Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203054.roa
File: AS203054.roa (raw, json)
Hash identifier: yG8ljOG5g5Gvzu+f0HarL0b2G8UBjT3fPCQrQXCLIbo=
Subject key identifier: F7:30:45:9C:88:E2:F6:62:72:76:52:90:4F:F6:A8:34:0C:54:43:1A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3A92F47096E5C3A4B63DEB606B7367B48FDD7C57
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203054.roa
Signing time: Mon 11 May 2026 03:38:10 +0000
ROA not before: Mon 11 May 2026 03:33:10 +0000
ROA not after: Mon 10 May 2027 03:38:10 +0000
asID: 203054
IP address blocks: 143.14.33.0/24 maxlen: 24
143.14.182.0/24 maxlen: 24
143.14.186.0/24 maxlen: 24
147.79.7.0/24 maxlen: 24
155.117.4.0/24 maxlen: 24
167.148.136.0/24 maxlen: 24
168.222.9.0/24 maxlen: 24
168.222.39.0/24 maxlen: 24
168.222.48.0/24 maxlen: 24
168.222.70.0/24 maxlen: 24
168.222.77.0/24 maxlen: 24
168.222.79.0/24 maxlen: 24
168.222.81.0/24 maxlen: 24
168.222.86.0/24 maxlen: 24
168.222.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:92:f4:70:96:e5:c3:a4:b6:3d:eb:60:6b:73:67:b4:8f:dd:7c:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 11 03:33:10 2026 GMT
Not After : May 10 03:38:10 2027 GMT
Subject: CN=F730459C88E2F662727652904FF6A8340C54431A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cd:a5:82:27:e9:1e:38:b3:9f:df:a9:18:49:
0c:62:18:78:50:2b:a9:63:f3:af:8e:a4:e7:6e:ec:
e6:f0:a9:d2:bf:ea:b0:e1:89:e3:21:a9:53:37:b3:
2e:87:3e:06:9a:11:94:6e:01:b1:6a:fb:f9:91:10:
62:1c:26:7f:81:5e:78:9a:4a:55:3a:24:bd:57:c1:
c4:2c:ec:02:d1:b6:da:3e:ca:03:89:7a:67:66:a9:
97:c7:2d:90:6c:22:22:bd:7b:7d:0e:2f:ef:79:c7:
43:5d:9c:2f:fc:85:74:e2:7d:51:65:3e:94:05:ea:
e2:c1:c5:44:18:bd:56:ef:b9:6b:a5:37:9d:d5:93:
a5:95:b2:f2:50:ee:e3:45:92:5d:71:3e:66:2a:7d:
f4:03:0b:4a:47:4a:24:ec:48:ce:fa:40:20:df:f4:
11:39:03:6e:8d:9a:2f:bf:a9:3c:25:4e:35:2b:1c:
9e:ea:0a:36:af:1d:2b:9d:28:81:8e:6b:3f:6c:81:
e0:48:3e:53:e5:12:cc:ee:f0:09:4b:ef:27:99:c9:
76:6c:64:13:cd:f6:d1:4a:94:1f:cd:49:56:fe:da:
ca:10:80:91:93:5f:f0:c0:a4:7d:e0:be:0c:bb:6a:
52:77:71:f7:d8:35:f1:cc:3d:4c:5c:d3:67:6e:78:
31:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:30:45:9C:88:E2:F6:62:72:76:52:90:4F:F6:A8:34:0C:54:43:1A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203054.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.33.0/24
143.14.182.0/24
143.14.186.0/24
147.79.7.0/24
155.117.4.0/24
167.148.136.0/24
