Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS208751.roa
File: AS208751.roa (raw, json)
Hash identifier: wSGW3h3MBTcbvNkvx0TB172YmeMikbuCNbNzVayGFIY=
Subject key identifier: 79:1A:7C:52:72:94:BB:8B:83:43:42:5A:1B:67:78:06:EC:54:B0:C6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0DE15CF714628A0247C1385919DF766903BEAF24
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS208751.roa
Signing time: Fri 17 Apr 2026 10:47:05 +0000
ROA not before: Fri 17 Apr 2026 10:42:05 +0000
ROA not after: Fri 16 Apr 2027 10:47:05 +0000
asID: 208751
IP address blocks: 2a13:9500:45::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:e1:5c:f7:14:62:8a:02:47:c1:38:59:19:df:76:69:03:be:af:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 17 10:42:05 2026 GMT
Not After : Apr 16 10:47:05 2027 GMT
Subject: CN=791A7C527294BB8B8343425A1B677806EC54B0C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:22:fd:b1:9a:02:a0:89:07:e8:67:54:ec:35:
52:d9:6c:72:35:d1:bf:1b:0b:5f:dd:da:4b:62:ff:
e2:62:db:b1:e4:16:8d:b8:c1:e7:28:c1:25:f4:bc:
1d:b0:9a:45:65:6f:3b:73:a9:a1:5e:d6:f4:2a:2d:
b5:a2:37:b3:2b:34:58:a3:c4:11:16:90:ea:5f:81:
ab:a0:a2:23:e7:c4:ad:ba:be:d9:cc:8f:67:15:e0:
c8:82:80:a6:73:e9:8f:07:e7:0e:2b:44:0c:ab:db:
11:18:7c:01:b5:42:90:67:ab:3c:b0:61:a8:14:ff:
f5:bc:d1:a7:8f:9f:58:6a:c7:76:93:72:bc:60:c0:
8a:fb:da:27:fb:9b:71:27:57:18:62:5b:b0:bc:1c:
60:0b:bf:43:e8:40:41:25:a8:fb:02:e9:77:e3:e5:
9a:cf:08:9e:86:08:96:b3:e1:37:b9:aa:7c:75:16:
f6:1c:84:5c:dd:0d:a6:c6:8d:06:ec:04:45:e8:67:
b1:82:94:b3:ee:75:88:26:5a:7d:44:e0:9d:3d:77:
ec:f6:29:56:17:d0:17:e6:a7:83:54:f6:84:55:33:
3c:d7:02:9f:05:64:f3:bc:42:21:01:3d:5c:5e:1a:
b7:51:3d:b8:96:97:4a:a1:cb:5e:06:98:75:ed:42:
8e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:1A:7C:52:72:94:BB:8B:83:43:42:5A:1B:67:78:06:EC:54:B0:C6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS208751.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:45::/48
Signature Algorithm: sha256WithRSAEncryption
16:8f:2a:61:23:e0:46:6c:a7:82:66:31:90:a0:12:f3:31:da:
e6:0b:d3:24:e9:b9:9a:43:40:a5:b8:5e:7a:b4:d4:b5:7b:a9:
56:be:7d:6f:6a:1f:7a:98:d5:5c:71:34:43:b9:fc:3e:6e:99:
81:44:9e:2b:18:64:5d:80:c2:ac:87:87:2f:ec:e0:7b:0d:4a:
d5:b9:21:9f:ed:2d:99:56:a9:4f:41:41:35:2d:00:d7:18:0b:
c4:74:9d:7a:3a:11:ad:fd:f0:c7:06:e8:a1:5c:0f:59:2a:99:
3a:bf:b7:bd:20:3d:85:74:f9:59:6e:83:3a:f7:8a:fd:83:b6:
25:9a:dc:a0:12:56:5d:db:70:76:ad:40:b1:5e:ec:b6:26:7b:
71:ea:d3:8b:1c:c1:17:12:cf:a4:6c:10:fb:41:a3:04:6b:fd:
6d:27:a2:a1:7f:c7:21:fd:33:66:c9:25:f1:3a:ed:7a:96:00:
57:2d:41:2f:d7:a8:96:ca:02:05:8f:18:77:f3:d4:c1:5c:4e:
7c:05:24:d5:b3:49:ac:da:d6:ba:6d:20:f4:65:1c:b2:4c:ee:
08:9e:42:fe:99:e6:05:e4:46:4c:3a:80:7b:44:e8:0d:11:45:
cb:b7:7e:99:2f:d5:3e:32:1a:c0:38:a1:8a:29:61:97:19:18:
9c:a0:07:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUDeFc9xRiigJHwThZGd92aQO+ryQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTcxMDQyMDVaFw0yNzA0MTYxMDQ3MDVaMDMxMTAvBgNV
BAMTKDc5MUE3QzUyNzI5NEJCOEI4MzQzNDI1QTFCNjc3ODA2RUM1NEIwQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJIv2xmgKgiQfoZ1TsNVLZbHI1
0b8bC1/d2kti/+Ji27HkFo24wecowSX0vB2wmkVlbztzqaFe1vQqLbWiN7MrNFij
xBEWkOpfgaugoiPnxK26vtnMj2cV4MiCgKZz6Y8H5w4rRAyr2xEYfAG1QpBnqzyw
YagU//W80aePn1hqx3aTcrxgwIr72if7m3EnVxhiW7C8HGALv0PoQEElqPsC6Xfj
5ZrPCJ6GCJaz4Te5qnx1FvYchFzdDabGjQbsBEXoZ7GClLPudYgmWn1E4J09d+z2
KVYX0Bfmp4NU9oRVMzzXAp8FZPO8QiEBPVxeGrdRPbiWl0qhy14GmHXtQo5lAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUeRp8UnKUu4uDQ0JaG2d4BuxUsMYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA4NzUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AABFMA0GCSqGSIb3DQEBCwUAA4IBAQAWjyphI+BGbKeCZjGQoBLzMdrmC9Mk6bma
Q0CluF56tNS1e6lWvn1vah96mNVccTRDufw+bpmBRJ4rGGRdgMKsh4cv7OB7DUrV
uSGf7S2ZVqlPQUE1LQDXGAvEdJ16OhGt/fDHBuihXA9ZKpk6v7e9ID2FdPlZboM6
94r9g7YlmtygElZd23B2rUCxXuy2Jntx6tOLHMEXEs+kbBD7QaMEa/1tJ6Khf8ch
/TNmySXxOu16lgBXLUEv16iWygIFjxh389TBXE58BSTVs0ms2ta6bSD0ZRyyTO4I
nkL+meYF5EZMOoB7ROgNEUXLt36ZL9U+MhrAOKGKKWGXGRicoAdu
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:04:24 2026 by rpki-client