Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214143.roa
File: AS214143.roa (raw, json)
Hash identifier: hl4VoCdZbHtb1gEZXtoElN9JFvEkyq19JcbXa2qgpPA=
Subject key identifier: 88:6D:D9:B7:F1:E1:5E:F8:A1:AB:4B:64:AC:14:26:F0:56:26:F3:E5
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 36EB27A59109E1C63C613FE8F67135127DEE73E0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214143.roa
Signing time: Thu 14 May 2026 07:54:57 +0000
ROA not before: Thu 14 May 2026 07:49:57 +0000
ROA not after: Thu 13 May 2027 07:54:57 +0000
asID: 214143
IP address blocks: 143.14.32.0/24 maxlen: 24
143.14.108.0/24 maxlen: 24
143.14.228.0/24 maxlen: 24
143.14.240.0/24 maxlen: 24
167.148.10.0/24 maxlen: 24
167.148.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:eb:27:a5:91:09:e1:c6:3c:61:3f:e8:f6:71:35:12:7d:ee:73:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 14 07:49:57 2026 GMT
Not After : May 13 07:54:57 2027 GMT
Subject: CN=886DD9B7F1E15EF8A1AB4B64AC1426F05626F3E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2c:b9:55:46:5a:cb:05:ca:a5:55:a1:cb:60:
7d:dd:60:a7:e1:56:09:66:84:86:5f:a3:b4:c9:9b:
7e:eb:ff:25:aa:e3:f1:70:69:d9:de:cd:1b:e5:f0:
8a:e8:ae:23:5a:76:b2:67:94:52:ca:1f:5a:15:71:
3c:5c:2b:0f:0c:e8:3b:df:8c:93:4e:c2:f3:14:a5:
e2:68:9c:aa:c3:c2:2b:7a:b7:89:53:40:ab:1d:17:
cd:9b:71:61:34:c6:2c:e0:81:a3:0c:0b:09:9d:05:
a3:81:ca:d0:96:4c:18:fe:44:71:67:6a:23:40:a4:
e9:f7:0e:98:3d:d5:7b:18:6c:84:1a:3d:fd:d8:11:
ec:8d:c4:bb:cc:08:c8:c6:84:79:8c:eb:ed:d8:ed:
99:dd:60:db:e3:bd:af:2d:f6:52:ab:f7:8a:58:bf:
b6:72:53:95:11:88:ff:c9:4a:7e:01:e5:22:7d:ac:
9f:9b:1b:c2:87:a2:c6:3f:c1:2e:07:66:6e:15:3c:
f2:55:1a:81:e7:7b:f1:c1:6e:23:08:55:21:92:1e:
92:a0:d2:f1:89:a8:1c:ef:fb:ab:23:f5:9f:ff:a1:
2a:97:72:1d:62:2b:f7:08:b9:20:c4:78:10:5e:9e:
8d:36:8d:9c:12:11:fc:0b:12:c1:91:1a:ec:9d:fa:
24:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6D:D9:B7:F1:E1:5E:F8:A1:AB:4B:64:AC:14:26:F0:56:26:F3:E5
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214143.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.32.0/24
143.14.108.0/24
143.14.228.0/24
143.14.240.0/24
167.148.10.0/24
167.148.116.0/24
Signature Algorithm: sha256WithRSAEncryption
88:09:d4:15:b5:5b:54:2c:92:0f:4c:0f:7a:0b:9d:64:4e:bb:
cf:ca:80:6c:a2:0c:f2:e2:a5:41:92:54:94:c5:d7:5f:ae:da:
1e:81:3a:5f:97:ac:b5:15:bd:08:c4:84:fe:d1:09:dc:bd:41:
25:b2:83:00:57:a7:ac:bd:4c:f2:b7:46:06:e5:d7:68:56:bb:
bc:91:5a:8e:89:0d:df:91:2d:65:8c:4c:7d:f2:47:ad:4d:6b:
99:fa:d1:81:ed:c1:b1:1e:8b:92:e0:b0:21:55:cb:6e:44:51:
db:2f:72:9d:ce:69:fb:f8:97:a0:f3:9a:ca:af:c9:76:e9:55:
50:16:b0:23:3b:2f:02:a1:fa:23:b5:1c:77:b6:ae:4e:8e:bd:
a5:29:1e:82:b3:f5:c6:0b:3e:94:91:7f:f6:5a:4f:d5:38:60:
02:a9:e1:f3:ca:17:f1:80:d6:f5:7b:e5:79:e0:ef:80:94:04:
92:92:a5:cf:81:f0:0e:e9:d9:78:b2:1b:32:b7:20:ae:ba:8d:
14:62:94:15:bc:03:05:d0:fe:cd:b0:db:2f:44:ab:d3:92:5e:
8a:f5:87:1d:91:07:be:6d:62:8b:97:87:7f:15:25:90:9c:ed:
49:ea:70:70:69:8b:17:6e:ac:89:c4:0c:4e:ad:80:47:bb:ac:
40:ff:aa:c5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUNusnpZEJ4cY8YT/o9nE1En3uc+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MTQwNzQ5NTdaFw0yNzA1MTMwNzU0NTdaMDMxMTAvBgNV
BAMTKDg4NkREOUI3RjFFMTVFRjhBMUFCNEI2NEFDMTQyNkYwNTYyNkYzRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6LLlVRlrLBcqlVaHLYH3dYKfh
VglmhIZfo7TJm37r/yWq4/FwadnezRvl8IroriNadrJnlFLKH1oVcTxcKw8M6Dvf
jJNOwvMUpeJonKrDwit6t4lTQKsdF82bcWE0xizggaMMCwmdBaOBytCWTBj+RHFn
aiNApOn3Dpg91XsYbIQaPf3YEeyNxLvMCMjGhHmM6+3Y7ZndYNvjva8t9lKr94pY
v7ZyU5URiP/JSn4B5SJ9rJ+bG8KHosY/wS4HZm4VPPJVGoHne/HBbiMIVSGSHpKg
0vGJqBzv+6sj9Z//oSqXch1iK/cIuSDEeBBeno02jZwSEfwLEsGRGuyd+iS3AgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUiG3Zt/HhXvihq0tkrBQm8FYm8+UwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0MTQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjw4g
AwQAjw5sAwQAjw7kAwQAjw7wAwQAp5QKAwQAp5R0MA0GCSqGSIb3DQEBCwUAA4IB
AQCICdQVtVtULJIPTA96C51kTrvPyoBsogzy4qVBklSUxddfrtoegTpfl6y1Fb0I
xIT+0QncvUElsoMAV6esvUzyt0YG5ddoVru8kVqOiQ3fkS1ljEx98ketTWuZ+tGB
7cGxHouS4LAhVctuRFHbL3Kdzmn7+Jeg85rKr8l26VVQFrAjOy8CofojtRx3tq5O
jr2lKR6Cs/XGCz6UkX/2Wk/VOGACqeHzyhfxgNb1e+V54O+AlASSkqXPgfAO6dl4
shsytyCuuo0UYpQVvAMF0P7NsNsvRKvTkl6K9YcdkQe+bWKLl4d/FSWQnO1J6nBw
aYsXbqyJxAxOrYBHu6xA/6rF
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:13:35 2026 by rpki-client