Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa
File: AS206540.roa (raw, json)
Hash identifier: Y+YIwnEVIgIY7f3PJBiwT5NuAqcnw3jy6v5P5FDXa1U=
Subject key identifier: BA:49:32:E2:DA:D5:47:30:45:1D:B5:47:1E:4A:A8:2F:96:DB:9A:89
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 221ADFCFDDC07F5EDCFFA81CB4EA057D507D481C
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa
Signing time: Sat 23 May 2026 11:38:33 +0000
ROA not before: Sat 23 May 2026 11:33:33 +0000
ROA not after: Sat 22 May 2027 11:38:33 +0000
asID: 206540
IP address blocks: 2a14:7580:ffb0::/44 maxlen: 48
2a14:7580:ffc0::/44 maxlen: 48
2a14:7583:ff10::/44 maxlen: 48
2a14:7583:ff2b::/48 maxlen: 48
2a14:7583:ff30::/44 maxlen: 48
2a14:7583:ff60::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 08:33:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:1a:df:cf:dd:c0:7f:5e:dc:ff:a8:1c:b4:ea:05:7d:50:7d:48:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 23 11:33:33 2026 GMT
Not After : May 22 11:38:33 2027 GMT
Subject: CN=BA4932E2DAD54730451DB5471E4AA82F96DB9A89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:b0:95:01:70:0a:05:d8:e8:e5:c9:e9:4a:a0:
ad:3b:0d:e3:af:81:b3:aa:ae:80:fe:8d:6d:7b:50:
de:a2:d1:a9:2e:64:e6:4b:cf:3c:09:e4:b6:b9:f4:
33:bd:01:57:11:f2:d6:9f:17:68:2e:d7:c0:60:63:
51:20:3e:ec:3d:2a:b5:f7:8d:69:19:21:21:73:9f:
17:c2:a0:bc:5d:63:e6:c9:c8:b5:04:99:12:c1:cc:
85:54:b2:e8:d3:04:e7:3b:5e:34:79:f5:66:1d:3e:
6a:6a:8a:93:c0:d3:16:c3:2b:05:b8:c5:8c:2c:dd:
d5:a7:ab:73:86:bc:ae:72:26:54:79:58:88:be:89:
8e:8d:14:cd:67:e3:30:19:2b:1e:9d:3d:e1:52:4a:
e1:43:99:68:c0:67:5e:66:7b:02:e3:76:66:fe:01:
1a:54:1b:97:be:57:e0:d6:19:a9:96:49:79:cf:4b:
56:5b:4b:9c:1a:23:16:17:6f:c2:7f:9b:e6:2b:fb:
24:bf:17:4f:77:56:8c:e4:f7:19:0c:1b:2c:2f:af:
a6:fb:33:c8:c8:41:5e:26:2a:91:5c:8c:b9:32:8e:
2b:8f:e5:da:d7:6f:ee:f7:a8:46:96:90:f0:a1:93:
48:70:d7:de:07:22:2a:41:89:1d:a9:b3:f4:b8:4d:
5f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:49:32:E2:DA:D5:47:30:45:1D:B5:47:1E:4A:A8:2F:96:DB:9A:89
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ffb0::-2a14:7580:ffcf:ffff:ffff:ffff:ffff:ffff
2a14:7583:ff10::/44
2a14:7583:ff2b::/48
2a14:7583:ff30::/44
2a14:7583:ff60::/44
Signature Algorithm: sha256WithRSAEncryption
6f:5a:a6:e6:6b:41:90:32:c8:42:7b:33:a7:ac:fb:9e:fb:11:
67:e9:b2:59:b1:26:95:68:69:68:0d:05:12:11:2e:70:39:1d:
a0:7b:73:a0:02:c5:00:44:19:81:ca:4f:5d:0d:fa:a2:ff:7c:
01:68:d9:23:43:3f:a0:b9:b7:d8:d1:f0:c0:c3:7e:b1:25:b2:
d4:5f:0a:93:85:37:52:c6:c9:b5:56:f0:46:42:29:2c:2d:a0:
aa:a1:7e:35:34:f2:92:f7:45:5c:d2:dd:e3:75:fb:d9:7d:b9:
f0:2d:7d:32:03:27:20:0e:69:5d:0b:24:b1:1c:ff:68:0d:d3:
81:6e:4d:ec:75:8e:1b:64:e1:19:7c:0d:2b:72:d1:1f:a8:b2:
7f:24:86:f4:33:90:e6:47:39:e4:9d:b3:ae:31:7d:d3:76:71:
b2:50:27:06:e4:66:1a:90:46:de:0c:ce:bb:2e:1d:a0:37:ff:
5a:35:57:37:48:52:33:c6:47:13:62:af:24:78:f2:8a:81:27:
45:ac:95:b8:c2:4c:83:9e:dd:cd:5a:1b:df:06:28:c4:69:70:
3f:52:e9:af:0d:33:9d:be:76:b8:14:af:4e:36:c0:2c:bc:30:
bf:04:e8:76:fa:0b:59:76:ce:f7:83:e2:24:53:c3:63:e5:dc:
5b:93:9d:24
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUIhrfz93Af17c/6gctOoFfVB9SBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MjMxMTMzMzNaFw0yNzA1MjIxMTM4MzNaMDMxMTAvBgNV
BAMTKEJBNDkzMkUyREFENTQ3MzA0NTFEQjU0NzFFNEFBODJGOTZEQjlBODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1sJUBcAoF2OjlyelKoK07DeOv
gbOqroD+jW17UN6i0akuZOZLzzwJ5La59DO9AVcR8tafF2gu18BgY1EgPuw9KrX3
jWkZISFznxfCoLxdY+bJyLUEmRLBzIVUsujTBOc7XjR59WYdPmpqipPA0xbDKwW4
xYws3dWnq3OGvK5yJlR5WIi+iY6NFM1n4zAZKx6dPeFSSuFDmWjAZ15mewLjdmb+
ARpUG5e+V+DWGamWSXnPS1ZbS5waIxYXb8J/m+Yr+yS/F093Vozk9xkMGywvr6b7
M8jIQV4mKpFcjLkyjiuP5drXb+73qEaWkPChk0hw194HIipBiR2ps/S4TV/3AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUukky4trVRzBFHbVHHkqoL5bbmokwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA2NTQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4MBIDBwQq
FHWA/7ADBwQqFHWA/8ADBwQqFHWD/xADBwAqFHWD/ysDBwQqFHWD/zADBwQqFHWD
/2AwDQYJKoZIhvcNAQELBQADggEBAG9apuZrQZAyyEJ7M6es+577EWfpslmxJpVo
aWgNBRIRLnA5HaB7c6ACxQBEGYHKT10N+qL/fAFo2SNDP6C5t9jR8MDDfrElstRf
CpOFN1LGybVW8EZCKSwtoKqhfjU08pL3RVzS3eN1+9l9ufAtfTIDJyAOaV0LJLEc
/2gN04FuTex1jhtk4Rl8DSty0R+osn8khvQzkOZHOeSds64xfdN2cbJQJwbkZhqQ
Rt4MzrsuHaA3/1o1VzdIUjPGRxNiryR48oqBJ0WslbjCTIOe3c1aG98GKMRpcD9S
6a8NM52+drgUr042wCy8ML8E6Hb6C1l2zveD4iRTw2Pl3FuTnSQ=
-----END CERTIFICATE-----
Generated at Wed Jun 17 10:57:59 2026 by rpki-client