168.222.9.0/24
168.222.39.0/24
168.222.48.0/24
168.222.70.0/24
168.222.77.0/24
168.222.79.0/24
168.222.81.0/24
168.222.86.0/24
168.222.88.0/24
Signature Algorithm: sha256WithRSAEncryption
42:0a:08:16:2b:c5:d7:a7:34:c9:ba:d8:59:3d:08:b0:13:b5:
33:99:ec:2e:90:92:6f:7d:ae:dc:dd:73:2c:b1:d7:d7:36:b6:
38:79:0c:8d:0a:6c:cc:07:9d:f7:24:02:bb:e8:25:d7:6d:3b:
26:7f:d4:ca:9b:41:58:7f:5c:6f:80:f4:1f:73:61:1f:f8:c4:
0c:1c:64:27:48:d8:6a:70:0d:5b:07:91:84:e2:ad:33:46:bf:
f7:21:eb:a6:c3:61:5a:b5:56:f0:5a:36:3c:67:b4:9b:86:29:
9c:60:74:6f:16:b9:28:a1:8a:cd:45:88:47:00:ef:85:03:39:
91:09:d1:3c:c7:be:d2:e2:12:6a:ae:ce:86:39:3c:12:1f:a1:
2d:94:17:bd:be:09:ce:3a:54:b0:a6:49:45:da:27:64:96:7f:
e3:58:a1:f3:e1:27:a7:2c:7a:2e:62:94:a4:a3:87:b3:9d:1b:
db:72:76:0a:47:b4:7d:b1:3b:00:9f:39:fe:7d:38:74:b9:00:
04:e1:22:f9:dc:52:af:ca:21:0e:59:ee:a5:dd:45:3c:87:a8:
24:df:e6:07:d1:9f:ae:e2:ac:aa:f4:c1:b1:66:f6:f7:b8:7d:
f2:e9:fb:5d:18:78:1e:7f:e0:c5:77:d6:3d:91:35:b0:b3:f7:
79:01:98:8e
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUOpL0cJblw6S2Petga3NntI/dfFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MTEwMzMzMTBaFw0yNzA1MTAwMzM4MTBaMDMxMTAvBgNV
BAMTKEY3MzA0NTlDODhFMkY2NjI3Mjc2NTI5MDRGRjZBODM0MEM1NDQzMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkzaWCJ+keOLOf36kYSQxiGHhQ
K6lj86+OpOdu7ObwqdK/6rDhieMhqVM3sy6HPgaaEZRuAbFq+/mREGIcJn+BXnia
SlU6JL1XwcQs7ALRtto+ygOJemdmqZfHLZBsIiK9e30OL+95x0NdnC/8hXTifVFl
PpQF6uLBxUQYvVbvuWulN53Vk6WVsvJQ7uNFkl1xPmYqffQDC0pHSiTsSM76QCDf
9BE5A26Nmi+/qTwlTjUrHJ7qCjavHSudKIGOaz9sgeBIPlPlEszu8AlL7yeZyXZs
ZBPN9tFKlB/NSVb+2soQgJGTX/DApH3gvgy7alJ3cffYNfHMPUxc02dueDGtAgMB
AAGjggJeMIICWjAdBgNVHQ4EFgQU9zBFnIji9mJydlKQT/aoNAxUQxowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAzMDU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAjw4h
AwQAjw62AwQAjw66AwQAk08HAwQAm3UEAwQAp5SIAwQAqN4JAwQAqN4nAwQAqN4w
AwQAqN5GAwQAqN5NAwQAqN5PAwQAqN5RAwQAqN5WAwQAqN5YMA0GCSqGSIb3DQEB
CwUAA4IBAQBCCggWK8XXpzTJuthZPQiwE7UzmewukJJvfa7c3XMssdfXNrY4eQyN
CmzMB533JAK76CXXbTsmf9TKm0FYf1xvgPQfc2Ef+MQMHGQnSNhqcA1bB5GE4q0z
Rr/3Ieumw2FatVbwWjY8Z7SbhimcYHRvFrkooYrNRYhHAO+FAzmRCdE8x77S4hJq
rs6GOTwSH6EtlBe9vgnOOlSwpklF2idkln/jWKHz4SenLHouYpSko4eznRvbcnYK
R7R9sTsAnzn+fTh0uQAE4SL53FKvyiEOWe6l3UU8h6gk3+YH0Z+u4qyq9MGxZvb3
uH3y6ftdGHgef+DFd9Y9kTWws/d5AZiO
-----END CERTIFICATE-----
Generated at Wed May 13 02:18:13 2026 by rpki-client