Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS205489.roa
File: AS205489.roa (raw, json)
Hash identifier: nTaIN07bJg/J0ZDDvSbQ5Dd0ux93jcNfNWA7uCpMEd4=
Subject key identifier: E8:47:DE:64:2B:57:24:1F:3E:18:52:63:67:88:33:A1:A7:8B:E9:60
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4082F06012F8148E82DFF660E3D5DCFDC6490B0F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS205489.roa
Signing time: Wed 03 Jun 2026 18:21:00 +0000
ROA not before: Wed 03 Jun 2026 18:16:00 +0000
ROA not after: Wed 02 Jun 2027 18:21:00 +0000
asID: 205489
IP address blocks: 143.14.123.0/24 maxlen: 24
143.14.131.0/24 maxlen: 24
143.14.147.0/24 maxlen: 24
143.14.174.0/24 maxlen: 24
155.117.143.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
155.117.156.0/24 maxlen: 24
155.117.158.0/24 maxlen: 24
155.117.178.0/24 maxlen: 24
155.117.205.0/24 maxlen: 24
162.141.4.0/24 maxlen: 24
162.141.67.0/24 maxlen: 24
162.141.69.0/24 maxlen: 24
167.148.141.0/24 maxlen: 24
167.148.177.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
168.222.13.0/24 maxlen: 24
168.222.42.0/24 maxlen: 24
168.222.45.0/24 maxlen: 24
168.222.67.0/24 maxlen: 24
168.222.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:82:f0:60:12:f8:14:8e:82:df:f6:60:e3:d5:dc:fd:c6:49:0b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 3 18:16:00 2026 GMT
Not After : Jun 2 18:21:00 2027 GMT
Subject: CN=E847DE642B57241F3E185263678833A1A78BE960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:07:90:6f:34:34:ce:7c:ee:67:a6:f0:a5:13:
d4:14:42:e0:2a:7b:07:7b:32:37:18:b4:96:27:72:
19:27:60:00:ef:95:e1:02:58:15:2a:9c:46:37:6e:
e8:c7:6c:5c:92:25:ab:ea:20:e3:5c:97:ee:92:79:
27:08:3e:77:5c:62:31:ec:ff:1a:c3:32:b4:03:8f:
3a:f8:2b:89:55:be:84:89:7b:96:89:15:e6:6d:3d:
3a:1b:15:82:55:bd:07:5f:ac:c6:d3:e9:d5:9f:6c:
da:cf:63:60:9c:5b:c2:be:fa:a7:3d:23:7e:e7:9b:
83:78:26:49:35:74:7b:f0:02:55:5d:55:f2:8a:41:
b2:2a:0e:4e:e6:9e:e9:22:e8:c3:5d:cd:c5:25:0f:
d3:f4:62:7a:59:ca:c8:dc:da:84:e3:15:3c:2d:12:
1c:75:05:8e:7a:d3:bc:54:12:f7:2d:da:ff:d7:9a:
70:90:1f:a5:27:29:25:8d:f9:f1:10:d4:83:c8:93:
22:df:bc:4e:34:ce:ca:81:50:8c:45:14:35:25:28:
17:42:84:0a:99:70:c6:bb:4a:e3:ad:d1:73:8c:09:
a0:db:c7:34:f2:c7:a6:a8:a2:5c:dc:89:80:ba:92:
71:20:e7:1c:cf:6c:89:e1:48:52:48:d0:8e:b3:c0:
bd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:47:DE:64:2B:57:24:1F:3E:18:52:63:67:88:33:A1:A7:8B:E9:60
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS205489.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.123.0/24
143.14.131.0/24
143.14.147.0/24
143.14.174.0/24
