Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214143.roa
File: AS214143.roa (raw, json)
Hash identifier: BrOaggU0Fgrnz3DKxxAeEPevhd7A5eNSBLaE6j4pNeA=
Subject key identifier: FD:A7:56:B2:57:AD:33:0E:31:FE:D7:BA:03:C4:25:B8:7C:61:AE:47
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0D3AF2A52DF769310BD61AE2D4EB48BE8D31ED7C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214143.roa
Signing time: Mon 04 May 2026 12:31:43 +0000
ROA not before: Mon 04 May 2026 12:26:43 +0000
ROA not after: Mon 03 May 2027 12:31:43 +0000
asID: 214143
IP address blocks: 143.14.32.0/24 maxlen: 24
143.14.108.0/24 maxlen: 24
143.14.228.0/24 maxlen: 24
143.14.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:3a:f2:a5:2d:f7:69:31:0b:d6:1a:e2:d4:eb:48:be:8d:31:ed:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 4 12:26:43 2026 GMT
Not After : May 3 12:31:43 2027 GMT
Subject: CN=FDA756B257AD330E31FED7BA03C425B87C61AE47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bb:ba:32:ef:03:27:c1:05:e0:80:c7:b5:1a:
9f:e5:54:eb:da:8f:46:1f:ab:52:53:0b:03:2f:23:
97:3b:1f:6e:ea:a6:00:84:49:e4:68:f8:52:9d:c2:
5b:e3:6a:89:02:e2:70:4e:7e:ac:eb:23:7d:e1:16:
bd:6f:6a:27:bb:8b:dc:3f:79:73:20:c5:c0:4f:43:
ac:8b:cb:99:7c:72:35:76:3a:e6:9b:40:0c:c7:7c:
4b:cc:2f:00:7f:09:2b:18:df:c4:43:b6:27:8e:c9:
e5:e8:dd:f4:43:32:cd:fc:ab:ec:2d:6e:3e:bf:f2:
7a:de:d5:70:d3:b4:38:68:d9:c8:76:5c:2c:d6:ba:
b4:6a:43:c0:38:d6:d4:62:69:c2:20:df:88:d5:a2:
a3:7f:bb:6e:3a:f1:9c:fb:a5:83:52:89:61:e9:d4:
82:69:89:c2:7e:5e:a1:db:b6:4c:e6:84:92:93:b1:
d3:76:dd:ee:e6:13:55:02:29:33:f5:2a:fb:11:69:
ba:38:ad:98:d8:f8:f4:ea:3d:c5:4d:b1:cb:07:5c:
6e:01:e0:dd:1d:96:b8:cb:c5:da:eb:fc:b3:f0:c8:
6c:64:94:d3:8c:c7:6f:c7:be:40:bb:68:dc:a5:3c:
a2:0b:2c:f4:23:d4:c9:55:f2:8a:3a:6f:f9:45:f6:
8e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A7:56:B2:57:AD:33:0E:31:FE:D7:BA:03:C4:25:B8:7C:61:AE:47
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214143.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.32.0/24
143.14.108.0/24
143.14.228.0/24
143.14.240.0/24
Signature Algorithm: sha256WithRSAEncryption
94:e4:93:7a:a8:75:c3:b9:e2:82:ec:8e:33:bf:51:0f:0b:03:
c4:92:3a:26:37:9e:dc:39:65:90:06:7f:ad:90:f3:92:87:50:
c0:fc:6c:b1:c7:d6:08:4c:84:ea:36:77:fe:2e:0d:93:0b:3e:
2f:cb:61:9c:62:34:45:f7:77:ca:fb:d7:fd:08:4f:69:16:26:
c6:ff:c5:49:c1:49:7c:19:b1:28:51:fe:29:1b:e5:e8:27:01:
54:61:58:a7:5a:82:25:da:d1:db:22:0f:22:f0:9d:ae:dc:37:
76:ab:d0:e4:e7:fa:05:de:17:d0:c6:cc:6c:09:3c:3f:15:c7:
71:4c:fc:01:0a:ff:9f:05:41:f5:e7:55:ad:7b:08:cf:6b:5e:
35:32:1c:59:a4:5d:62:4b:e4:15:e2:7f:9f:9c:c5:f2:57:10:
a7:36:d1:f1:6a:c6:f7:6f:11:58:92:d3:1e:f9:80:6a:02:c8:
9e:36:c0:04:69:14:07:43:6a:ae:6c:f8:12:34:00:65:29:af:
07:49:97:6c:44:b2:90:ab:48:80:d4:e4:14:e1:bf:79:6e:f9:
fb:6d:5f:c2:8b:94:21:19:3b:b2:0c:74:df:fc:f2:4d:72:3d:
a2:e5:61:c2:d1:6e:c1:83:ab:4f:62:cd:33:9b:37:cd:fd:4b:
4c:5b:7f:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUDTrypS33aTEL1hri1OtIvo0x7XwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDQxMjI2NDNaFw0yNzA1MDMxMjMxNDNaMDMxMTAvBgNV
BAMTKEZEQTc1NkIyNTdBRDMzMEUzMUZFRDdCQTAzQzQyNUI4N0M2MUFFNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfu7oy7wMnwQXggMe1Gp/lVOva
j0Yfq1JTCwMvI5c7H27qpgCESeRo+FKdwlvjaokC4nBOfqzrI33hFr1vaie7i9w/
eXMgxcBPQ6yLy5l8cjV2OuabQAzHfEvMLwB/CSsY38RDtieOyeXo3fRDMs38q+wt
bj6/8nre1XDTtDho2ch2XCzWurRqQ8A41tRiacIg34jVoqN/u2468Zz7pYNSiWHp
1IJpicJ+XqHbtkzmhJKTsdN23e7mE1UCKTP1KvsRabo4rZjY+PTqPcVNscsHXG4B
4N0dlrjLxdrr/LPwyGxklNOMx2/HvkC7aNylPKILLPQj1MlV8oo6b/lF9o7XAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU/adWsletMw4x/te6A8QluHxhrkcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0MTQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw4g
AwQAjw5sAwQAjw7kAwQAjw7wMA0GCSqGSIb3DQEBCwUAA4IBAQCU5JN6qHXDueKC
7I4zv1EPCwPEkjomN57cOWWQBn+tkPOSh1DA/Gyxx9YITITqNnf+Lg2TCz4vy2Gc
YjRF93fK+9f9CE9pFibG/8VJwUl8GbEoUf4pG+XoJwFUYVinWoIl2tHbIg8i8J2u
3Dd2q9Dk5/oF3hfQxsxsCTw/FcdxTPwBCv+fBUH151WtewjPa141MhxZpF1iS+QV
4n+fnMXyVxCnNtHxasb3bxFYktMe+YBqAsieNsAEaRQHQ2qubPgSNABlKa8HSZds
RLKQq0iA1OQU4b95bvn7bV/Ci5QhGTuyDHTf/PJNcj2i5WHC0W7Bg6tPYs0zmzfN
/UtMW38b
-----END CERTIFICATE-----
Generated at Tue May 12 22:23:59 2026 by rpki-client