Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS203048.roa
File: AS203048.roa (raw, json)
Hash identifier: fmIa0MqGp1fXfF6xhQ5Ks8lUB6RgSBTJJKL0jTcoXBs=
Subject key identifier: 05:B2:C1:81:EF:29:8D:B3:9E:AB:2B:0D:42:12:85:97:BF:1B:99:12
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 14DBF5FCDCC36F16EF7B45A461DA195AEEF4FB16
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS203048.roa
Signing time: Sat 09 May 2026 17:27:52 +0000
ROA not before: Sat 09 May 2026 17:22:52 +0000
ROA not after: Sat 08 May 2027 17:27:52 +0000
asID: 203048
IP address blocks: 143.20.109.0/24 maxlen: 24
143.20.140.0/24 maxlen: 24
143.20.176.0/24 maxlen: 24
143.20.207.0/24 maxlen: 24
143.20.213.0/24 maxlen: 24
143.20.216.0/24 maxlen: 24
143.20.218.0/24 maxlen: 24
143.20.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:db:f5:fc:dc:c3:6f:16:ef:7b:45:a4:61:da:19:5a:ee:f4:fb:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 9 17:22:52 2026 GMT
Not After : May 8 17:27:52 2027 GMT
Subject: CN=05B2C181EF298DB39EAB2B0D42128597BF1B9912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bf:60:6e:ce:87:9a:80:fa:a7:ae:b4:36:ec:
04:d4:aa:1b:ce:01:8c:42:2f:c9:95:fb:c6:5b:26:
ee:b4:1f:e1:09:93:e4:20:bc:87:03:af:a7:e8:a1:
37:da:be:9e:a1:c4:72:21:b9:63:d1:1a:85:8a:46:
bd:20:17:f7:17:8c:9f:99:18:76:7d:3b:e2:a7:4b:
e0:af:63:7c:1a:38:15:c9:bc:28:1f:b8:6f:91:f4:
de:ef:38:38:e1:77:70:ec:c7:b0:63:28:40:f6:99:
b5:d7:bf:38:ff:36:fe:d8:8d:f1:6c:5e:89:3f:a0:
16:1b:9b:1e:1f:70:0e:cc:02:a8:7a:13:be:c6:74:
dc:50:84:19:ff:35:6b:76:7e:c1:43:9b:03:74:12:
a1:8e:be:d0:82:e3:0b:35:2d:43:93:5c:47:2f:76:
21:57:b1:99:79:f6:c3:ce:19:07:a5:86:3d:10:d3:
f7:12:02:a4:9e:41:97:c0:29:4c:ba:b5:cb:0c:8e:
a3:1c:c0:94:72:f8:33:ec:bc:d4:f7:cc:21:5a:36:
8c:90:98:c5:65:6f:5d:f8:8b:20:0e:22:24:c7:11:
50:94:8a:2e:bf:a3:d8:c0:c6:27:12:13:c7:e8:1f:
f4:48:78:c7:61:f0:aa:c5:d9:6a:4e:63:28:26:9a:
0b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B2:C1:81:EF:29:8D:B3:9E:AB:2B:0D:42:12:85:97:BF:1B:99:12
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS203048.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.109.0/24
143.20.140.0/24
143.20.176.0/24
143.20.207.0/24
143.20.213.0/24
143.20.216.0/24
143.20.218.0/24
143.20.236.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:65:3c:09:4d:34:24:f8:24:79:25:e1:fb:e3:f0:0d:c6:ae:
ac:b9:13:fa:cf:02:60:02:5b:ef:63:40:b8:09:4e:8e:67:09:
71:34:d1:cc:de:f3:09:6a:61:2a:53:49:05:4d:d9:55:09:3d:
f1:39:fe:58:75:04:0e:44:f9:47:0f:aa:bc:c9:c3:89:e4:a7:
04:75:3f:b7:28:49:f8:da:fc:70:61:09:01:6d:8d:ef:63:7b:
0a:70:c0:e2:78:33:68:cb:31:7e:6f:d4:69:e2:d6:20:48:84:
23:85:43:f7:8d:08:5f:b0:e3:f9:d1:5d:60:7e:43:88:b4:7d:
05:6f:ae:2d:de:f0:a4:1c:e0:ef:7e:25:6e:7e:33:c8:77:cd:
7d:c1:96:3c:12:a1:31:27:8e:5d:18:84:4e:bf:26:3c:da:1c:
04:67:4c:aa:be:17:00:a8:32:7a:31:25:72:72:35:bd:94:0d:
29:90:12:0d:a4:40:27:48:5b:9d:e3:a0:e2:05:ab:5c:18:9b:
2c:0e:a9:68:08:7d:a6:fb:81:a7:ac:f7:f6:db:5d:fe:af:a5:
18:d7:38:e0:3e:ce:7a:07:ca:dd:d7:8d:03:9d:99:e9:94:b4:
bd:82:78:29:9f:34:13:88:5f:1c:92:b8:b5:2b:fa:de:21:b4:
51:b9:de:01
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUFNv1/NzDbxbve0WkYdoZWu70+xYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA1MDkxNzIyNTJaFw0yNzA1MDgxNzI3NTJaMDMxMTAvBgNV
BAMTKDA1QjJDMTgxRUYyOThEQjM5RUFCMkIwRDQyMTI4NTk3QkYxQjk5MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTv2BuzoeagPqnrrQ27ATUqhvO
AYxCL8mV+8ZbJu60H+EJk+QgvIcDr6fooTfavp6hxHIhuWPRGoWKRr0gF/cXjJ+Z
GHZ9O+KnS+CvY3waOBXJvCgfuG+R9N7vODjhd3Dsx7BjKED2mbXXvzj/Nv7YjfFs
Xok/oBYbmx4fcA7MAqh6E77GdNxQhBn/NWt2fsFDmwN0EqGOvtCC4ws1LUOTXEcv
diFXsZl59sPOGQelhj0Q0/cSAqSeQZfAKUy6tcsMjqMcwJRy+DPsvNT3zCFaNoyQ
mMVlb134iyAOIiTHEVCUii6/o9jAxicSE8foH/RIeMdh8KrF2WpOYygmmgsrAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUBbLBge8pjbOeqysNQhKFl78bmRIwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjAzMDQ4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAjxRt
AwQAjxSMAwQAjxSwAwQAjxTPAwQAjxTVAwQAjxTYAwQAjxTaAwQAjxTsMA0GCSqG
SIb3DQEBCwUAA4IBAQCwZTwJTTQk+CR5JeH74/ANxq6suRP6zwJgAlvvY0C4CU6O
ZwlxNNHM3vMJamEqU0kFTdlVCT3xOf5YdQQORPlHD6q8ycOJ5KcEdT+3KEn42vxw
YQkBbY3vY3sKcMDieDNoyzF+b9Rp4tYgSIQjhUP3jQhfsOP50V1gfkOItH0Fb64t
3vCkHODvfiVufjPId819wZY8EqExJ45dGIROvyY82hwEZ0yqvhcAqDJ6MSVycjW9
lA0pkBINpEAnSFud46DiBatcGJssDqloCH2m+4GnrPf2213+r6UY1zjgPs56B8rd
140DnZnplLS9gngpnzQTiF8ckri1K/reIbRRud4B
-----END CERTIFICATE-----
Generated at Tue May 12 23:25:15 2026 by rpki-client