Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200950.roa
File: AS200950.roa (raw, json)
Hash identifier: uz3YA1B0rppRUFQDPRNlEx3MCVp7gHk3XOdygpdngts=
Subject key identifier: C3:62:29:53:EA:BC:B1:B3:33:59:B2:02:D6:11:74:05:60:89:51:6B
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 06237F59E6BE08F0E4ACDF7DE25DC5B455853006
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200950.roa
Signing time: Sat 06 Jun 2026 07:13:40 +0000
ROA not before: Sat 06 Jun 2026 07:08:40 +0000
ROA not after: Sat 05 Jun 2027 07:13:40 +0000
asID: 200950
IP address blocks: 2a14:7583:fff0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:23:7f:59:e6:be:08:f0:e4:ac:df:7d:e2:5d:c5:b4:55:85:30:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 6 07:08:40 2026 GMT
Not After : Jun 5 07:13:40 2027 GMT
Subject: CN=C3622953EABCB1B33359B202D61174056089516B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:be:c2:00:52:40:4b:45:c3:9b:14:4c:46:23:
50:ab:b6:9c:54:df:8c:8f:d0:fa:ac:6e:45:e8:e6:
7c:01:c4:78:87:d0:d0:b7:ea:e1:6c:89:8e:8e:1b:
7f:c6:1e:6e:7b:e4:39:88:d4:cf:fa:21:63:23:a4:
6e:df:b6:e4:14:d5:69:ae:50:7d:11:ae:75:60:0a:
80:c2:08:a2:bf:e7:00:6d:95:50:e9:8b:45:e6:e7:
fb:44:6d:2f:1b:ad:50:14:d5:9c:07:65:a9:3c:71:
9b:88:f0:cf:32:bd:68:e6:f4:d9:a4:02:41:fb:11:
94:fc:1b:bb:64:76:7c:3c:c6:dc:5a:87:d8:6a:cb:
87:e2:82:0d:63:2b:17:5f:54:c8:7f:27:bc:ce:e8:
9a:74:74:cc:77:95:df:ce:6e:80:20:45:0f:a8:c9:
04:4c:9f:e2:90:c2:b2:cc:cc:11:32:10:4b:5a:90:
df:bf:b8:da:3c:c9:bd:b5:5d:b7:4d:76:7e:76:0e:
0b:a8:09:7b:0b:03:0c:e1:22:66:78:dc:fd:66:4a:
38:08:b7:f5:28:18:fa:d4:df:cf:57:f0:eb:12:31:
a0:82:0b:aa:3c:8f:2b:af:c0:63:d9:7a:44:b8:c6:
9e:af:09:93:74:c4:0c:21:32:ce:c9:72:72:1a:3d:
89:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:62:29:53:EA:BC:B1:B3:33:59:B2:02:D6:11:74:05:60:89:51:6B
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS200950.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7583:fff0::/44
Signature Algorithm: sha256WithRSAEncryption
3e:59:10:b9:d2:65:1e:8e:3c:ec:9c:41:dc:e8:42:14:3a:50:
b8:0f:5d:f7:6f:af:02:1c:b6:22:62:34:da:41:07:b5:6c:58:
30:fc:ac:20:7d:bf:bf:76:b5:f0:15:a5:4c:02:89:66:69:a2:
20:45:53:41:21:11:b2:1b:17:83:ed:66:30:bf:ac:02:c3:9b:
97:51:75:42:8c:ca:ee:92:b4:ab:e8:84:5b:31:00:55:60:87:
03:bd:0b:db:9c:65:25:e8:78:4f:d6:49:02:42:15:4e:dd:b9:
36:2a:1b:7e:e4:e9:cf:9f:03:6d:93:1b:cc:e2:15:cd:e0:2f:
aa:95:c5:b6:51:73:dc:b7:a3:69:d6:6c:62:43:e7:c7:23:32:
28:3e:8a:87:61:dd:34:b2:c0:24:a7:a5:6e:24:8c:77:12:26:
b9:74:17:71:24:6f:13:07:4e:21:ef:ba:7c:c4:f9:d4:8f:21:
4e:d2:81:fc:b8:b2:01:61:d5:23:30:7e:71:1d:89:a5:89:43:
b5:1c:7c:8b:c0:d2:1d:2e:bb:59:18:83:12:0c:2d:d8:ae:72:
7f:86:ed:61:f7:0a:3d:a6:ba:b0:bd:5b:58:d8:6b:f0:f2:72:
58:04:48:d1:18:ea:1d:eb:0a:8e:ba:cb:33:97:ef:d2:74:2f:
af:35:2d:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUBiN/Wea+CPDkrN994l3FtFWFMAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA2MDYwNzA4NDBaFw0yNzA2MDUwNzEzNDBaMDMxMTAvBgNV
BAMTKEMzNjIyOTUzRUFCQ0IxQjMzMzU5QjIwMkQ2MTE3NDA1NjA4OTUxNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsvsIAUkBLRcObFExGI1CrtpxU
34yP0PqsbkXo5nwBxHiH0NC36uFsiY6OG3/GHm575DmI1M/6IWMjpG7ftuQU1Wmu
UH0RrnVgCoDCCKK/5wBtlVDpi0Xm5/tEbS8brVAU1ZwHZak8cZuI8M8yvWjm9Nmk
AkH7EZT8G7tkdnw8xtxah9hqy4figg1jKxdfVMh/J7zO6Jp0dMx3ld/OboAgRQ+o
yQRMn+KQwrLMzBEyEEtakN+/uNo8yb21XbdNdn52DguoCXsLAwzhImZ43P1mSjgI
t/UoGPrU389X8OsSMaCCC6o8jyuvwGPZekS4xp6vCZN0xAwhMs7JcnIaPYnxAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUw2IpU+q8sbMzWbIC1hF0BWCJUWswHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjAwOTUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1
g//wMA0GCSqGSIb3DQEBCwUAA4IBAQA+WRC50mUejjzsnEHc6EIUOlC4D133b68C
HLYiYjTaQQe1bFgw/Kwgfb+/drXwFaVMAolmaaIgRVNBIRGyGxeD7WYwv6wCw5uX
UXVCjMrukrSr6IRbMQBVYIcDvQvbnGUl6HhP1kkCQhVO3bk2Kht+5OnPnwNtkxvM
4hXN4C+qlcW2UXPct6Np1mxiQ+fHIzIoPoqHYd00ssAkp6VuJIx3Eia5dBdxJG8T
B04h77p8xPnUjyFO0oH8uLIBYdUjMH5xHYmliUO1HHyLwNIdLrtZGIMSDC3YrnJ/
hu1h9wo9prqwvVtY2Gvw8nJYBEjRGOod6wqOusszl+/SdC+vNS1Q
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:37:28 2026 by rpki-client