Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS203048.roa
File: AS203048.roa (raw, json)
Hash identifier: XMHlSVHxy62ZBBhr5O9+lRWd8Zh8aYvUuesnb2/iRjE=
Subject key identifier: 9E:51:1A:0A:42:98:03:89:19:E2:EC:8F:37:D3:40:FD:EC:5C:B6:C4
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 45E3B280BCBB81EC6E5810BE32CF4DE74135DBB5
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS203048.roa
Signing time: Sat 16 May 2026 00:39:15 +0000
ROA not before: Sat 16 May 2026 00:34:15 +0000
ROA not after: Sat 15 May 2027 00:39:15 +0000
asID: 203048
IP address blocks: 143.20.109.0/24 maxlen: 24
143.20.140.0/24 maxlen: 24
143.20.176.0/24 maxlen: 24
143.20.200.0/24 maxlen: 24
143.20.201.0/24 maxlen: 24
143.20.207.0/24 maxlen: 24
143.20.213.0/24 maxlen: 24
143.20.216.0/24 maxlen: 24
143.20.218.0/24 maxlen: 24
143.20.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 May 2026 16:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:e3:b2:80:bc:bb:81:ec:6e:58:10:be:32:cf:4d:e7:41:35:db:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 16 00:34:15 2026 GMT
Not After : May 15 00:39:15 2027 GMT
Subject: CN=9E511A0A4298038919E2EC8F37D340FDEC5CB6C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a1:5a:db:6c:5a:e7:5a:03:6a:84:4a:ca:e5:
5d:eb:b1:b2:ba:86:47:5e:65:97:0e:26:e3:86:d6:
db:8f:76:d9:41:75:ea:69:e7:a0:49:f7:a7:35:f8:
c5:a3:55:8f:9b:dd:77:3b:10:dd:ab:1e:ae:5a:a7:
b9:63:72:9e:a6:5a:8c:bc:4a:2b:23:c8:3c:64:ec:
93:29:4c:af:cc:ac:c7:a4:3a:86:bb:93:a2:58:58:
78:3d:38:94:c1:a9:40:f4:45:c2:96:dd:dc:cc:5e:
4a:42:9b:21:da:44:70:bf:3a:2b:4f:c9:a0:77:3c:
4b:24:23:df:49:71:d9:33:79:72:78:51:e7:f7:3e:
28:87:ab:ab:b2:57:5e:a9:60:b3:6a:4a:8d:b4:fa:
a5:e5:43:48:eb:ea:b2:31:5d:ac:07:b0:3f:e6:cc:
3e:28:46:d8:61:49:ba:c4:2f:e2:9c:9e:c0:e3:3f:
3f:f3:40:17:9e:71:cd:15:84:19:6b:30:86:3c:1d:
8b:c8:a8:33:e9:25:a9:50:ba:66:65:1d:10:f1:73:
cb:9b:75:a6:c4:18:2f:bd:e8:bb:a7:77:c2:4b:31:
70:ed:1f:bd:6e:b4:aa:b7:d3:a0:71:62:85:d2:74:
63:c6:68:8b:a6:5a:bc:65:5a:3b:d2:98:c5:c0:34:
eb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:51:1A:0A:42:98:03:89:19:E2:EC:8F:37:D3:40:FD:EC:5C:B6:C4
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS203048.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.109.0/24
143.20.140.0/24
143.20.176.0/24
143.20.200.0/23
143.20.207.0/24
143.20.213.0/24
143.20.216.0/24
143.20.218.0/24
143.20.236.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:3f:dc:e8:31:e1:f9:73:a4:f1:e4:46:8f:2b:5f:cf:f9:e4:
72:3f:c2:65:e3:e3:00:18:96:78:dc:ec:9d:7d:2c:02:1b:e5:
af:c4:68:bd:4b:89:dd:ee:4e:4b:82:38:05:cc:c2:ea:b3:96:
ce:7b:55:66:a9:30:54:b5:80:63:4e:4e:e4:f3:72:b5:1b:86:
eb:ca:69:74:02:7e:12:bc:e4:3b:91:42:70:ac:6b:14:83:46:
e2:9e:d4:70:6a:dd:33:5f:3a:ff:b0:04:8a:ce:04:35:85:a3:
4e:85:40:49:2b:09:9f:bb:9e:21:9c:f0:b8:7b:ac:ff:97:3e:
71:97:01:a7:df:eb:99:f1:3d:dc:36:7a:61:c2:8c:6e:e8:78:
e3:b5:99:64:5f:7f:83:00:26:5a:21:68:f2:21:4b:c6:64:28:
d6:d8:3a:a0:a1:99:8c:9f:8f:3e:08:99:68:48:e2:f8:96:34:
f5:ae:fa:29:f1:bc:ff:44:59:c1:ce:5f:e7:92:5e:8c:d2:e4:
5e:b6:d1:d6:f2:f7:16:60:ca:ac:f6:23:ce:28:c8:09:3c:3c:
16:ea:c7:dd:ca:36:5a:10:90:af:6e:37:de:fc:d3:fd:c4:83:
7d:8e:a7:10:f1:1b:5c:09:33:db:91:8f:96:f8:62:71:69:12:
f5:0e:37:80
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUReOygLy7gexuWBC+Ms9N50E127UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA1MTYwMDM0MTVaFw0yNzA1MTUwMDM5MTVaMDMxMTAvBgNV
BAMTKDlFNTExQTBBNDI5ODAzODkxOUUyRUM4RjM3RDM0MEZERUM1Q0I2QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJoVrbbFrnWgNqhErK5V3rsbK6
hkdeZZcOJuOG1tuPdtlBdepp56BJ96c1+MWjVY+b3Xc7EN2rHq5ap7ljcp6mWoy8
SisjyDxk7JMpTK/MrMekOoa7k6JYWHg9OJTBqUD0RcKW3dzMXkpCmyHaRHC/OitP
yaB3PEskI99JcdkzeXJ4Uef3PiiHq6uyV16pYLNqSo20+qXlQ0jr6rIxXawHsD/m
zD4oRthhSbrEL+KcnsDjPz/zQBeecc0VhBlrMIY8HYvIqDPpJalQumZlHRDxc8ub
dabEGC+96Lund8JLMXDtH71utKq306BxYoXSdGPGaIumWrxlWjvSmMXANOtNAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUnlEaCkKYA4kZ4uyPN9NA/exctsQwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjAzMDQ4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAjxRt
AwQAjxSMAwQAjxSwAwQBjxTIAwQAjxTPAwQAjxTVAwQAjxTYAwQAjxTaAwQAjxTs
MA0GCSqGSIb3DQEBCwUAA4IBAQBfP9zoMeH5c6Tx5EaPK1/P+eRyP8Jl4+MAGJZ4
3OydfSwCG+WvxGi9S4nd7k5LgjgFzMLqs5bOe1VmqTBUtYBjTk7k83K1G4bryml0
An4SvOQ7kUJwrGsUg0bintRwat0zXzr/sASKzgQ1haNOhUBJKwmfu54hnPC4e6z/
lz5xlwGn3+uZ8T3cNnphwoxu6HjjtZlkX3+DACZaIWjyIUvGZCjW2DqgoZmMn48+
CJloSOL4ljT1rvop8bz/RFnBzl/nkl6M0uRettHW8vcWYMqs9iPOKMgJPDwW6sfd
yjZaEJCvbjfe/NP9xIN9jqcQ8RtcCTPbkY+W+GJxaRL1DjeA
-----END CERTIFICATE-----
Generated at Tue May 26 03:58:53 2026 by rpki-client