Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
File: AS204464.roa (raw, json)
Hash identifier: DaXq6fwhuq1BAk2/NkSNjUTyJnKoFbYB/gd66qnyGu4=
Subject key identifier: 50:92:C7:A7:3B:F5:7F:98:9A:A8:EB:15:2F:0A:03:A1:25:9C:61:CB
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 0822CE7BF01FA522A77AE494DF3BB8DC88444752
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
Signing time: Mon 13 Apr 2026 12:33:39 +0000
ROA not before: Mon 13 Apr 2026 12:28:39 +0000
ROA not after: Mon 12 Apr 2027 12:33:39 +0000
asID: 204464
IP address blocks: 2a14:7584:a000::/36 maxlen: 36
2a14:7584:b000::/36 maxlen: 36
2a14:7585:a000::/36 maxlen: 36
2a14:7585:b000::/36 maxlen: 36
2a14:7585:c000::/36 maxlen: 36
2a14:7585:d000::/36 maxlen: 36
2a14:7585:e000::/36 maxlen: 36
2a14:7585:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:22:ce:7b:f0:1f:a5:22:a7:7a:e4:94:df:3b:b8:dc:88:44:47:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 13 12:28:39 2026 GMT
Not After : Apr 12 12:33:39 2027 GMT
Subject: CN=5092C7A73BF57F989AA8EB152F0A03A1259C61CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:35:63:fa:2e:41:73:90:66:e5:ca:61:bf:cb:
87:6f:06:3c:56:c3:c8:10:1f:af:ab:18:21:8c:9f:
11:58:5f:bc:76:2b:a3:35:a0:29:59:09:d3:4b:5c:
54:f0:13:fa:d2:1c:7d:c8:9f:e5:f6:ed:58:91:cf:
3a:9d:e9:4e:33:9c:d4:8b:8c:a0:17:ac:c2:b0:93:
f4:f3:15:d9:ff:e7:87:19:9a:db:4d:03:d3:0a:10:
c7:25:38:3a:eb:a2:6b:5f:88:35:00:3b:fa:83:6a:
52:53:40:2c:ee:43:ee:89:15:2d:3e:9e:34:a4:38:
1a:a9:e7:ee:db:9d:3e:c4:9b:ac:b3:e0:3a:d8:46:
66:0b:13:13:0a:36:41:c7:5f:59:29:3a:ce:5f:26:
ec:8e:71:82:51:b7:cd:25:ef:cd:60:e2:84:49:97:
50:85:96:56:58:81:e4:37:d7:b4:07:35:89:16:67:
6b:cb:b2:86:a6:d3:89:95:c0:53:a3:e1:5e:c1:33:
08:e6:4b:fa:11:80:ba:ca:0b:df:4f:b0:36:e7:f8:
b6:e1:77:49:02:f7:31:1a:72:75:f1:e3:47:15:a8:
33:6b:40:b8:c4:dc:fe:c2:67:37:ab:c3:30:2d:89:
42:15:25:f2:5d:40:e2:2b:05:56:13:1c:ef:54:61:
97:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:92:C7:A7:3B:F5:7F:98:9A:A8:EB:15:2F:0A:03:A1:25:9C:61:CB
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:a000::/35
2a14:7585:a000::-2a14:7585:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:6e:9a:6c:df:ab:02:be:a5:7b:60:31:93:05:54:ef:67:8e:
6f:b7:51:31:70:c4:c7:1e:4b:3d:d4:de:40:74:d5:7c:a8:57:
d9:9e:96:41:7c:ea:82:c7:f1:90:bd:1f:59:9c:1c:18:25:39:
2d:e8:aa:bc:c0:cd:14:d1:46:a9:e1:15:20:f9:d8:58:3f:ea:
71:9f:15:0e:1d:f7:95:53:42:a1:2a:b4:67:1b:c2:ae:75:e6:
9a:d0:bd:dc:db:ec:8c:9e:3b:d9:b6:bd:f0:b1:74:c1:1b:51:
3f:0e:88:29:f4:67:53:96:92:e4:d6:4f:fb:b4:1a:39:f2:65:
92:82:1a:cc:78:f6:1e:6b:07:c5:41:c7:bd:83:b1:6c:82:7c:
98:1b:3f:cf:db:13:40:ae:70:d3:48:36:de:6d:0b:fb:85:cc:
6b:dd:bb:d2:7d:57:74:3f:d8:2f:5b:5f:75:da:15:7d:9d:5a:
03:4c:c7:87:44:76:f1:3b:e3:a8:e8:12:8c:b1:73:1b:fd:af:
29:ae:a0:51:e7:af:ff:7f:0f:34:e5:c0:09:8b:8a:4c:ed:17:
0a:db:52:02:0f:bd:fd:cc:fc:ba:60:91:29:90:4d:bc:a1:97:
05:88:3d:52:2a:05:a5:17:b1:a7:82:0d:db:c4:ad:67:66:8f:
c5:64:5c:80
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUCCLOe/AfpSKneuSU3zu43IhER1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MTMxMjI4MzlaFw0yNzA0MTIxMjMzMzlaMDMxMTAvBgNV
BAMTKDUwOTJDN0E3M0JGNTdGOTg5QUE4RUIxNTJGMEEwM0ExMjU5QzYxQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyNWP6LkFzkGblymG/y4dvBjxW
w8gQH6+rGCGMnxFYX7x2K6M1oClZCdNLXFTwE/rSHH3In+X27ViRzzqd6U4znNSL
jKAXrMKwk/TzFdn/54cZmttNA9MKEMclODrromtfiDUAO/qDalJTQCzuQ+6JFS0+
njSkOBqp5+7bnT7Em6yz4DrYRmYLExMKNkHHX1kpOs5fJuyOcYJRt80l781g4oRJ
l1CFllZYgeQ317QHNYkWZ2vLsoam04mVwFOj4V7BMwjmS/oRgLrKC99PsDbn+Lbh
d0kC9zEacnXx40cVqDNrQLjE3P7CZzerwzAtiUIVJfJdQOIrBVYTHO9UYZe1AgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUUJLHpzv1f5iaqOsVLwoDoSWcYcswHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYFKhR1
hKAwDwMGBSoUdYWgAwUBKhR1hDANBgkqhkiG9w0BAQsFAAOCAQEAY26abN+rAr6l
e2AxkwVU72eOb7dRMXDExx5LPdTeQHTVfKhX2Z6WQXzqgsfxkL0fWZwcGCU5Leiq
vMDNFNFGqeEVIPnYWD/qcZ8VDh33lVNCoSq0ZxvCrnXmmtC93NvsjJ472ba98LF0
wRtRPw6IKfRnU5aS5NZP+7QaOfJlkoIazHj2HmsHxUHHvYOxbIJ8mBs/z9sTQK5w
00g23m0L+4XMa9270n1XdD/YL1tfddoVfZ1aA0zHh0R28TvjqOgSjLFzG/2vKa6g
Ueev/38PNOXACYuKTO0XCttSAg+9/cz8umCRKZBNvKGXBYg9UioFpRexp4IN28St
Z2aPxWRcgA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:10:52 2026 by rpki-client