Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS211673.roa
File: AS211673.roa (raw, json)
Hash identifier: arflGdaeSC40FJESodP+42r8SYoKqljhUHZm8tdscqU=
Subject key identifier: 10:C0:CC:ED:30:E0:54:7A:85:A4:11:C2:F2:FC:C4:92:74:F8:65:49
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 14523454A5E2C0B4679132C65F6055008FE5A6BD
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS211673.roa
Signing time: Sat 21 Feb 2026 02:27:57 +0000
ROA not before: Sat 21 Feb 2026 02:22:57 +0000
ROA not after: Sat 20 Feb 2027 02:27:57 +0000
asID: 211673
IP address blocks: 2a14:7581:fea::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:52:34:54:a5:e2:c0:b4:67:91:32:c6:5f:60:55:00:8f:e5:a6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 21 02:22:57 2026 GMT
Not After : Feb 20 02:27:57 2027 GMT
Subject: CN=10C0CCED30E0547A85A411C2F2FCC49274F86549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:96:44:f1:14:3f:bc:10:19:d7:5f:9e:18:ca:
53:68:2f:a1:ca:af:67:34:96:8a:3d:98:77:23:f9:
cb:da:b8:97:02:ca:5e:9f:96:df:6a:be:76:10:81:
c0:e0:37:3c:77:7d:11:b4:d2:f7:bc:95:41:08:98:
b9:ff:32:2e:e3:d9:b9:b9:ef:fc:d9:2e:df:6d:2e:
39:8b:4e:41:c2:a6:c9:a4:e9:aa:e8:7d:e5:69:7c:
f4:28:b8:3d:78:e9:5a:e0:75:ec:5a:6b:af:f5:34:
67:1a:01:4d:ed:2c:bf:28:55:3f:88:25:01:0e:23:
30:2d:87:8a:f5:de:0b:f9:eb:89:88:cf:66:dd:80:
eb:2c:99:62:3c:53:f2:6f:e6:96:a7:87:bf:3e:9d:
58:b1:8b:fc:0a:64:ea:87:44:42:02:1c:fb:ff:bd:
49:0b:f2:02:c0:2d:6d:28:70:aa:95:49:33:e2:f1:
94:c7:e6:bd:e6:ad:89:9d:c5:48:8f:62:bf:b9:ac:
51:ba:5a:7a:6c:c6:96:dc:b4:0b:4e:31:3c:0d:f9:
a3:9b:39:4b:31:ab:11:ff:79:40:59:07:e9:c1:61:
02:da:28:af:a5:e0:85:33:bf:9c:7a:f2:d2:da:d2:
21:ed:c3:92:ca:9a:df:fc:2f:ed:7d:f3:24:51:de:
3b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:C0:CC:ED:30:E0:54:7A:85:A4:11:C2:F2:FC:C4:92:74:F8:65:49
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS211673.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:fea::/48
Signature Algorithm: sha256WithRSAEncryption
78:74:64:bd:42:58:58:08:d9:07:6b:64:48:88:11:db:bc:be:
75:d6:40:09:92:d1:38:98:64:dc:d7:09:d0:a5:41:bc:51:6b:
6f:73:f4:bb:6b:fc:2d:f3:ac:37:1b:db:b7:a4:09:df:18:59:
04:35:b4:be:8f:0e:9d:13:85:07:57:02:f0:95:95:17:5b:62:
91:27:00:68:88:7b:c8:b8:f6:b8:11:61:a9:6d:54:97:8f:96:
a6:ef:5c:0a:36:54:89:1c:c3:25:a6:28:bf:be:20:02:de:c0:
10:91:fe:2a:37:14:8d:a3:55:8e:54:e0:1a:3b:ae:16:0c:c0:
8c:e9:a0:a5:0e:d7:f0:90:0e:f7:95:3f:ff:32:a4:60:8a:bc:
4c:6a:7b:fa:ee:52:82:2e:12:40:0e:e0:23:b5:89:bc:6d:54:
19:75:0d:12:ce:1c:8b:97:5d:67:e4:12:e3:f2:3d:9d:54:02:
a1:7a:49:d1:7c:45:47:2c:d9:07:cc:15:da:c2:b7:75:bd:83:
0d:05:25:69:16:de:ee:32:f7:4a:62:5b:40:b5:32:b6:69:35:
52:8b:00:38:38:a9:e4:b2:54:a7:66:4e:0c:4f:86:1d:f7:e5:
26:19:73:02:af:51:b2:61:14:34:63:83:b3:01:49:2f:77:de:
46:85:2d:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUFFI0VKXiwLRnkTLGX2BVAI/lpr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAyMjEwMjIyNTdaFw0yNzAyMjAwMjI3NTdaMDMxMTAvBgNV
BAMTKDEwQzBDQ0VEMzBFMDU0N0E4NUE0MTFDMkYyRkNDNDkyNzRGODY1NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdlkTxFD+8EBnXX54YylNoL6HK
r2c0loo9mHcj+cvauJcCyl6flt9qvnYQgcDgNzx3fRG00ve8lUEImLn/Mi7j2bm5
7/zZLt9tLjmLTkHCpsmk6arofeVpfPQouD146Vrgdexaa6/1NGcaAU3tLL8oVT+I
JQEOIzAth4r13gv564mIz2bdgOssmWI8U/Jv5panh78+nVixi/wKZOqHREICHPv/
vUkL8gLALW0ocKqVSTPi8ZTH5r3mrYmdxUiPYr+5rFG6WnpsxpbctAtOMTwN+aOb
OUsxqxH/eUBZB+nBYQLaKK+l4IUzv5x68tLa0iHtw5LKmt/8L+198yRR3jtZAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUEMDM7TDgVHqFpBHC8vzEknT4ZUkwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjExNjczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
gQ/qMA0GCSqGSIb3DQEBCwUAA4IBAQB4dGS9QlhYCNkHa2RIiBHbvL511kAJktE4
mGTc1wnQpUG8UWtvc/S7a/wt86w3G9u3pAnfGFkENbS+jw6dE4UHVwLwlZUXW2KR
JwBoiHvIuPa4EWGpbVSXj5am71wKNlSJHMMlpii/viAC3sAQkf4qNxSNo1WOVOAa
O64WDMCM6aClDtfwkA73lT//MqRgirxManv67lKCLhJADuAjtYm8bVQZdQ0SzhyL
l11n5BLj8j2dVAKheknRfEVHLNkHzBXawrd1vYMNBSVpFt7uMvdKYltAtTK2aTVS
iwA4OKnkslSnZk4MT4Yd9+UmGXMCr1GyYRQ0Y4OzAUkvd95GhS18
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:47:42 2026 by rpki-client