Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206898.roa
File: AS206898.roa (raw, json)
Hash identifier: T0pQPG3PM/2y0/Osa8Jz1smoPLimgeLvo71iLR2qx68=
Subject key identifier: 5B:27:DF:18:F7:9D:7E:B5:D6:DE:C3:E9:6D:AB:60:0E:BE:32:32:66
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 407F1FD9D39E4BE8A2CB5E25379432D1734D81E3
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206898.roa
Signing time: Mon 18 May 2026 18:08:35 +0000
ROA not before: Mon 18 May 2026 18:03:35 +0000
ROA not after: Mon 17 May 2027 18:08:35 +0000
asID: 206898
IP address blocks: 2a0f:85c1:c6a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:7f:1f:d9:d3:9e:4b:e8:a2:cb:5e:25:37:94:32:d1:73:4d:81:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: May 18 18:03:35 2026 GMT
Not After : May 17 18:08:35 2027 GMT
Subject: CN=5B27DF18F79D7EB5D6DEC3E96DAB600EBE323266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7f:9a:21:43:e8:4b:df:c7:4b:44:9e:57:a2:
64:fe:d9:46:33:4f:b1:b2:43:e5:32:67:5d:cb:20:
ee:10:10:ea:3e:1a:30:cb:bc:75:d9:44:94:2f:c7:
1a:a1:ab:ef:bb:09:59:9b:aa:bb:3b:60:10:81:91:
41:5e:ea:7a:fc:78:86:8e:52:55:e6:3a:b9:b7:0d:
01:97:00:b5:10:9f:01:6a:a9:81:5a:90:1c:b3:f6:
0f:4b:ee:1e:7d:e9:37:b1:5b:58:54:42:cc:08:68:
db:1c:74:fb:af:f5:b5:21:71:b5:be:fa:41:00:ac:
b5:fe:29:20:77:43:48:44:b7:26:b9:0a:a5:78:5e:
c0:a0:f0:0c:01:d6:21:98:e6:62:68:e6:59:16:f9:
57:27:05:35:92:89:4e:91:0e:1d:a4:23:a1:0a:76:
51:2d:26:e7:a4:cb:26:9b:4b:14:8a:06:21:45:c5:
e5:c2:25:0a:f8:a4:5d:c7:d6:9b:31:ae:68:1d:3d:
e4:bc:7d:94:41:0e:9a:aa:6b:ec:66:fc:aa:79:35:
6b:e7:a6:e8:83:87:4b:f4:8e:19:1e:bc:50:2d:b1:
f6:16:d0:f6:d5:a6:df:e4:a2:c0:1e:f7:a3:04:4c:
f0:66:5a:ec:d7:9a:66:1c:ad:65:2f:91:81:e3:3d:
0e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:27:DF:18:F7:9D:7E:B5:D6:DE:C3:E9:6D:AB:60:0E:BE:32:32:66
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS206898.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:c6a::/48
Signature Algorithm: sha256WithRSAEncryption
25:bc:f7:3d:8f:71:6a:7e:6d:8f:9c:46:6f:22:f1:7e:eb:e8:
e1:e3:3b:2b:52:5e:1c:51:aa:fd:bf:b7:04:98:e1:e6:37:08:
59:f2:e2:03:ae:3b:f8:47:a5:ac:0c:46:14:68:2b:dd:92:94:
5b:ce:00:5f:be:90:ac:10:cd:47:1b:73:31:6c:7e:f3:8f:9a:
25:88:13:bc:9a:ec:0b:6f:ad:11:ba:59:e6:25:79:8b:97:b3:
14:77:a3:6f:9f:76:00:7b:8a:f3:ef:23:5e:05:f0:e6:f9:4e:
ea:6f:60:ca:0d:1e:38:99:7e:a4:69:36:de:89:53:ec:b9:51:
a6:c9:0b:47:49:98:b0:14:46:4a:8a:f3:ff:d5:93:5d:66:54:
0e:4a:ba:f2:29:50:39:85:5d:4a:66:36:bb:8d:b8:4d:ae:6c:
86:ab:7c:0d:67:5b:4f:44:d9:94:de:5e:e3:b6:31:05:46:f3:
cf:d8:b5:de:95:29:aa:86:27:37:63:c8:72:98:d7:2f:4d:a2:
8f:a6:95:65:70:1a:4a:18:02:53:b0:0b:cd:64:b5:91:60:37:
2b:ca:69:1b:b9:3e:11:c2:72:4b:64:61:e0:a0:14:03:3e:2d:
76:b6:a4:d8:d4:a9:f8:fd:03:26:45:10:3f:1e:ba:32:bc:52:
e3:68:8e:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUQH8f2dOeS+iiy14lN5Qy0XNNgeMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjA1MTgxODAzMzVaFw0yNzA1MTcxODA4MzVaMDMxMTAvBgNV
BAMTKDVCMjdERjE4Rjc5RDdFQjVENkRFQzNFOTZEQUI2MDBFQkUzMjMyNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgf5ohQ+hL38dLRJ5XomT+2UYz
T7GyQ+UyZ13LIO4QEOo+GjDLvHXZRJQvxxqhq++7CVmbqrs7YBCBkUFe6nr8eIaO
UlXmOrm3DQGXALUQnwFqqYFakByz9g9L7h596TexW1hUQswIaNscdPuv9bUhcbW+
+kEArLX+KSB3Q0hEtya5CqV4XsCg8AwB1iGY5mJo5lkW+VcnBTWSiU6RDh2kI6EK
dlEtJuekyyabSxSKBiFFxeXCJQr4pF3H1psxrmgdPeS8fZRBDpqqa+xm/Kp5NWvn
puiDh0v0jhkevFAtsfYW0PbVpt/kosAe96METPBmWuzXmmYcrWUvkYHjPQ4dAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUWyffGPedfrXW3sPpbatgDr4yMmYwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA2ODk4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQxqMA0GCSqGSIb3DQEBCwUAA4IBAQAlvPc9j3Fqfm2PnEZvIvF+6+jh4zsrUl4c
Uar9v7cEmOHmNwhZ8uIDrjv4R6WsDEYUaCvdkpRbzgBfvpCsEM1HG3MxbH7zj5ol
iBO8muwLb60RulnmJXmLl7MUd6Nvn3YAe4rz7yNeBfDm+U7qb2DKDR44mX6kaTbe
iVPsuVGmyQtHSZiwFEZKivP/1ZNdZlQOSrryKVA5hV1KZja7jbhNrmyGq3wNZ1tP
RNmU3l7jtjEFRvPP2LXelSmqhic3Y8hymNcvTaKPppVlcBpKGAJTsAvNZLWRYDcr
ymkbuT4RwnJLZGHgoBQDPi12tqTY1Kn4/QMmRRA/HroyvFLjaI58
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:27:11 2026 by rpki-client