:75:3b:90:e9:d0:46:f4:65:be:68:c1:3e:59:67:88:40:80:
6f:7e:21:fd:fd:2e:e4:f5:ae:fa:9b:01:bf:89:76:db:a5:da:
87:a0:b1:7a:90:5a:89:8e:0f:94:71:86:1a:7e:b6:1e:f7:ef:
4f:8c:d2:fa:d5:44:48:37:2a:77:8d:43:a0:19:7b:b1:4c:dd:
c8:2f:0c:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUO65DrkSJZhXzIZ7LV5ztdbebuaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDYwNzQyMjlaFw0yNzA2MDUwNzQ3MjlaMDMxMTAvBgNV
BAMTKDIzMjU2QUNFMUU0MzE3Qjg3RDQ2NzREOUM4NTM4ODkyNjc3M0MyNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbLRH8dYuEn8jfvOn4Cwont/my
gSajXKJvS2GlUSMcucJQb3FgCCKUOwXuz5ddA2PUoSJWm9dO86tdo0ieWw9PaYXd
SYFhNXxJO22oF59cuveX7VvrmbJ+Z6PLtepT5BIV7m3fhWr14O41TXd0hh1UvdfY
HeFjI5+asINGmoQYnZxltpPyUqr8/EE3nZH3iWoMnW+W41uPevkUcgMMpCPlzh1C
aF8l3YGvphOTdOgsKKEfbHt9cRDe/QXFBNp1K0CWIrvtWT2h0B309WsWJQ/WifiI
rN5p8mDItro8uoPsSrCLC70Moi98qz+Om+Y7V6lZ+GkzguQ0bDHGk4HUrljzAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUIyVqzh5DF7h9RnTZyFOIkmdzwmkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAxMjMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AACkMA0GCSqGSIb3DQEBCwUAA4IBAQA9EYf7QQJZHicy19MWNSHpeiNLFxPBi8WN
rtFOBxA7WTJpnGICZPy0lAuNVdlmFg2hB3GzknzwY/+2BIIbhE7d/QL673UsMKt0
Y9zfwjeuZX7OoW0j7sU68HTz0Q9fw955fzQZyeJEUa94X/l6IHjHFIvvQKKWHsc3
g4io+AqfxtxDeaIiLVUG5XCUL+19PgdtrHHKHqlKrnRO9wOGE2UZbn89tsTk27t2
8ta+A4ZuoLnUcvOrdTuQ6dBG9GW+aME+WWeIQIBvfiH9/S7k9a76mwG/iXbbpdqH
oLF6kFqJjg+UcYYafrYe9+9PjNL61URINyp3jUOgGXuxTN3ILwyP
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:14:03 2026 by rpki-client