Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
File: AS204464.roa (raw, json)
Hash identifier: r6tmCDFRp2Y1kYoUKZL15iyLMS8RBnKI8W0/dLLrkAY=
Subject key identifier: DC:1A:DF:0E:A2:E3:DA:E7:0E:E8:6C:2D:17:C8:C4:86:BE:38:48:97
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 27753D985EB241C159E1D29FF612391F2D5FAF2E
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
Signing time: Sat 06 Jun 2026 18:32:32 +0000
ROA not before: Sat 06 Jun 2026 18:27:32 +0000
ROA not after: Sat 05 Jun 2027 18:32:32 +0000
asID: 204464
IP address blocks: 2a14:7580:ec00::/40 maxlen: 40
2a14:7581:5000::/40 maxlen: 40
2a14:7581:5100::/40 maxlen: 40
2a14:7581:5200::/40 maxlen: 40
2a14:7581:5300::/40 maxlen: 40
2a14:7581:5400::/40 maxlen: 40
2a14:7581:5500::/40 maxlen: 40
2a14:7581:5600::/40 maxlen: 40
2a14:7581:5700::/40 maxlen: 40
2a14:7581:e000::/36 maxlen: 48
2a14:7583:e800::/40 maxlen: 40
2a14:7583:ef20::/44 maxlen: 44
2a14:7583:ef70::/44 maxlen: 44
2a14:7584:a000::/36 maxlen: 36
2a14:7584:b000::/36 maxlen: 36
2a14:7585::/32 maxlen: 32
2a14:7585:b000::/36 maxlen: 36
2a14:7587::/32 maxlen: 32
2a14:7587::/36 maxlen: 36
2a14:7587:1000::/36 maxlen: 36
2a14:7587:2000::/36 maxlen: 36
2a14:7587:3000::/36 maxlen: 36
2a14:7587:4000::/36 maxlen: 36
2a14:7587:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 18:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:75:3d:98:5e:b2:41:c1:59:e1:d2:9f:f6:12:39:1f:2d:5f:af:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 6 18:27:32 2026 GMT
Not After : Jun 5 18:32:32 2027 GMT
Subject: CN=DC1ADF0EA2E3DAE70EE86C2D17C8C486BE384897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:6c:13:15:6b:d7:85:43:c7:7a:df:bc:2b:
69:54:e5:6d:c1:04:2f:aa:5b:4b:ef:76:ee:70:18:
33:d1:d4:52:47:55:27:70:fc:98:20:ed:8d:95:22:
63:36:e7:40:70:6c:89:5f:b7:bb:bc:78:1f:19:86:
d6:36:98:09:b1:48:b3:58:87:21:7a:6d:91:c1:2a:
af:b2:5d:e1:bb:d9:38:6d:a0:67:d8:41:1f:89:4e:
ab:61:b5:23:c7:11:81:10:90:e6:a0:8b:5c:cf:b7:
4e:fe:9b:eb:00:ee:01:b6:9e:05:48:91:bc:e0:1b:
ef:fe:10:90:35:69:5b:9e:6f:76:94:bd:f5:eb:93:
26:8b:54:6b:28:a0:a0:95:15:b1:4f:1d:21:1e:1d:
16:23:29:01:6c:4c:28:ca:28:85:13:10:51:13:32:
05:b1:86:97:c4:22:16:cf:88:76:0d:ec:f5:f6:8b:
97:d2:57:93:fe:b9:da:fa:1e:73:b9:49:49:61:8f:
4f:53:5d:69:29:a7:f6:c9:e8:d3:99:f3:8d:be:4e:
58:8c:a4:df:1b:78:18:32:67:25:95:1c:bc:77:d1:
0f:52:ca:e6:1b:f1:57:f6:3f:ca:34:0c:4d:ea:c7:
b3:4d:8f:21:a7:5c:0d:26:80:2b:4a:c5:56:ce:2d:
