Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203048.roa
File: AS203048.roa (raw, json)
Hash identifier: JjpN4qf4TAFOuXI78TB1lokBvKYTaExMGAIVU5wBFLw=
Subject key identifier: D7:A1:AA:65:C9:5A:29:AA:6B:E4:C9:5A:29:48:31:66:0B:B6:B7:A5
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 27D66819B54AA502BE195924EEC1D0E7BEA345B4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203048.roa
Signing time: Sat 09 May 2026 05:11:47 +0000
ROA not before: Sat 09 May 2026 05:06:47 +0000
ROA not after: Sat 08 May 2027 05:11:47 +0000
asID: 203048
IP address blocks: 140.233.182.0/24 maxlen: 24
155.117.152.0/24 maxlen: 24
155.117.159.0/24 maxlen: 24
162.141.65.0/24 maxlen: 24
162.141.179.0/24 maxlen: 24
167.148.83.0/24 maxlen: 24
168.222.65.0/24 maxlen: 24
168.222.67.0/24 maxlen: 24
168.222.68.0/24 maxlen: 24
168.222.71.0/24 maxlen: 24
168.222.78.0/24 maxlen: 24
168.222.85.0/24 maxlen: 24
168.222.89.0/24 maxlen: 24
168.222.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:d6:68:19:b5:4a:a5:02:be:19:59:24:ee:c1:d0:e7:be:a3:45:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 9 05:06:47 2026 GMT
Not After : May 8 05:11:47 2027 GMT
Subject: CN=D7A1AA65C95A29AA6BE4C95A294831660BB6B7A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7f:c1:5f:00:8f:1e:85:ea:4a:cb:e7:74:d5:
b9:33:84:79:7d:21:bc:b3:3c:f9:82:f4:27:ee:fd:
0a:32:90:dc:93:15:78:14:1f:e1:62:f0:f9:a0:7e:
c5:dd:17:e7:ce:dc:95:3e:55:56:cf:39:1a:71:72:
99:04:e7:47:43:fd:ba:a1:70:55:9c:b4:b0:6f:75:
dc:0c:6f:2b:3e:c2:9a:54:1a:99:9c:de:95:83:57:
6b:8e:d5:ec:f0:28:23:bc:6e:53:d0:56:ad:8e:92:
6e:56:30:02:61:b2:3e:7f:0e:8f:2e:73:2c:8d:d5:
2b:fe:77:32:52:97:b5:56:08:11:57:b1:5b:e2:79:
c0:ad:bf:3c:ae:61:dd:d9:f1:0f:a5:ba:bd:a9:10:
f6:81:62:74:f0:cc:36:27:16:7a:9b:fb:1e:e3:f1:
d4:63:06:34:67:36:38:dd:01:85:26:d4:ff:a5:2e:
18:4d:22:28:09:ac:81:21:c5:5b:99:ed:89:1a:7d:
85:ff:a0:82:6e:c1:a5:46:9b:90:7f:7c:68:79:d6:
fc:47:ce:16:da:83:21:7b:9c:a2:2e:5f:fd:e1:17:
08:ae:6a:55:f4:ee:92:91:d9:49:80:93:ef:2a:05:
06:09:c4:16:82:05:75:54:95:a0:88:a4:81:05:92:
04:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A1:AA:65:C9:5A:29:AA:6B:E4:C9:5A:29:48:31:66:0B:B6:B7:A5
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203048.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.182.0/24
155.117.152.0/24
155.117.159.0/24
162.141.65.0/24
162.141.179.0/24
