Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS198250.roa
File: AS198250.roa (raw, json)
Hash identifier: L2MN/GDuMf0n7v4/vGJz/hewpMvX1piS+8CVhJGD5Lg=
Subject key identifier: A0:07:3C:50:E2:87:AB:CD:45:49:8A:76:9B:17:DE:AC:58:5C:1F:5B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 540300AAE385144A58AD5B9A2377D0FCF8CDD744
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS198250.roa
Signing time: Tue 12 May 2026 06:02:44 +0000
ROA not before: Tue 12 May 2026 05:57:44 +0000
ROA not after: Tue 11 May 2027 06:02:44 +0000
asID: 198250
IP address blocks: 143.14.229.0/24 maxlen: 24
148.135.185.0/24 maxlen: 24
155.117.158.0/24 maxlen: 24
155.117.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:03:00:aa:e3:85:14:4a:58:ad:5b:9a:23:77:d0:fc:f8:cd:d7:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 12 05:57:44 2026 GMT
Not After : May 11 06:02:44 2027 GMT
Subject: CN=A0073C50E287ABCD45498A769B17DEAC585C1F5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:eb:de:6c:ed:15:ab:0b:f5:a4:3d:84:3e:8a:
12:39:26:06:78:80:5f:08:f8:dd:ba:7a:a8:ad:ca:
0f:3f:fa:05:76:9e:d1:91:e3:b9:43:d3:f4:ba:09:
91:16:0f:f2:b1:da:83:06:9d:26:a1:ba:7a:39:a9:
c1:7c:25:92:ea:15:e3:96:55:89:32:83:ce:f6:8e:
25:7a:b5:c0:9a:eb:23:00:98:c7:41:6b:a7:b1:9f:
60:c9:6d:b6:ad:7a:b2:dc:79:37:2f:24:8f:0b:8a:
78:a3:bb:3b:2c:86:9e:5d:7f:4f:f1:1c:78:cd:b4:
b7:2b:7b:3b:89:9a:3f:d4:46:bf:f6:52:c4:e0:76:
69:90:2c:c5:8b:fa:55:d9:23:54:21:7a:02:2a:1d:
73:42:7f:77:fd:19:8a:b2:6c:ba:b9:3b:5e:3e:a1:
02:cf:58:f6:2b:a7:b2:af:dc:4d:86:f3:34:70:cc:
79:eb:c7:43:26:67:24:69:f2:b2:5b:36:0e:70:a8:
d8:0e:0a:99:5f:66:62:e0:eb:48:75:e1:7e:4b:15:
05:8f:f4:d2:ac:df:10:7d:25:f1:5c:5c:b9:fe:f2:
13:bf:cf:86:1e:52:a4:e9:c9:03:8d:c3:1f:01:34:
d1:fc:6d:b3:7d:68:3a:bc:ba:3b:c8:60:37:d3:f5:
54:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:07:3C:50:E2:87:AB:CD:45:49:8A:76:9B:17:DE:AC:58:5C:1F:5B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS198250.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.229.0/24
148.135.185.0/24
155.117.158.0/24
155.117.179.0/24
Signature Algorithm: sha256WithRSAEncryption
29:b1:c0:d5:6d:ea:7d:86:55:49:50:8d:c4:85:07:21:28:7b:
4d:3b:ff:53:da:b6:37:bd:99:2c:6c:3e:f9:af:ac:11:37:43:
55:0c:f6:97:6d:3f:42:e2:5b:f8:e0:82:79:87:f1:91:d0:07:
2b:c5:84:3a:39:c5:8c:a0:06:26:8e:85:d0:62:4d:a2:22:4e:
47:82:37:76:f5:ac:4b:9d:f3:6e:31:3f:6f:e3:99:c6:bd:4b:
04:d9:67:cb:e6:ad:5b:f2:1c:c0:4a:c0:0e:7b:86:08:e4:58:
00:5c:25:38:36:16:09:0b:72:ae:e1:b3:6b:82:7c:99:5d:76:
4e:9c:4f:ed:a3:72:f6:10:27:35:dc:70:8a:7a:e9:7c:8f:5a:
98:19:05:80:42:3a:d8:80:5a:be:08:ea:14:89:ca:23:30:2c:
c7:c6:b6:00:bb:66:d2:64:a2:47:4d:f7:e6:28:1d:cf:79:e6:
b7:b6:9b:01:a7:56:2a:08:e2:f0:75:51:14:fb:32:0f:4f:fb:
1c:4c:5e:09:32:19:82:aa:d5:e5:31:6f:6a:a5:d0:16:dd:bd:
42:d4:67:5e:5e:9c:90:07:19:3b:9f:52:4f:09:e4:6a:2e:84:
31:55:68:bd:ae:5c:11:97:0b:31:90:68:f7:32:6f:e4:bc:35:
54:63:10:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUVAMAquOFFEpYrVuaI3fQ/PjN10QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MTIwNTU3NDRaFw0yNzA1MTEwNjAyNDRaMDMxMTAvBgNV
BAMTKEEwMDczQzUwRTI4N0FCQ0Q0NTQ5OEE3NjlCMTdERUFDNTg1QzFGNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCF695s7RWrC/WkPYQ+ihI5JgZ4
gF8I+N26eqityg8/+gV2ntGR47lD0/S6CZEWD/Kx2oMGnSahuno5qcF8JZLqFeOW
VYkyg872jiV6tcCa6yMAmMdBa6exn2DJbbaterLceTcvJI8Linijuzsshp5df0/x
HHjNtLcrezuJmj/URr/2UsTgdmmQLMWL+lXZI1QhegIqHXNCf3f9GYqybLq5O14+
oQLPWPYrp7Kv3E2G8zRwzHnrx0MmZyRp8rJbNg5wqNgOCplfZmLg60h14X5LFQWP
9NKs3xB9JfFcXLn+8hO/z4YeUqTpyQONwx8BNNH8bbN9aDq8ujvIYDfT9VS9AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUoAc8UOKHq81FSYp2mxferFhcH1swHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTk4MjUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw7l
AwQAlIe5AwQAm3WeAwQAm3WzMA0GCSqGSIb3DQEBCwUAA4IBAQApscDVbep9hlVJ
UI3EhQchKHtNO/9T2rY3vZksbD75r6wRN0NVDPaXbT9C4lv44IJ5h/GR0AcrxYQ6
OcWMoAYmjoXQYk2iIk5Hgjd29axLnfNuMT9v45nGvUsE2WfL5q1b8hzASsAOe4YI
5FgAXCU4NhYJC3Ku4bNrgnyZXXZOnE/to3L2ECc13HCKeul8j1qYGQWAQjrYgFq+
COoUicojMCzHxrYAu2bSZKJHTffmKB3Peea3tpsBp1YqCOLwdVEU+zIPT/scTF4J
MhmCqtXlMW9qpdAW3b1C1GdeXpyQBxk7n1JPCeRqLoQxVWi9rlwRlwsxkGj3Mm/k
vDVUYxC0
-----END CERTIFICATE-----
Generated at Tue May 12 21:59:52 2026 by rpki-client