0e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1A:DF:0E:A2:E3:DA:E7:0E:E8:6C:2D:17:C8:C4:86:BE:38:48:97
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ec00::/40
2a14:7581:5000::/37
2a14:7581:e000::/36
2a14:7583:e800::/40
2a14:7583:ef20::/44
2a14:7583:ef70::/44
2a14:7584:a000::/35
2a14:7585::/32
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
6a:a0:2d:30:f1:34:07:a5:b2:a5:7e:73:ae:3a:22:fc:8a:fc:
75:dc:14:ac:12:a5:69:83:4f:a7:f3:b7:7b:66:46:62:0d:5e:
7d:00:6a:b3:66:dc:de:d0:f0:5b:44:cc:93:0f:54:63:8c:45:
51:77:1d:6e:fa:a1:3a:b0:b0:6e:ce:db:e4:f1:fb:ea:48:45:
6d:df:46:c2:9f:b9:cc:5d:91:92:e0:03:7b:9d:92:d7:b4:0f:
27:72:94:d4:34:46:b7:be:e4:6c:66:d3:62:95:dd:94:96:d3:
f2:bc:72:d0:e8:79:99:7f:58:8f:ba:67:f0:61:c0:71:2c:e7:
80:17:a5:47:bd:08:5b:c7:00:c5:4a:c1:25:fc:3b:7d:db:82:
2c:47:e2:8d:f8:17:21:92:c3:7d:36:4a:f6:e5:68:87:a8:58:
71:2e:11:1c:ab:2c:6b:9b:b1:a0:d8:c3:7f:80:2f:fd:db:a1:
e3:0a:dc:a5:af:9a:62:13:9d:82:ab:80:2f:ed:fd:d7:e4:4a:
3e:1d:3b:7d:e2:52:60:cd:32:c6:d7:2d:ce:70:9f:b1:c2:62:
88:2b:e3:6b:5d:ad:0f:ea:32:0a:7b:e9:19:26:fa:0e:2e:e1:
87:b4:4c:75:5a:d7:8b:97:bc:19:af:e0:46:b7:92:df:7c:18:
e4:d8:39:28
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUJ3U9mF6yQcFZ4dKf9hI5Hy1fry4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA2MDYxODI3MzJaFw0yNzA2MDUxODMyMzJaMDMxMTAvBgNV
BAMTKERDMUFERjBFQTJFM0RBRTcwRUU4NkMyRDE3QzhDNDg2QkUzODQ4OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC63GwTFWvXhUPHet+8K2lU5W3B
BC+qW0vvdu5wGDPR1FJHVSdw/Jgg7Y2VImM250BwbIlft7u8eB8ZhtY2mAmxSLNY
hyF6bZHBKq+yXeG72ThtoGfYQR+JTqthtSPHEYEQkOagi1zPt07+m+sA7gG2ngVI
kbzgG+/+EJA1aVueb3aUvfXrkyaLVGsooKCVFbFPHSEeHRYjKQFsTCjKKIUTEFET
MgWxhpfEIhbPiHYN7PX2i5fSV5P+udr6HnO5SUlhj09TXWkpp/bJ6NOZ842+TliM
pN8beBgyZyWVHLx30Q9SyuYb8Vf2P8o0DE3qx7NNjyGnXA0mgCtKxVbOLQ61AgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQU3BrfDqLj2ucO6GwtF8jEhr44SJcwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAAjBIAwYAKhR1
gOwDBgMqFHWBUAMGBCoUdYHgAwYAKhR1g+gDBwQqFHWD7yADBwQqFHWD73ADBgUq
FHWEoAMFACoUdYUDBQAqFHWHMA0GCSqGSIb3DQEBCwUAA4IBAQBqoC0w8TQHpbKl
fnOuOiL8ivx13BSsEqVpg0+n87d7ZkZiDV59AGqzZtze0PBbRMyTD1RjjEVRdx1u
+qE6sLBuztvk8fvqSEVt30bCn7nMXZGS4AN7nZLXtA8ncpTUNEa3vuRsZtNild2U
ltPyvHLQ6HmZf1iPumfwYcBxLOeAF6VHvQhbxwDFSsEl/Dt924IsR+KN+BchksN9
Nkr25WiHqFhxLhEcqyxrm7Gg2MN/gC/926HjCtylr5piE52Cq4Av7f3X5Eo+HTt9
4lJgzTLG1y3OcJ+xwmKIK+NrXa0P6jIKe+kZJvoOLuGHtEx1WteLl7wZr+BGt5Lf
fBjk2Dko
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:48:42 2026 by rpki-client