167.148.83.0/24
168.222.65.0/24
168.222.67.0-168.222.68.255
168.222.71.0/24
168.222.78.0/24
168.222.85.0/24
168.222.89.0/24
168.222.93.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:25:12:a5:2d:54:4e:63:38:f8:17:88:09:c0:de:3b:9c:2a:
ce:69:3b:49:2d:5e:8f:62:ab:16:cf:ea:cf:3d:cb:bb:a8:4b:
37:9a:47:06:a2:23:e6:26:dd:bd:46:57:98:18:b0:9e:b6:f5:
55:8c:6f:96:d4:77:ff:c3:d0:3d:a2:fc:47:e7:61:13:c3:01:
f7:ea:91:3b:a3:07:c1:a1:14:36:e0:77:4e:9c:9b:39:3e:cd:
9b:02:24:f5:90:bf:ca:9d:0b:57:69:a3:1b:37:30:42:30:59:
17:08:db:93:c5:50:8d:5c:d0:35:cc:7a:cb:65:b8:60:89:80:
f0:72:bb:bb:35:9b:f2:5b:3d:11:8a:e5:99:03:39:2c:b7:38:
82:6d:eb:da:c3:e1:b0:8f:f2:90:9d:6b:f2:26:f5:47:c7:09:
8b:ac:86:9b:4b:48:fd:96:fb:f9:6d:79:7d:db:48:b2:c9:9f:
b5:61:61:2a:91:c1:c1:22:97:08:c8:53:2e:8a:85:ce:29:26:
bf:d6:7f:f3:2a:56:cb:af:56:c0:cb:a7:01:07:af:0a:ce:16:
7f:b5:d4:db:c4:45:64:65:3f:ff:dc:7c:d8:f6:1c:0d:e0:45:
6d:c3:91:4b:6d:a0:44:10:b0:0d:9d:60:ba:63:43:1f:80:29:
99:04:4c:d0
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIUJ9ZoGbVKpQK+GVkk7sHQ576jRbQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDkwNTA2NDdaFw0yNzA1MDgwNTExNDdaMDMxMTAvBgNV
BAMTKEQ3QTFBQTY1Qzk1QTI5QUE2QkU0Qzk1QTI5NDgzMTY2MEJCNkI3QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHf8FfAI8ehepKy+d01bkzhHl9
IbyzPPmC9Cfu/QoykNyTFXgUH+Fi8PmgfsXdF+fO3JU+VVbPORpxcpkE50dD/bqh
cFWctLBvddwMbys+wppUGpmc3pWDV2uO1ezwKCO8blPQVq2Okm5WMAJhsj5/Do8u
cyyN1Sv+dzJSl7VWCBFXsVviecCtvzyuYd3Z8Q+lur2pEPaBYnTwzDYnFnqb+x7j
8dRjBjRnNjjdAYUm1P+lLhhNIigJrIEhxVuZ7YkafYX/oIJuwaVGm5B/fGh51vxH
zhbagyF7nKIuX/3hFwiualX07pKR2UmAk+8qBQYJxBaCBXVUlaCIpIEFkgRfAgMB
AAGjggJaMIICVjAdBgNVHQ4EFgQU16GqZclaKapr5MlaKUgxZgu2t6UwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAzMDQ4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAjOm2
AwQAm3WYAwQAm3WfAwQAoo1BAwQAoo2zAwQAp5RTAwQAqN5BMAwDBACo3kMDBACo
3kQDBACo3kcDBACo3k4DBACo3lUDBACo3lkDBACo3l0wDQYJKoZIhvcNAQELBQAD
ggEBAC8lEqUtVE5jOPgXiAnA3jucKs5pO0ktXo9iqxbP6s89y7uoSzeaRwaiI+Ym
3b1GV5gYsJ629VWMb5bUd//D0D2i/EfnYRPDAffqkTujB8GhFDbgd06cmzk+zZsC
JPWQv8qdC1dpoxs3MEIwWRcI25PFUI1c0DXMestluGCJgPByu7s1m/JbPRGK5ZkD
OSy3OIJt69rD4bCP8pCda/Im9UfHCYushptLSP2W+/lteX3bSLLJn7VhYSqRwcEi
lwjIUy6Khc4pJr/Wf/MqVsuvVsDLpwEHrwrOFn+11NvERWRlP//cfNj2HA3gRW3D
kUttoEQQsA2dYLpjQx+AKZkETNA=
-----END CERTIFICATE-----
Generated at Wed May 13 00:25:46 2026 by rpki-client