
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS152868.roa
File: AS152868.roa (raw, json)
Hash identifier: kmNFIuyRwDiFY7g0bhp80ciS6q/cDBS2owy54aVuuHo=
Subject key identifier: 25:D1:20:DB:D2:61:87:14:C4:B1:3F:67:49:96:30:8A:D5:14:9A:22
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 494B1B69F9C3A287DBC17AB38B6CAB3379FD3A1E
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS152868.roa
Signing time: Tue 16 Jun 2026 00:19:14 +0000
ROA not before: Tue 16 Jun 2026 00:14:14 +0000
ROA not after: Tue 15 Jun 2027 00:19:14 +0000
asID: 152868
IP address blocks: 143.20.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Jul 2026 17:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:4b:1b:69:f9:c3:a2:87:db:c1:7a:b3:8b:6c:ab:33:79:fd:3a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 16 00:14:14 2026 GMT
Not After : Jun 15 00:19:14 2027 GMT
Subject: CN=25D120DBD2618714C4B13F674996308AD5149A22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0d:b1:e0:7d:d4:32:d0:da:06:5d:19:1c:08:
09:25:85:60:ff:99:db:e8:b1:66:bb:d1:80:a1:31:
ad:83:36:7d:2a:1e:d3:fd:a6:a9:cb:9b:7a:1d:c9:
28:10:dc:b8:3c:e3:fa:48:26:6c:51:27:04:09:23:
3c:3a:f2:03:98:f4:df:1c:77:ef:72:52:01:15:9b:
4b:2f:e3:00:bb:6c:cd:7a:28:9b:7e:2e:60:7a:42:
07:19:b4:51:35:54:9e:ba:ad:48:53:18:87:54:2f:
bf:d8:0a:c1:8b:8f:e2:8b:6b:c3:a8:6c:16:3e:17:
60:55:63:b3:0d:02:0f:60:d7:85:0b:f7:f7:fb:88:
00:c1:50:26:e0:64:79:12:75:b2:3a:43:52:2d:98:
23:5c:aa:57:28:c8:33:9c:4e:b1:e9:1d:c8:b6:5c:
0c:4b:90:0a:2f:45:18:b8:90:5d:16:45:65:1d:34:
56:99:fb:9e:cf:fd:75:4e:a4:eb:b0:d5:ef:29:c9:
34:b6:c7:66:36:4b:32:cb:f7:bf:67:8b:b0:5f:26:
9d:2c:33:f5:e2:bb:cd:b6:cb:29:5d:c1:d6:a5:f5:
85:ed:a6:c1:53:19:cf:f1:11:24:9f:63:f8:bb:f7:
46:90:c9:f5:ae:dd:96:e0:74:45:88:9d:68:d2:7a:
57:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D1:20:DB:D2:61:87:14:C4:B1:3F:67:49:96:30:8A:D5:14:9A:22
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS152868.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.41.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:2e:3a:fe:f5:8c:52:61:a6:33:60:91:4c:d1:58:b5:12:e7:
08:0b:14:16:74:65:d8:85:28:31:41:ab:75:20:4c:61:0f:e9:
7a:26:c2:cb:17:c4:c0:0a:0d:2a:0c:22:6d:c6:1a:9c:53:2c:
58:3c:61:eb:b0:8d:ce:50:07:ba:ea:2f:a9:5c:7a:a3:27:32:
14:9b:9d:84:a8:bc:ee:5b:cd:8d:7a:ad:a1:de:b9:89:5b:cc:
48:b9:36:88:a1:7d:9e:cf:73:ba:8d:12:0c:8c:30:5d:10:2f:
47:3e:12:3e:34:81:05:8b:c6:e9:9a:b6:4c:5f:f2:04:78:05:
1f:c9:72:f4:86:bc:d6:e3:11:1c:69:5c:e3:95:43:18:fd:d6:
21:ad:6a:85:4a:47:13:8d:4d:d3:78:73:de:3d:3a:07:5a:ad:
d9:30:b4:ee:cd:ce:60:ef:ce:c8:ec:6c:d0:81:cf:20:1c:99:
80:47:66:00:c5:a9:ac:fe:40:30:4e:b9:bf:d4:2f:e4:ae:79:
49:4a:af:e4:1e:a1:a0:d7:90:9d:3a:fb:62:6f:25:3b:d5:96:
86:bf:ca:85:04:5d:0a:43:d8:09:89:3a:32:fd:3b:0b:d0:07:
71:a0:ad:4f:dc:3c:79:ab:01:d5:f8:ca:73:90:a4:d9:b4:1e:
5f:bb:85:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUSUsbafnDoofbwXqzi2yrM3n9Oh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA2MTYwMDE0MTRaFw0yNzA2MTUwMDE5MTRaMDMxMTAvBgNV
BAMTKDI1RDEyMERCRDI2MTg3MTRDNEIxM0Y2NzQ5OTYzMDhBRDUxNDlBMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzDbHgfdQy0NoGXRkcCAklhWD/
mdvosWa70YChMa2DNn0qHtP9pqnLm3odySgQ3Lg84/pIJmxRJwQJIzw68gOY9N8c
d+9yUgEVm0sv4wC7bM16KJt+LmB6QgcZtFE1VJ66rUhTGIdUL7/YCsGLj+KLa8Oo
bBY+F2BVY7MNAg9g14UL9/f7iADBUCbgZHkSdbI6Q1ItmCNcqlcoyDOcTrHpHci2
XAxLkAovRRi4kF0WRWUdNFaZ+57P/XVOpOuw1e8pyTS2x2Y2SzLL979ni7BfJp0s
M/Xiu822yyldwdal9YXtpsFTGc/xESSfY/i790aQyfWu3ZbgdEWInWjSelcxAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUJdEg29JhhxTEsT9nSZYwitUUmiIwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMTUyODY4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxQp
MA0GCSqGSIb3DQEBCwUAA4IBAQDILjr+9YxSYaYzYJFM0Vi1EucICxQWdGXYhSgx
Qat1IExhD+l6JsLLF8TACg0qDCJtxhqcUyxYPGHrsI3OUAe66i+pXHqjJzIUm52E
qLzuW82Neq2h3rmJW8xIuTaIoX2ez3O6jRIMjDBdEC9HPhI+NIEFi8bpmrZMX/IE
eAUfyXL0hrzW4xEcaVzjlUMY/dYhrWqFSkcTjU3TeHPePToHWq3ZMLTuzc5g787I
7GzQgc8gHJmAR2YAxams/kAwTrm/1C/krnlJSq/kHqGg15CdOvtibyU71ZaGv8qF
BF0KQ9gJiToy/TsL0AdxoK1P3Dx5qwHV+MpzkKTZtB5fu4Ue
-----END CERTIFICATE-----
Generated at Sat Jul 18 00:51:56 2026 by rpki-client