Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS208437.roa
File: AS208437.roa (raw, json)
Hash identifier: brt3L4NbELKoUYZOEqmenXNc1JDCqphDBraIvyuv8lM=
Subject key identifier: 0F:5C:DD:FB:B6:51:F2:91:46:37:6F:1D:A9:1A:E8:78:69:9F:87:65
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 10BF273487E436039AF0F9E0155FE7E4D304B136
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS208437.roa
Signing time: Fri 30 Jan 2026 21:11:04 +0000
ROA not before: Fri 30 Jan 2026 21:06:04 +0000
ROA not after: Fri 29 Jan 2027 21:11:04 +0000
asID: 208437
IP address blocks: 2a14:7586:f000::/36 maxlen: 36
2a14:7586:f000::/40 maxlen: 40
2a14:7586:f100::/40 maxlen: 40
2a14:7586:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:bf:27:34:87:e4:36:03:9a:f0:f9:e0:15:5f:e7:e4:d3:04:b1:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jan 30 21:06:04 2026 GMT
Not After : Jan 29 21:11:04 2027 GMT
Subject: CN=0F5CDDFBB651F29146376F1DA91AE878699F8765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f0:b2:18:51:8d:09:01:5b:ac:9e:ce:d9:7d:
10:d9:de:b0:7f:89:94:f0:8a:d4:2e:f9:ec:77:1f:
ec:99:fe:9c:02:0f:48:76:fb:cb:4c:e0:bf:f5:57:
54:12:cf:ba:ec:33:ed:d1:96:0f:fc:0d:a0:f4:79:
06:a4:e6:8b:cc:aa:92:58:e7:6b:03:a0:e7:4a:66:
96:9b:c8:00:ab:35:cc:db:d4:87:02:b7:60:d5:90:
97:b8:d7:0e:9c:5c:bd:ec:66:20:fb:b0:63:b0:dd:
15:d6:2a:44:3c:0b:7a:75:d7:b5:83:a8:0a:79:f4:
df:06:9f:d3:cd:3e:41:a8:7b:19:4c:8d:28:cf:c4:
93:3a:89:54:96:3b:53:22:90:b9:8c:51:c9:89:d1:
4a:87:90:df:4d:f7:60:7d:cc:88:24:50:e8:48:32:
b9:5f:30:01:c8:27:44:9e:79:e0:88:d4:9a:64:7a:
26:3a:ed:80:dc:96:65:e9:f3:49:8f:3a:69:41:79:
14:44:27:54:3e:36:28:f9:c2:65:d5:e0:0d:a5:b5:
29:9c:64:c5:ac:13:e4:80:0c:ef:be:24:4e:7a:14:
66:aa:34:9f:40:cb:ea:33:f3:bc:e3:91:e5:92:34:
38:0a:f6:4d:7c:a2:81:04:7f:0d:ed:0d:1d:f3:43:
ed:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5C:DD:FB:B6:51:F2:91:46:37:6F:1D:A9:1A:E8:78:69:9F:87:65
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS208437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7586:f000::/36
Signature Algorithm: sha256WithRSAEncryption
83:a6:1a:4f:23:e0:3b:fb:8f:eb:9a:5a:f8:2b:6b:4b:63:26:
2f:86:23:14:34:d9:ec:14:34:1c:61:e0:bb:e5:76:98:f3:fc:
b5:0f:8f:d3:f5:33:af:6b:e0:73:00:06:af:b2:4e:95:ad:ee:
d5:80:7b:1c:1a:f9:a9:71:23:cb:1e:15:dc:d9:20:09:ad:8e:
67:75:cb:94:08:97:e7:11:84:91:f1:ac:35:f7:c6:b0:ac:23:
04:30:b4:58:76:af:f3:1e:e1:ac:38:28:6e:de:f7:5c:cb:b9:
20:2d:13:77:ce:e9:61:1d:70:a3:63:f9:4e:7e:fb:1a:00:88:
62:bb:68:89:56:bd:da:f0:2f:53:20:e2:a6:36:a5:49:df:10:
f8:d6:23:52:62:e4:d7:61:af:0d:f5:9d:c5:1b:a5:b7:96:9e:
75:c3:50:67:bc:e2:cc:2f:ed:ef:85:f5:2d:0b:3d:ec:ab:d3:
88:3c:1f:29:e7:23:48:a9:0d:54:48:a4:d0:6c:15:e6:f5:e8:
8e:67:a6:ca:f7:17:67:aa:d8:c4:38:30:5a:51:81:dd:8d:26:
13:0e:85:97:0f:f2:82:ae:76:10:a3:00:e4:dd:9d:49:71:9e:
86:30:96:50:da:55:1f:90:54:9a:9a:a0:d6:ca:05:aa:f4:ee:
01:1b:89:07
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUEL8nNIfkNgOa8PngFV/n5NMEsTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAxMzAyMTA2MDRaFw0yNzAxMjkyMTExMDRaMDMxMTAvBgNV
BAMTKDBGNUNEREZCQjY1MUYyOTE0NjM3NkYxREE5MUFFODc4Njk5Rjg3NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs8LIYUY0JAVusns7ZfRDZ3rB/
iZTwitQu+ex3H+yZ/pwCD0h2+8tM4L/1V1QSz7rsM+3Rlg/8DaD0eQak5ovMqpJY
52sDoOdKZpabyACrNczb1IcCt2DVkJe41w6cXL3sZiD7sGOw3RXWKkQ8C3p117WD
qAp59N8Gn9PNPkGoexlMjSjPxJM6iVSWO1MikLmMUcmJ0UqHkN9N92B9zIgkUOhI
MrlfMAHIJ0SeeeCI1JpkeiY67YDclmXp80mPOmlBeRREJ1Q+Nij5wmXV4A2ltSmc
ZMWsE+SADO++JE56FGaqNJ9Ay+oz87zjkeWSNDgK9k18ooEEfw3tDR3zQ+1BAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUD1zd+7ZR8pFGN28dqRroeGmfh2UwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA4NDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1
hvAwDQYJKoZIhvcNAQELBQADggEBAIOmGk8j4Dv7j+uaWvgra0tjJi+GIxQ02ewU
NBxh4Lvldpjz/LUPj9P1M69r4HMABq+yTpWt7tWAexwa+alxI8seFdzZIAmtjmd1
y5QIl+cRhJHxrDX3xrCsIwQwtFh2r/Me4aw4KG7e91zLuSAtE3fO6WEdcKNj+U5+
+xoAiGK7aIlWvdrwL1Mg4qY2pUnfEPjWI1Ji5Ndhrw31ncUbpbeWnnXDUGe84swv
7e+F9S0LPeyr04g8HynnI0ipDVRIpNBsFeb16I5npsr3F2eq2MQ4MFpRgd2NJhMO
hZcP8oKudhCjAOTdnUlxnoYwllDaVR+QVJqaoNbKBar07gEbiQc=
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:53:30 2026 by rpki-client