Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS205896.roa
File: AS205896.roa (raw, json)
Hash identifier: MO16NT5wkSLLgXPgXjxBa5ySoSGuai554y6cA014kfI=
Subject key identifier: DC:C8:2C:D9:52:77:72:AA:B2:96:83:83:9B:DE:0B:7C:05:E8:E1:BC
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 09B74449423D65CCEBD2D729DF1C34E8580001F4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS205896.roa
Signing time: Wed 13 Aug 2025 08:05:47 +0000
ROA not before: Wed 13 Aug 2025 08:00:47 +0000
ROA not after: Wed 12 Aug 2026 08:05:47 +0000
asID: 205896
IP address blocks: 143.14.55.0/24 maxlen: 24
143.14.183.0/24 maxlen: 24
167.148.205.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:b7:44:49:42:3d:65:cc:eb:d2:d7:29:df:1c:34:e8:58:00:01:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 13 08:00:47 2025 GMT
Not After : Aug 12 08:05:47 2026 GMT
Subject: CN=DCC82CD9527772AAB29683839BDE0B7C05E8E1BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d9:7e:6d:0d:83:f5:66:65:31:d0:39:4f:6b:
e7:30:b3:3e:fb:ad:af:4b:2e:b4:22:bf:43:0c:a6:
77:bb:39:7b:03:83:da:f7:ad:45:c0:c4:e4:c7:c2:
15:c5:ad:2f:e3:bd:05:88:fa:da:81:4c:46:c2:d1:
5c:e2:dd:c3:6c:ec:e0:43:f2:92:d2:e9:8e:27:fe:
d6:4f:e0:c5:6f:e8:9b:81:98:31:2e:79:13:f2:9b:
35:1b:ad:b4:db:da:4a:e8:8a:cd:14:fb:53:02:4c:
ca:3b:e3:fd:88:42:8a:19:95:e9:4f:1f:e9:12:76:
1c:ed:0b:d9:26:11:ac:cd:3b:e3:d6:a6:6d:51:47:
73:b8:45:38:ab:e8:b8:87:14:7a:e2:95:e1:d8:28:
fb:7a:2e:0a:ef:16:0d:43:b6:bb:b2:6a:46:a0:45:
fe:24:e4:58:3d:9f:4c:fe:93:a2:5a:14:2d:33:f2:
27:4b:e4:f0:c0:11:d9:98:d9:5e:38:0b:5b:02:b0:
b5:59:7d:7b:7b:61:77:6f:cd:c9:ca:31:86:4b:90:
f9:b2:09:e9:13:b1:05:59:fc:ba:5f:a2:56:8f:32:
fc:02:0a:40:ee:3c:54:0a:61:6e:b6:0e:7e:94:13:
d1:de:fa:ae:3f:c6:78:5a:4a:16:24:4a:4c:c8:97:
7c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C8:2C:D9:52:77:72:AA:B2:96:83:83:9B:DE:0B:7C:05:E8:E1:BC
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS205896.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.55.0/24
143.14.183.0/24
167.148.205.0-167.148.206.255
Signature Algorithm: sha256WithRSAEncryption
47:b9:52:80:a8:56:ee:4e:a0:ae:73:e8:85:69:3f:b0:5d:a2:
fd:9c:0d:1f:40:6d:b5:7d:9f:29:c4:49:25:81:4e:39:80:12:
c1:ec:15:da:6d:bb:89:e7:02:c9:49:72:c0:3a:04:ab:1d:d9:
46:ac:70:64:eb:0c:e4:d4:6b:9c:72:0b:49:f4:eb:b8:1c:1a:
e1:27:a3:24:81:b8:6c:40:36:44:15:3a:a6:de:3a:4a:6d:c0:
32:a5:62:20:09:34:42:f8:4a:74:3d:6b:6d:40:fc:21:66:b7:
a8:49:e9:7a:b6:8e:fc:e0:15:ce:8d:11:7c:9c:de:f0:ba:70:
37:a5:f2:26:58:16:44:84:23:84:bb:2a:cf:21:e0:f4:fe:dd:
61:0f:87:61:d7:64:e8:3d:b8:79:dd:53:3a:52:fb:54:d5:b1:
79:bb:b7:aa:c5:26:a6:37:7d:0c:96:3b:5f:5f:98:f5:a5:58:
51:53:77:44:05:12:a5:c4:8d:41:a3:23:51:6b:8e:75:72:4c:
67:25:68:92:ad:22:3d:ee:23:16:f4:59:cc:1a:91:15:66:ec:
a7:c6:9e:41:9e:d2:37:d8:a0:21:b4:0b:f4:74:02:f4:dd:3e:
91:9d:61:f6:a3:ae:e6:36:a1:44:6f:fd:77:c5:7c:1c:0c:53:
c4:26:5a:83
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIUCbdESUI9Zczr0tcp3xw06FgAAfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTMwODAwNDdaFw0yNjA4MTIwODA1NDdaMDMxMTAvBgNV
BAMTKERDQzgyQ0Q5NTI3NzcyQUFCMjk2ODM4MzlCREUwQjdDMDVFOEUxQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH2X5tDYP1ZmUx0DlPa+cwsz77
ra9LLrQiv0MMpne7OXsDg9r3rUXAxOTHwhXFrS/jvQWI+tqBTEbC0Vzi3cNs7OBD
8pLS6Y4n/tZP4MVv6JuBmDEueRPymzUbrbTb2krois0U+1MCTMo74/2IQooZlelP
H+kSdhztC9kmEazNO+PWpm1RR3O4RTir6LiHFHrileHYKPt6LgrvFg1Dtruyakag
Rf4k5Fg9n0z+k6JaFC0z8idL5PDAEdmY2V44C1sCsLVZfXt7YXdvzcnKMYZLkPmy
CekTsQVZ/LpfolaPMvwCCkDuPFQKYW62Dn6UE9He+q4/xnhaShYkSkzIl3wXAgMB
AAGjggIeMIICGjAdBgNVHQ4EFgQU3Mgs2VJ3cqqyloODm94LfAXo4bwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA1ODk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAjw43
AwQAjw63MAwDBACnlM0DBACnlM4wDQYJKoZIhvcNAQELBQADggEBAEe5UoCoVu5O
oK5z6IVpP7Bdov2cDR9AbbV9nynESSWBTjmAEsHsFdptu4nnAslJcsA6BKsd2Uas
cGTrDOTUa5xyC0n067gcGuEnoySBuGxANkQVOqbeOkptwDKlYiAJNEL4SnQ9a21A
/CFmt6hJ6Xq2jvzgFc6NEXyc3vC6cDel8iZYFkSEI4S7Ks8h4PT+3WEPh2HXZOg9
uHndUzpS+1TVsXm7t6rFJqY3fQyWO19fmPWlWFFTd0QFEqXEjUGjI1FrjnVyTGcl
aJKtIj3uIxb0WcwakRVm7KfGnkGe0jfYoCG0C/R0AvTdPpGdYfajruY2oURv/XfF
fBwMU8QmWoM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:42:07 2025 by rpki-client