Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204765.roa
File: AS204765.roa (raw, json)
Hash identifier: zM6fsGQoLtyqyE/o5Y8lE3kNMGTSOHYXpl0RT7iHnxw=
Subject key identifier: D3:50:48:CE:22:E5:A2:1B:73:A7:BF:B0:90:3A:21:C1:F1:94:36:43
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 39D7845735BFBA88E611B824B5719BF82DED0308
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204765.roa
Signing time: Sun 17 May 2026 16:27:07 +0000
ROA not before: Sun 17 May 2026 16:22:07 +0000
ROA not after: Sun 16 May 2027 16:27:07 +0000
asID: 204765
IP address blocks: 143.14.252.0/24 maxlen: 24
148.135.171.0/24 maxlen: 24
155.117.141.0/24 maxlen: 24
155.117.154.0/24 maxlen: 24
155.117.241.0/24 maxlen: 24
162.141.139.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
167.148.2.0/24 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.122.0/24 maxlen: 24
167.148.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:d7:84:57:35:bf:ba:88:e6:11:b8:24:b5:71:9b:f8:2d:ed:03:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 17 16:22:07 2026 GMT
Not After : May 16 16:27:07 2027 GMT
Subject: CN=D35048CE22E5A21B73A7BFB0903A21C1F1943643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6a:74:f6:ae:ff:ed:35:2c:8d:9d:1b:41:ec:
d4:1b:4c:48:45:fb:0f:11:49:0b:a5:2c:6b:fa:b8:
f7:5e:5b:8d:2d:8f:5d:a0:76:0b:66:f2:0f:73:b1:
ee:98:1d:0e:50:68:c7:f5:7f:75:c9:37:88:b1:f4:
41:27:d2:c9:d5:73:a2:52:62:26:eb:09:fc:f7:25:
32:c8:11:4a:f8:ca:59:1a:f6:db:fe:d1:52:8f:ab:
61:1c:e8:44:75:66:15:2e:b3:c0:19:56:0c:4f:3a:
61:c9:ae:e6:7c:b1:79:0a:ea:6d:f2:3a:5d:a4:e3:
26:38:87:2b:a3:11:f2:cd:f2:59:44:3e:37:8f:af:
79:6a:60:2f:c4:4e:04:ae:eb:ff:49:a6:e5:3a:56:
e2:b0:f4:2a:6b:c3:d6:c5:f5:3d:ea:b4:da:8a:9e:
a7:48:40:19:b0:29:c9:0e:86:12:c6:53:93:f8:eb:
61:10:25:16:99:b7:4d:ed:df:f2:37:59:b6:5b:66:
74:76:be:2b:6f:f2:ed:c1:16:71:cc:35:bc:97:01:
4b:f4:8a:f5:51:9b:7f:13:df:24:35:f1:af:04:56:
29:be:0d:ca:49:d2:19:75:e3:09:df:b6:04:31:e2:
09:eb:7e:cf:59:03:cc:61:55:b3:b5:d9:09:41:a4:
97:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:50:48:CE:22:E5:A2:1B:73:A7:BF:B0:90:3A:21:C1:F1:94:36:43
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204765.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.252.0/24
148.135.171.0/24
155.117.141.0/24
155.117.154.0/24
155.117.241.0/24
162.141.139.0/24
162.141.153.0/24
167.148.2.0/24
167.148.68.0/24
167.148.122.0/24
167.148.197.0/24
Signature Algorithm: sha256WithRSAEncryption
68:5f:85:6f:b0:3f:d2:0a:ed:96:15:ef:bc:88:75:07:50:3a:
65:bb:23:41:94:05:cb:a9:b2:f9:0c:82:11:5b:af:bc:0f:21:
36:bf:fc:d9:2c:fe:a2:ed:9d:77:d5:87:12:de:a7:e4:67:5e:
9e:f3:c0:79:9b:fb:e6:7b:43:b4:0f:37:ec:b6:5d:fb:28:ec:
24:27:e3:5a:ca:cd:ca:43:50:c3:2f:0a:5a:ff:f0:56:b0:ee:
82:7a:c9:73:60:ba:1f:2f:e3:c6:d7:0b:8d:3e:37:9f:ec:1e:
33:ca:e2:69:96:f1:31:bc:4a:13:43:93:9e:18:ba:9b:93:44:
fe:08:8e:94:f8:c1:5a:73:09:07:a9:84:7f:64:07:d5:7f:01:
d9:35:f5:a5:1b:f0:b9:31:e2:a0:83:48:c0:29:12:88:66:b7:
91:68:3e:9c:7a:ba:b5:42:c3:28:6b:f4:7d:04:3b:8a:12:d1:
07:4a:82:01:01:ef:36:9b:d3:e5:de:46:cb:d1:c2:e2:b6:33:
80:c5:5f:e6:4f:c6:7c:10:8c:d0:28:8a:5f:02:b1:9d:3f:46:
f9:2c:c9:c2:0a:d9:ce:f4:11:60:9f:7f:31:8f:8d:dc:3d:6b:
13:ec:d0:c6:97:8a:41:5c:02:28:13:5c:90:0d:5e:d4:02:14:
b3:6f:9e:3b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUOdeEVzW/uojmEbgktXGb+C3tAwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MTcxNjIyMDdaFw0yNzA1MTYxNjI3MDdaMDMxMTAvBgNV
BAMTKEQzNTA0OENFMjJFNUEyMUI3M0E3QkZCMDkwM0EyMUMxRjE5NDM2NDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqanT2rv/tNSyNnRtB7NQbTEhF
+w8RSQulLGv6uPdeW40tj12gdgtm8g9zse6YHQ5QaMf1f3XJN4ix9EEn0snVc6JS
YibrCfz3JTLIEUr4ylka9tv+0VKPq2Ec6ER1ZhUus8AZVgxPOmHJruZ8sXkK6m3y
Ol2k4yY4hyujEfLN8llEPjePr3lqYC/ETgSu6/9JpuU6VuKw9Cprw9bF9T3qtNqK
nqdIQBmwKckOhhLGU5P462EQJRaZt03t3/I3WbZbZnR2vitv8u3BFnHMNbyXAUv0
ivVRm38T3yQ18a8EVim+DcpJ0hl14wnftgQx4gnrfs9ZA8xhVbO12QlBpJepAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU01BIziLlohtzp7+wkDohwfGUNkMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAjw78
AwQAlIerAwQAm3WNAwQAm3WaAwQAm3XxAwQAoo2LAwQAoo2ZAwQAp5QCAwQAp5RE
AwQAp5R6AwQAp5TFMA0GCSqGSIb3DQEBCwUAA4IBAQBoX4VvsD/SCu2WFe+8iHUH
UDpluyNBlAXLqbL5DIIRW6+8DyE2v/zZLP6i7Z131YcS3qfkZ16e88B5m/vme0O0
Dzfstl37KOwkJ+Nays3KQ1DDLwpa//BWsO6CeslzYLofL+PG1wuNPjef7B4zyuJp
lvExvEoTQ5OeGLqbk0T+CI6U+MFacwkHqYR/ZAfVfwHZNfWlG/C5MeKgg0jAKRKI
ZreRaD6cerq1QsMoa/R9BDuKEtEHSoIBAe82m9Pl3kbL0cLitjOAxV/mT8Z8EIzQ
KIpfArGdP0b5LMnCCtnO9BFgn38xj43cPWsT7NDGl4pBXAIoE1yQDV7UAhSzb547
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:17:09 2026 by rpki-client