Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa
File: AS206540.roa (raw, json)
Hash identifier: NTIcQLrLRZHwha9PVCmDlNtz23rCGYpsm+L9pOMjg9A=
Subject key identifier: 1A:7B:81:D8:63:1E:FE:96:5E:88:DF:8F:60:D5:37:CB:76:01:31:BC
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 47CEDA0E41256FC2A52B8ADA8A0C06EA681788A3
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa
Signing time: Fri 06 Feb 2026 16:49:38 +0000
ROA not before: Fri 06 Feb 2026 16:44:38 +0000
ROA not after: Fri 05 Feb 2027 16:49:38 +0000
asID: 206540
IP address blocks: 2a14:7580:ffb0::/44 maxlen: 48
2a14:7580:ffc0::/44 maxlen: 48
2a14:7583:ff10::/44 maxlen: 48
2a14:7583:ff30::/44 maxlen: 48
2a14:7583:ff80::/43 maxlen: 43
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ce:da:0e:41:25:6f:c2:a5:2b:8a:da:8a:0c:06:ea:68:17:88:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 6 16:44:38 2026 GMT
Not After : Feb 5 16:49:38 2027 GMT
Subject: CN=1A7B81D8631EFE965E88DF8F60D537CB760131BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:bf:05:4c:95:ff:8c:dc:f3:02:8d:9b:cc:1a:
3e:be:93:ec:84:fd:c5:4f:81:7b:0c:49:87:f5:50:
7a:83:a2:4a:eb:15:03:ba:70:97:cd:72:1a:ea:c6:
51:1b:a4:e3:a7:ab:8c:e1:87:6f:f1:81:49:64:9a:
41:3f:50:53:13:85:0d:d0:8a:bd:1f:a5:76:14:d4:
b8:59:ff:fe:1a:6e:97:e7:d1:97:87:87:64:bd:bc:
73:71:2b:63:2d:c5:6b:0f:3e:89:fe:f3:21:51:20:
e1:a3:40:87:7c:8b:53:ad:a2:e7:55:5f:5c:46:db:
6c:42:4f:65:f2:96:5f:d6:af:49:d8:cf:9d:fc:46:
fb:45:b7:3b:d9:78:61:0f:21:ed:e4:24:e4:68:a9:
d9:00:70:82:9e:a6:13:54:b8:a1:66:d0:f4:74:09:
15:2e:96:82:1d:42:be:0a:9d:00:d0:bb:1d:b4:2c:
06:03:85:4b:23:23:f0:95:74:ce:96:d7:2b:95:b6:
4d:4e:98:06:6f:c6:83:21:ff:b2:0c:02:50:99:10:
d3:0c:9a:51:c2:89:23:78:58:fe:ab:f7:c8:99:db:
17:27:fc:ac:e5:8e:57:4c:25:11:50:8a:3b:02:fb:
c3:cf:21:0a:04:91:de:f8:8a:73:27:90:c4:a7:63:
ce:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:7B:81:D8:63:1E:FE:96:5E:88:DF:8F:60:D5:37:CB:76:01:31:BC
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ffb0::-2a14:7580:ffcf:ffff:ffff:ffff:ffff:ffff
2a14:7583:ff10::/44
2a14:7583:ff30::/44
2a14:7583:ff80::/43
Signature Algorithm: sha256WithRSAEncryption
49:26:9c:c9:09:de:1b:4a:3c:a1:c8:bb:99:de:31:0d:9b:7e:
f3:d1:e0:85:ab:91:b9:c2:b2:87:6c:0f:a1:00:8b:7e:02:fb:
2f:f8:18:92:af:21:9a:87:93:10:ae:2c:f9:8e:f8:3b:ba:fb:
19:5e:68:ec:67:1a:78:42:36:1e:19:e8:f7:a3:30:d4:48:aa:
1a:5f:ef:cd:c2:66:b5:dc:4f:e7:bc:a5:fd:6b:ca:96:07:27:
34:b1:75:53:ec:62:96:5a:5c:44:98:c7:6f:49:0c:d6:9a:50:
7f:5d:63:31:1b:a4:89:53:f0:81:b1:38:1b:ae:ce:77:90:f3:
5c:fc:32:20:c8:75:d1:bb:63:c7:a4:62:5a:b0:0a:19:e6:c7:
a4:9a:15:bf:8d:74:65:bd:87:93:4a:0d:fa:2f:4f:d6:0e:b9:
4c:4b:22:d1:ff:02:e3:b5:87:30:0a:45:cd:f2:22:ad:b7:17:
fe:86:0e:31:57:63:be:71:0e:f2:c5:b0:99:ba:09:88:ca:eb:
27:df:fd:7a:af:79:c1:28:6b:95:1d:a6:6b:d5:55:80:c8:b7:
b6:ad:a0:ab:b6:f7:d1:99:e8:f0:40:4e:c1:07:63:ed:a0:cf:
91:ad:ec:b1:8f:a3:a0:ae:3f:22:46:8c:d5:93:27:c3:e4:f7:
95:21:47:28
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUR87aDkElb8KlK4raigwG6mgXiKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAyMDYxNjQ0MzhaFw0yNzAyMDUxNjQ5MzhaMDMxMTAvBgNV
BAMTKDFBN0I4MUQ4NjMxRUZFOTY1RTg4REY4RjYwRDUzN0NCNzYwMTMxQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZvwVMlf+M3PMCjZvMGj6+k+yE
/cVPgXsMSYf1UHqDokrrFQO6cJfNchrqxlEbpOOnq4zhh2/xgUlkmkE/UFMThQ3Q
ir0fpXYU1LhZ//4abpfn0ZeHh2S9vHNxK2MtxWsPPon+8yFRIOGjQId8i1OtoudV
X1xG22xCT2Xyll/Wr0nYz538RvtFtzvZeGEPIe3kJORoqdkAcIKephNUuKFm0PR0
CRUuloIdQr4KnQDQux20LAYDhUsjI/CVdM6W1yuVtk1OmAZvxoMh/7IMAlCZENMM
mlHCiSN4WP6r98iZ2xcn/KzljldMJRFQijsC+8PPIQoEkd74inMnkMSnY87NAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUGnuB2GMe/pZeiN+PYNU3y3YBMbwwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA2NTQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvMBIDBwQq
FHWA/7ADBwQqFHWA/8ADBwQqFHWD/xADBwQqFHWD/zADBwUqFHWD/4AwDQYJKoZI
hvcNAQELBQADggEBAEkmnMkJ3htKPKHIu5neMQ2bfvPR4IWrkbnCsodsD6EAi34C
+y/4GJKvIZqHkxCuLPmO+Du6+xleaOxnGnhCNh4Z6PejMNRIqhpf783CZrXcT+e8
pf1rypYHJzSxdVPsYpZaXESYx29JDNaaUH9dYzEbpIlT8IGxOBuuzneQ81z8MiDI
ddG7Y8ekYlqwChnmx6SaFb+NdGW9h5NKDfovT9YOuUxLItH/AuO1hzAKRc3yIq23
F/6GDjFXY75xDvLFsJm6CYjK6yff/XqvecEoa5UdpmvVVYDIt7atoKu299GZ6PBA
TsEHY+2gz5Gt7LGPo6CuPyJGjNWTJ8Pk95UhRyg=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:03:00 2026 by rpki-client