Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203054.roa
File: AS203054.roa (raw, json)
Hash identifier: yBDGBV4DhW3oQayOboJHsIfE74X10UzZTxAREgpg7Ks=
Subject key identifier: 44:D4:25:19:80:08:11:E8:D2:98:0F:E0:65:46:1B:B4:74:3F:E7:5D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 75690B122C537572933ABF4B962BB5CF14786B0E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203054.roa
Signing time: Sun 19 Apr 2026 11:13:27 +0000
ROA not before: Sun 19 Apr 2026 11:08:27 +0000
ROA not after: Sun 18 Apr 2027 11:13:27 +0000
asID: 203054
IP address blocks: 143.14.33.0/24 maxlen: 24
143.14.82.0/24 maxlen: 24
143.14.123.0/24 maxlen: 24
143.14.182.0/24 maxlen: 24
150.241.143.0/24 maxlen: 24
155.117.136.0/24 maxlen: 24
162.141.83.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
167.148.136.0/24 maxlen: 24
168.222.25.0/24 maxlen: 24
168.222.39.0/24 maxlen: 24
168.222.79.0/24 maxlen: 24
168.222.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 21:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:69:0b:12:2c:53:75:72:93:3a:bf:4b:96:2b:b5:cf:14:78:6b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 19 11:08:27 2026 GMT
Not After : Apr 18 11:13:27 2027 GMT
Subject: CN=44D42519800811E8D2980FE065461BB4743FE75D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4e:94:60:de:c2:8d:d7:53:73:49:68:81:6a:
f6:89:26:ea:02:e1:d8:95:8c:71:c2:ee:24:7c:f7:
13:a9:d2:e4:a3:75:c6:c2:3b:97:88:f6:41:22:5e:
15:e0:95:32:f1:46:23:63:9a:96:c4:2b:d0:84:15:
c1:a3:dd:1d:0a:cc:c5:27:ab:5b:46:c6:2d:65:1d:
c9:7f:5e:05:48:9c:3f:b3:85:1b:d8:6c:4a:f9:4b:
9e:46:b1:e7:8c:ac:2b:8b:b5:93:b3:39:59:3d:d6:
e2:41:c5:77:f2:b3:51:34:9a:53:11:76:bc:0d:c4:
5d:20:de:4a:cf:4b:99:8c:f1:eb:86:70:c8:50:4a:
d2:eb:ce:34:4c:29:20:87:91:f6:5e:6f:a8:6a:38:
eb:6c:fd:df:84:0e:0d:88:63:16:5a:31:1c:cd:a3:
cc:41:9f:a9:0b:1a:41:dd:40:ed:1f:1e:2a:c6:13:
5d:e6:df:c3:70:a8:9a:b1:f6:73:ba:15:76:cf:23:
1e:54:64:55:da:54:90:2a:62:bd:ea:1c:af:ba:ed:
4c:0b:5b:79:4c:0d:b5:28:08:ef:c1:bd:cb:7f:61:
20:2f:c8:d4:7b:80:81:61:1d:2a:eb:e5:c6:f7:6a:
d0:bb:28:c6:ba:65:c9:52:6a:7c:c9:da:9d:78:d3:
93:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D4:25:19:80:08:11:E8:D2:98:0F:E0:65:46:1B:B4:74:3F:E7:5D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203054.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.33.0/24
143.14.82.0/24
143.14.123.0/24
143.14.182.0/24