155.117.143.0/24
155.117.150.0/24
155.117.156.0/24
155.117.158.0/24
155.117.178.0/24
155.117.205.0/24
162.141.4.0/24
162.141.67.0/24
162.141.69.0/24
167.148.141.0/24
167.148.177.0/24
167.148.206.0/24
168.222.13.0/24
168.222.42.0/24
168.222.45.0/24
168.222.67.0/24
168.222.77.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:c8:a5:38:ab:06:6b:39:b4:2c:df:55:d1:02:53:62:04:c7:
b5:b0:15:7d:74:ec:98:da:75:cf:2c:1c:e8:7e:57:d6:82:14:
3c:26:51:73:ee:c6:1a:e4:fc:4b:2c:1e:77:f9:fb:af:0d:04:
5c:09:c7:a3:f4:8c:8b:3d:c4:72:f5:aa:f1:6f:bd:f2:fd:e2:
b2:19:06:0c:51:cd:78:f4:b9:3d:92:4b:a8:18:48:a4:46:8c:
e9:57:0b:fc:fd:6a:14:8b:71:e7:ed:c3:01:64:b6:6d:00:04:
58:8b:56:62:06:de:94:bd:e3:12:72:8c:54:1f:54:2d:5e:dd:
bc:ad:64:a7:08:34:b5:92:f4:25:b2:ec:f6:c0:c6:b8:22:a4:
5b:0f:5a:69:d7:63:35:fb:cb:9e:a0:06:dc:90:82:5a:af:cf:
63:3d:01:2c:58:2a:56:c1:16:cc:73:53:c8:d3:5d:76:39:26:
04:9e:5d:92:4e:81:c2:00:5b:f7:19:0b:f7:73:79:7d:09:18:
f8:a8:c8:63:cc:07:e9:0e:f6:b0:dc:93:23:43:b3:fd:e6:f9:
ad:2b:dc:07:f9:b9:a8:c6:96:dd:2d:3a:00:74:7b:01:48:88:
0c:e7:3c:7a:9b:49:6c:eb:d5:83:46:04:f6:da:96:ae:1f:87:
24:4f:0a:68
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIUQILwYBL4FI6C3/Zg49Xc/cZJCw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDMxODE2MDBaFw0yNzA2MDIxODIxMDBaMDMxMTAvBgNV
BAMTKEU4NDdERTY0MkI1NzI0MUYzRTE4NTI2MzY3ODgzM0ExQTc4QkU5NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmB5BvNDTOfO5npvClE9QUQuAq
ewd7MjcYtJYnchknYADvleECWBUqnEY3bujHbFySJavqIONcl+6SeScIPndcYjHs
/xrDMrQDjzr4K4lVvoSJe5aJFeZtPTobFYJVvQdfrMbT6dWfbNrPY2CcW8K++qc9
I37nm4N4Jkk1dHvwAlVdVfKKQbIqDk7mnuki6MNdzcUlD9P0YnpZysjc2oTjFTwt
Ehx1BY5607xUEvct2v/XmnCQH6UnKSWN+fEQ1IPIkyLfvE40zsqBUIxFFDUlKBdC
hAqZcMa7SuOt0XOMCaDbxzTyx6aoolzciYC6knEg5xzPbInhSFJI0I6zwL0VAgMB
AAGjggKGMIICgjAdBgNVHQ4EFgQU6EfeZCtXJB8+GFJjZ4gzoaeL6WAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA1NDg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgME
AI8OewMEAI8OgwMEAI8OkwMEAI8OrgMEAJt1jwMEAJt1lgMEAJt1nAMEAJt1ngME
AJt1sgMEAJt1zQMEAKKNBAMEAKKNQwMEAKKNRQMEAKeUjQMEAKeUsQMEAKeUzgME
AKjeDQMEAKjeKgMEAKjeLQMEAKjeQwMEAKjeTTANBgkqhkiG9w0BAQsFAAOCAQEA
TMilOKsGazm0LN9V0QJTYgTHtbAVfXTsmNp1zywc6H5X1oIUPCZRc+7GGuT8Sywe
d/n7rw0EXAnHo/SMiz3EcvWq8W+98v3ishkGDFHNePS5PZJLqBhIpEaM6VcL/P1q
FItx5+3DAWS2bQAEWItWYgbelL3jEnKMVB9ULV7dvK1kpwg0tZL0JbLs9sDGuCKk
Ww9aaddjNfvLnqAG3JCCWq/PYz0BLFgqVsEWzHNTyNNddjkmBJ5dkk6BwgBb9xkL
93N5fQkY+KjIY8wH6Q72sNyTI0Oz/eb5rSvcB/m5qMaW3S06AHR7AUiIDOc8eptJ
bOvVg0YE9tqWrh+HJE8KaA==
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:15:29 2026 by rpki-client