Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204069.roa
File: AS204069.roa (raw, json)
Hash identifier: QEXRXTw3avO/cbQQtjW2iUNvm69S7qNTDgGxBvkol9I=
Subject key identifier: 55:3E:02:F0:97:D2:F6:B5:1A:51:6F:0C:D2:50:FF:7E:25:DD:92:B6
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 68095ECD2DDA6C4F5F4A432D6ADFF2BBA535621B
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204069.roa
Signing time: Tue 04 Nov 2025 16:57:01 +0000
ROA not before: Tue 04 Nov 2025 16:52:01 +0000
ROA not after: Tue 03 Nov 2026 16:57:01 +0000
asID: 204069
IP address blocks: 2a14:7581:f10::/44 maxlen: 48
2a14:7581:fe5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:09:5e:cd:2d:da:6c:4f:5f:4a:43:2d:6a:df:f2:bb:a5:35:62:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Nov 4 16:52:01 2025 GMT
Not After : Nov 3 16:57:01 2026 GMT
Subject: CN=553E02F097D2F6B51A516F0CD250FF7E25DD92B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ed:ac:af:22:23:2a:00:40:17:2b:75:76:a4:
fe:99:08:2c:07:51:de:73:7f:e6:34:78:14:06:b4:
e8:d4:76:45:5d:6b:44:ee:b3:1d:96:d4:16:06:df:
50:03:86:4f:4a:92:17:48:27:9a:0f:51:04:51:66:
e7:86:74:ed:a9:1b:08:29:b8:68:03:ec:0c:ad:87:
b8:79:53:db:1c:1b:c6:16:51:c2:64:36:e8:8f:2f:
f2:c0:02:84:cc:3d:19:2a:4c:df:04:95:56:f5:8f:
91:50:42:03:05:f7:20:3d:2a:c7:91:4f:b5:96:95:
38:bc:cf:4a:f3:ab:82:f9:aa:42:79:63:27:62:5c:
4b:9f:e7:3f:50:b4:66:89:34:bd:d3:88:1d:3e:97:
8d:24:95:5b:db:b1:cd:33:0a:94:3a:fc:60:88:66:
46:43:bf:37:be:97:d0:bc:56:5c:72:4b:40:83:10:
11:7a:67:e0:10:10:af:32:e4:83:92:f1:a2:29:82:
76:86:e3:c9:a3:b5:bd:c8:c4:82:11:aa:00:d3:c4:
18:e2:60:34:8e:db:b9:8d:51:38:0b:37:de:b1:67:
a7:e5:1f:c8:b1:4e:12:f5:01:a5:8f:e8:82:9b:4d:
e0:e8:55:01:1f:e6:9f:aa:d0:3f:57:de:ab:34:8c:
a9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:3E:02:F0:97:D2:F6:B5:1A:51:6F:0C:D2:50:FF:7E:25:DD:92:B6
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204069.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f10::/44
2a14:7581:fe5::/48
Signature Algorithm: sha256WithRSAEncryption
9c:82:e6:b3:d0:86:06:ae:63:bb:1b:a4:d2:37:8c:88:b5:b3:
0b:ef:be:95:99:4c:49:0a:d7:2b:5f:0e:fb:2e:52:85:a4:dd:
9b:15:19:9b:00:77:e4:28:f0:62:6c:c7:9a:1d:b9:e7:1b:1e:
b6:d8:49:bb:04:6d:13:b4:ca:23:0c:6c:cd:11:cb:4a:0f:62:
55:0e:ab:f8:d9:73:37:d8:f2:69:22:a8:dd:e5:92:05:2f:db:
1a:c6:f0:3d:fc:92:e7:51:4f:2c:7e:7b:41:b6:d1:3a:21:76:
54:0c:39:ea:6b:94:04:5a:93:5f:36:5d:e7:0e:85:0e:f8:ab:
52:ef:2b:06:d4:50:72:9f:ca:8d:f1:22:74:aa:26:12:26:3b:
c7:e8:9c:29:6e:16:3f:70:7c:de:9a:21:8a:50:f5:02:2f:b2:
b7:a9:6c:36:9c:d6:d6:41:a9:2d:c8:2a:e0:19:34:7c:cd:a4:
67:4b:78:21:ad:56:17:40:d7:07:c2:b0:1b:9a:b6:1d:de:cf:
b2:8a:fd:a9:34:2c:e2:db:f3:c4:fa:8d:d4:54:af:59:de:bb:
0b:a3:2d:4d:07:cd:5e:14:02:d0:7a:71:11:19:5b:77:c1:3f:
b5:69:cb:3e:56:82:7a:96:e6:bb:d2:d8:b9:58:d1:18:a5:f8:
8c:5f:f7:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUaAlezS3abE9fSkMtat/yu6U1YhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTExMDQxNjUyMDFaFw0yNjExMDMxNjU3MDFaMDMxMTAvBgNV
BAMTKDU1M0UwMkYwOTdEMkY2QjUxQTUxNkYwQ0QyNTBGRjdFMjVERDkyQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR7ayvIiMqAEAXK3V2pP6ZCCwH
Ud5zf+Y0eBQGtOjUdkVda0Tusx2W1BYG31ADhk9KkhdIJ5oPUQRRZueGdO2pGwgp
uGgD7Ayth7h5U9scG8YWUcJkNuiPL/LAAoTMPRkqTN8ElVb1j5FQQgMF9yA9KseR
T7WWlTi8z0rzq4L5qkJ5YydiXEuf5z9QtGaJNL3TiB0+l40klVvbsc0zCpQ6/GCI
ZkZDvze+l9C8VlxyS0CDEBF6Z+AQEK8y5IOS8aIpgnaG48mjtb3IxIIRqgDTxBji
YDSO27mNUTgLN96xZ6flH8ixThL1AaWP6IKbTeDoVQEf5p+q0D9X3qs0jKmrAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUVT4C8JfS9rUaUW8M0lD/fiXdkrYwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0MDY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhR1
gQ8QAwcAKhR1gQ/lMA0GCSqGSIb3DQEBCwUAA4IBAQCcguaz0IYGrmO7G6TSN4yI
tbML776VmUxJCtcrXw77LlKFpN2bFRmbAHfkKPBibMeaHbnnGx622Em7BG0TtMoj
DGzNEctKD2JVDqv42XM32PJpIqjd5ZIFL9saxvA9/JLnUU8sfntBttE6IXZUDDnq
a5QEWpNfNl3nDoUO+KtS7ysG1FByn8qN8SJ0qiYSJjvH6JwpbhY/cHzemiGKUPUC
L7K3qWw2nNbWQaktyCrgGTR8zaRnS3ghrVYXQNcHwrAbmrYd3s+yiv2pNCzi2/PE
+o3UVK9Z3rsLoy1NB81eFALQenERGVt3wT+1acs+VoJ6lua70ti5WNEYpfiMX/cl
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:37:10 2025 by rpki-client