Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200464.roa
File: AS200464.roa (raw, json)
Hash identifier: zN+koRvMXJPUCV6LeOPmfGowhkCp+fv5/v8ddMyew24=
Subject key identifier: F7:74:D0:64:82:2F:97:CE:B6:F7:92:19:6D:6D:AB:60:94:5F:5D:B2
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 3486AA838660E55A3D39E14049CA007E0A9ADE42
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200464.roa
Signing time: Sun 05 Apr 2026 23:13:39 +0000
ROA not before: Sun 05 Apr 2026 23:08:39 +0000
ROA not after: Sun 04 Apr 2027 23:13:39 +0000
asID: 200464
IP address blocks: 2a14:7581:ffa::/48 maxlen: 48
2a14:7583:e700::/40 maxlen: 48
2a14:7583:e700::/41 maxlen: 48
2a14:7583:e700::/48 maxlen: 48
2a14:7583:e703::/48 maxlen: 48
2a14:7583:e780::/41 maxlen: 48
2a14:7583:e7fe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:86:aa:83:86:60:e5:5a:3d:39:e1:40:49:ca:00:7e:0a:9a:de:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 5 23:08:39 2026 GMT
Not After : Apr 4 23:13:39 2027 GMT
Subject: CN=F774D064822F97CEB6F792196D6DAB60945F5DB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:7f:21:9d:55:31:72:50:96:11:4a:41:fb:ad:
b6:50:f6:84:57:18:14:16:05:57:9e:da:ef:73:11:
b1:8c:72:fa:49:06:fc:e2:c5:82:8e:a5:9b:45:f1:
e4:cb:0d:4c:ca:fc:8a:3e:50:a9:73:4f:e6:b7:0d:
5e:b0:45:9a:3d:e3:a1:80:68:58:10:52:c2:3e:a3:
7c:bb:6f:f8:0b:97:d2:af:60:e8:eb:db:56:14:34:
29:e6:f4:a5:29:97:a8:3d:9d:0d:94:7e:df:e1:b5:
87:2d:57:10:ea:2f:9c:e7:e2:16:46:a5:96:65:4f:
dd:73:57:5a:57:17:5c:f2:1c:ba:2f:21:89:34:80:
ec:44:7e:cf:0d:e4:ec:dc:88:ac:15:0c:4d:00:48:
7f:4e:4f:3d:8a:2d:f8:6c:f3:67:a1:04:f7:46:07:
c1:b9:98:77:aa:cf:fc:9b:27:da:73:4e:a2:20:56:
4d:34:f9:c7:87:26:24:86:1e:79:4b:b9:f8:2b:09:
b8:38:73:1e:8f:97:74:e0:e4:72:52:6d:de:1d:6b:
39:5d:5c:e3:e9:69:ce:84:87:ee:53:c2:d0:bd:e9:
a2:cd:1e:ee:cd:01:d3:f5:31:4e:c5:95:5d:1c:54:
e5:9d:05:10:ba:b6:e3:68:cf:75:09:99:27:c4:74:
51:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:74:D0:64:82:2F:97:CE:B6:F7:92:19:6D:6D:AB:60:94:5F:5D:B2
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:ffa::/48
2a14:7583:e700::/40
Signature Algorithm: sha256WithRSAEncryption
82:24:f2:11:3f:5c:e9:b7:a4:09:6c:44:ea:91:c3:0e:3b:cb:
c6:af:2c:cd:6f:57:3b:5a:fb:d9:00:17:80:30:c1:57:89:fd:
31:b9:d3:f0:a0:2d:4c:8b:a4:e3:94:8c:2c:68:55:ec:a4:29:
f1:b9:c5:74:ae:fa:55:06:a4:b3:cb:9c:79:14:57:62:13:2f:
28:26:3e:c6:e9:b6:e2:60:75:b6:c9:b1:4e:43:09:98:be:7a:
ad:e0:39:82:ba:60:6c:79:d2:bd:46:d6:36:72:bd:fa:52:60:
2c:b8:96:c9:c3:45:fb:79:33:2b:e0:d3:02:43:8b:f0:67:9e:
27:f2:a5:f6:c4:7d:de:82:cf:4e:04:63:bd:5a:90:ad:09:35:
85:c2:15:0c:09:b2:c9:8a:10:8f:86:21:84:1f:0b:6a:95:e2:
31:05:5e:dd:60:f5:77:30:fa:ee:84:37:e5:a6:5b:5e:e5:43:
55:17:d9:33:ad:fe:cc:3b:6a:5c:93:6f:45:b7:66:a8:ac:34:
4e:0f:bb:3d:75:1e:67:6b:a8:9f:75:f2:28:fe:7a:69:94:b6:
69:d8:b0:35:43:f1:9f:5a:91:19:19:9c:1d:e8:e6:ee:76:62:
45:cf:8b:1f:27:3e:e5:c4:91:b9:e4:d4:ca:89:e4:7c:0a:f0:
88:03:e5:ba
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUNIaqg4Zg5Vo9OeFAScoAfgqa3kIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MDUyMzA4MzlaFw0yNzA0MDQyMzEzMzlaMDMxMTAvBgNV
BAMTKEY3NzREMDY0ODIyRjk3Q0VCNkY3OTIxOTZENkRBQjYwOTQ1RjVEQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnfyGdVTFyUJYRSkH7rbZQ9oRX
GBQWBVee2u9zEbGMcvpJBvzixYKOpZtF8eTLDUzK/Io+UKlzT+a3DV6wRZo946GA
aFgQUsI+o3y7b/gLl9KvYOjr21YUNCnm9KUpl6g9nQ2Uft/htYctVxDqL5zn4hZG
pZZlT91zV1pXF1zyHLovIYk0gOxEfs8N5OzciKwVDE0ASH9OTz2KLfhs82ehBPdG
B8G5mHeqz/ybJ9pzTqIgVk00+ceHJiSGHnlLufgrCbg4cx6Pl3Tg5HJSbd4dazld
XOPpac6Eh+5TwtC96aLNHu7NAdP1MU7FlV0cVOWdBRC6tuNoz3UJmSfEdFHBAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU93TQZIIvl86295IZbW2rYJRfXbIwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjAwNDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhR1
gQ/6AwYAKhR1g+cwDQYJKoZIhvcNAQELBQADggEBAIIk8hE/XOm3pAlsROqRww47
y8avLM1vVzta+9kAF4AwwVeJ/TG50/CgLUyLpOOUjCxoVeykKfG5xXSu+lUGpLPL
nHkUV2ITLygmPsbptuJgdbbJsU5DCZi+eq3gOYK6YGx50r1G1jZyvfpSYCy4lsnD
Rft5Myvg0wJDi/BnnifypfbEfd6Cz04EY71akK0JNYXCFQwJssmKEI+GIYQfC2qV
4jEFXt1g9Xcw+u6EN+WmW17lQ1UX2TOt/sw7alyTb0W3ZqisNE4Puz11HmdrqJ91
8ij+emmUtmnYsDVD8Z9akRkZnB3o5u52YkXPix8nPuXEkbnk1MqJ5HwK8IgD5bo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:03:07 2026 by rpki-client