150.241.143.0/24
155.117.136.0/24
162.141.83.0/24
162.141.116.0/24
167.148.136.0/24
168.222.25.0/24
168.222.39.0/24
168.222.79.0/24
168.222.107.0/24
Signature Algorithm: sha256WithRSAEncryption
90:c0:d4:c3:ef:4a:ea:de:ec:e9:ee:be:cf:41:27:ee:6f:ea:
24:ea:9b:50:19:14:9e:19:38:d8:7c:83:68:62:25:3f:a4:fb:
38:74:3f:6c:1d:37:ca:fc:e2:92:ff:a5:26:ed:1b:e6:40:ab:
0b:ef:71:a6:74:e2:8d:38:c4:01:73:c9:cd:d3:2c:7d:33:0c:
f7:da:81:6b:7e:a9:43:84:9e:47:2f:f5:45:5a:ad:cd:de:01:
0f:2f:57:82:f1:88:94:90:8c:8e:c1:45:ff:6f:08:90:3e:75:
3e:24:12:93:1d:0c:63:18:41:39:cb:67:ee:00:c8:e1:ff:3c:
c8:e3:93:d7:b0:dd:e5:10:20:21:e8:aa:05:86:e4:a0:8f:dd:
5c:45:18:50:89:96:af:e5:82:51:2c:1e:7a:32:7c:21:1c:1a:
5e:a5:40:3f:a1:f4:8f:7f:4b:18:a1:58:9c:05:89:c9:7f:44:
38:3c:e7:3d:dd:aa:d9:f9:f3:90:79:ec:aa:02:2a:e4:70:b6:
0a:4a:22:a3:2c:c3:17:db:a4:3e:e3:e0:78:8b:d3:53:f4:e3:
da:9e:23:37:65:76:9a:ca:a1:bb:62:88:4c:e3:e0:be:c3:fb:
b6:4b:99:c2:19:8d:05:54:31:76:c2:c9:a9:9b:d2:48:55:89:
eb:7c:d6:6a
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUdWkLEixTdXKTOr9Lliu1zxR4aw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTkxMTA4MjdaFw0yNzA0MTgxMTEzMjdaMDMxMTAvBgNV
BAMTKDQ0RDQyNTE5ODAwODExRThEMjk4MEZFMDY1NDYxQkI0NzQzRkU3NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeTpRg3sKN11NzSWiBavaJJuoC
4diVjHHC7iR89xOp0uSjdcbCO5eI9kEiXhXglTLxRiNjmpbEK9CEFcGj3R0KzMUn
q1tGxi1lHcl/XgVInD+zhRvYbEr5S55GseeMrCuLtZOzOVk91uJBxXfys1E0mlMR
drwNxF0g3krPS5mM8euGcMhQStLrzjRMKSCHkfZeb6hqOOts/d+EDg2IYxZaMRzN
o8xBn6kLGkHdQO0fHirGE13m38NwqJqx9nO6FXbPIx5UZFXaVJAqYr3qHK+67UwL
W3lMDbUoCO/Bvct/YSAvyNR7gIFhHSrr5cb3atC7KMa6ZclSanzJ2p1405OvAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQURNQlGYAIEejSmA/gZUYbtHQ/510wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAzMDU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAjw4h
AwQAjw5SAwQAjw57AwQAjw62AwQAlvGPAwQAm3WIAwQAoo1TAwQAoo10AwQAp5SI
AwQAqN4ZAwQAqN4nAwQAqN5PAwQAqN5rMA0GCSqGSIb3DQEBCwUAA4IBAQCQwNTD
70rq3uzp7r7PQSfub+ok6ptQGRSeGTjYfINoYiU/pPs4dD9sHTfK/OKS/6Um7Rvm
QKsL73GmdOKNOMQBc8nN0yx9Mwz32oFrfqlDhJ5HL/VFWq3N3gEPL1eC8YiUkIyO
wUX/bwiQPnU+JBKTHQxjGEE5y2fuAMjh/zzI45PXsN3lECAh6KoFhuSgj91cRRhQ
iZav5YJRLB56MnwhHBpepUA/ofSPf0sYoVicBYnJf0Q4POc93arZ+fOQeeyqAirk
cLYKSiKjLMMX26Q+4+B4i9NT9OPaniM3ZXaayqG7YohM4+C+w/u2S5nCGY0FVDF2
wsmpm9JIVYnrfNZq
-----END CERTIFICATE-----
Generated at Mon Apr 20 01:51:30 2026 by rpki-client