Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
File: AS204464.roa (raw, json)
Hash identifier: 0h2O1NyIH6RxzsMEr4SBLZj2X2lAObunO2LTFMd5i30=
Subject key identifier: AF:B7:D2:CB:1E:3F:DB:92:EF:D8:5F:B1:5E:21:05:90:F0:42:0E:72
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 734C64BED5D0262CA62582D59A812B2E65E255FA
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
Signing time: Sat 28 Feb 2026 07:07:04 +0000
ROA not before: Sat 28 Feb 2026 07:02:04 +0000
ROA not after: Sat 27 Feb 2027 07:07:04 +0000
asID: 204464
IP address blocks: 2a14:7581:e000::/36 maxlen: 36
2a14:7581:e000::/39 maxlen: 39
2a14:7581:e200::/39 maxlen: 39
2a14:7581:e400::/39 maxlen: 39
2a14:7581:e600::/39 maxlen: 39
2a14:7581:e800::/39 maxlen: 39
2a14:7581:ea00::/39 maxlen: 39
2a14:7581:ec00::/39 maxlen: 39
2a14:7581:ee00::/39 maxlen: 39
2a14:7581:ee10::/48 maxlen: 48
2a14:7584:a000::/36 maxlen: 36
2a14:7584:b000::/36 maxlen: 36
2a14:7587::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:4c:64:be:d5:d0:26:2c:a6:25:82:d5:9a:81:2b:2e:65:e2:55:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 28 07:02:04 2026 GMT
Not After : Feb 27 07:07:04 2027 GMT
Subject: CN=AFB7D2CB1E3FDB92EFD85FB15E210590F0420E72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6f:f9:78:2e:8b:10:ba:c5:d3:ba:00:d6:7b:
9f:90:3a:60:e4:8c:e3:f5:e8:f9:7d:eb:00:67:5f:
eb:a5:00:d2:f2:c5:11:ac:b4:8b:e7:36:57:7c:4b:
6f:b6:b1:0e:ad:5a:61:96:53:94:32:dd:8e:b5:dd:
34:47:ad:71:c1:34:83:2b:c4:bf:3d:0f:45:41:02:
fb:1a:d9:9a:b1:6d:dd:d8:a7:ba:a6:23:48:a5:d6:
a1:2f:55:bb:6f:8f:6f:81:98:4e:cc:cc:b6:da:cf:
90:ad:5b:6b:5f:75:5a:96:a0:b2:c7:68:5c:a9:8b:
62:8f:92:85:d6:b5:bf:97:ab:db:fe:ce:ce:3e:67:
e9:13:16:d9:1a:52:24:8c:a3:5a:0b:40:96:3d:af:
ef:db:08:81:8d:1a:91:84:d5:d0:1b:32:13:38:7d:
b0:7a:9f:09:2e:d9:0c:3e:05:e9:80:0c:5f:73:32:
a2:6a:57:a9:4d:9a:ca:1a:ab:86:e3:30:a7:7a:87:
dd:71:0d:1c:8b:9d:b1:d0:6d:db:28:30:bc:55:ce:
9d:58:df:8a:eb:49:4e:11:cc:3d:6d:ef:75:c5:bb:
7c:bc:3d:de:eb:1d:61:32:c2:73:06:47:05:46:1f:
97:55:1d:dd:1c:a9:61:d8:96:25:39:5b:00:80:29:
5c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B7:D2:CB:1E:3F:DB:92:EF:D8:5F:B1:5E:21:05:90:F0:42:0E:72
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS204464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:e000::/36
2a14:7584:a000::/35
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
3e:86:83:90:72:fe:91:3a:9c:f9:20:05:91:f8:b9:2f:05:30:
9c:6d:b8:d2:92:73:84:07:f4:40:fb:54:ae:78:b6:b5:62:d3:
e7:41:ca:5e:98:a2:38:41:e3:22:e6:76:4e:e8:fa:41:6e:81:
50:6c:97:2b:56:9b:71:57:0d:bf:24:38:2d:99:b3:7a:25:9c:
cb:60:2c:8e:3f:ee:a7:37:1b:d2:c2:cb:25:cc:3c:a1:79:8d:
0e:0b:fc:8c:02:6e:02:81:ec:13:bb:3d:b9:ad:aa:aa:ad:9f:
fd:1c:d3:04:ff:b2:d9:e5:5f:2e:bb:b7:08:0b:97:a5:36:fc:
60:56:88:12:a9:43:15:49:d0:26:d0:42:66:46:da:65:97:1f:
29:c2:b2:55:93:99:df:03:d3:36:43:7b:f1:c7:6a:f8:2b:4c:
5b:88:04:a7:cf:a6:76:85:ac:04:ef:cb:7a:fa:b2:b6:14:c3:
d0:00:22:ab:a7:96:ce:1b:73:a3:19:2a:f5:30:ee:e0:46:62:
ba:7d:5f:3a:1a:1f:a0:bd:9e:8b:fc:58:eb:28:05:53:95:3f:
e7:2c:dd:81:c8:73:a2:a6:af:57:1a:ef:00:9d:b4:bc:f6:96:
a1:45:98:08:99:c9:bf:df:c6:47:54:b9:bf:54:de:b0:09:16:
ff:0d:01:f9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUc0xkvtXQJiymJYLVmoErLmXiVfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAyMjgwNzAyMDRaFw0yNzAyMjcwNzA3MDRaMDMxMTAvBgNV
BAMTKEFGQjdEMkNCMUUzRkRCOTJFRkQ4NUZCMTVFMjEwNTkwRjA0MjBFNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcb/l4LosQusXTugDWe5+QOmDk
jOP16Pl96wBnX+ulANLyxRGstIvnNld8S2+2sQ6tWmGWU5Qy3Y613TRHrXHBNIMr
xL89D0VBAvsa2Zqxbd3Yp7qmI0il1qEvVbtvj2+BmE7MzLbaz5CtW2tfdVqWoLLH
aFypi2KPkoXWtb+Xq9v+zs4+Z+kTFtkaUiSMo1oLQJY9r+/bCIGNGpGE1dAbMhM4
fbB6nwku2Qw+BemADF9zMqJqV6lNmsoaq4bjMKd6h91xDRyLnbHQbdsoMLxVzp1Y
34rrSU4RzD1t73XFu3y8Pd7rHWEywnMGRwVGH5dVHd0cqWHYliU5WwCAKVyXAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUr7fSyx4/25Lv2F+xXiEFkPBCDnIwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwYEKhR1
geADBgUqFHWEoAMFACoUdYcwDQYJKoZIhvcNAQELBQADggEBAD6Gg5By/pE6nPkg
BZH4uS8FMJxtuNKSc4QH9ED7VK54trVi0+dByl6YojhB4yLmdk7o+kFugVBslytW
m3FXDb8kOC2Zs3olnMtgLI4/7qc3G9LCyyXMPKF5jQ4L/IwCbgKB7BO7Pbmtqqqt
n/0c0wT/stnlXy67twgLl6U2/GBWiBKpQxVJ0CbQQmZG2mWXHynCslWTmd8D0zZD
e/HHavgrTFuIBKfPpnaFrATvy3r6srYUw9AAIqunls4bc6MZKvUw7uBGYrp9Xzoa
H6C9nov8WOsoBVOVP+cs3YHIc6Kmr1ca7wCdtLz2lqFFmAiZyb/fxkdUub9U3rAJ
Fv8NAfk=
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:40:58 2026 by rpki-client