Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS203054.roa
File: AS203054.roa (raw, json)
Hash identifier: 98J54k6H0ckPdWk8AjKUSPtk6MGPlJK/bzZkSWasAzY=
Subject key identifier: EC:99:9A:0A:FC:19:9B:08:66:F4:AD:3E:A5:AC:1A:49:23:DD:2D:C8
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 6BFAB0D2BCD1C68577158CB632E9C35705C4733E
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS203054.roa
Signing time: Thu 21 May 2026 18:08:03 +0000
ROA not before: Thu 21 May 2026 18:03:03 +0000
ROA not after: Thu 20 May 2027 18:08:03 +0000
asID: 203054
IP address blocks: 143.20.86.0/24 maxlen: 24
143.20.87.0/24 maxlen: 24
143.20.111.0/24 maxlen: 24
143.20.194.0/24 maxlen: 24
143.20.202.0/24 maxlen: 24
143.20.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 21:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:fa:b0:d2:bc:d1:c6:85:77:15:8c:b6:32:e9:c3:57:05:c4:73:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 21 18:03:03 2026 GMT
Not After : May 20 18:08:03 2027 GMT
Subject: CN=EC999A0AFC199B0866F4AD3EA5AC1A4923DD2DC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f5:72:ba:89:5b:e2:1b:17:79:36:33:e8:5d:
67:da:a7:96:f7:fa:f1:1b:ac:e2:0e:fd:f9:53:c4:
4b:7e:4f:4b:9b:2a:4d:77:4e:a4:c7:e0:08:51:b4:
2e:d1:48:80:e3:25:c0:34:e3:7f:fe:5d:f9:c2:96:
50:9c:97:39:8f:d5:d3:a8:3a:bb:38:6e:ab:a0:da:
b6:7d:a3:c4:69:b7:4a:84:ba:3b:e5:2a:e6:07:4e:
5e:65:c5:54:99:4c:90:05:56:35:d1:09:3a:49:5b:
55:1f:a9:fd:6d:51:c7:e9:73:30:35:16:b9:a8:9e:
75:42:64:46:d3:a9:c8:8a:3d:5f:63:de:01:5f:7a:
ee:f8:e1:fc:b8:5c:25:8b:ec:4a:6d:fc:51:c1:70:
aa:e1:ff:69:53:6c:27:c4:40:a2:40:29:b8:fc:b7:
30:c2:e3:da:50:94:ee:46:b5:64:52:bd:0b:f7:ef:
48:d6:49:e5:e5:72:27:d2:f6:d6:fb:b5:d9:a7:7f:
7a:86:79:3e:57:c6:ac:88:f5:4d:5a:fa:d1:7b:97:
44:11:ed:67:9b:91:26:da:0f:58:15:6f:43:57:8c:
e5:83:cb:87:7c:9e:14:fd:aa:c5:41:2b:ac:7a:72:
2d:67:96:d7:0a:06:bc:51:7d:d9:60:1c:06:57:af:
be:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:99:9A:0A:FC:19:9B:08:66:F4:AD:3E:A5:AC:1A:49:23:DD:2D:C8
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS203054.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.86.0/23
143.20.111.0/24
143.20.194.0/24
143.20.202.0/24
143.20.220.0/24
Signature Algorithm: sha256WithRSAEncryption
78:2f:75:64:25:c2:66:4c:c8:c6:38:87:cb:99:44:83:9f:63:
d0:b5:f1:5c:f4:93:68:5c:0b:8f:c0:66:d1:22:06:ea:19:c5:
08:e5:7c:52:45:a3:06:f7:c2:6b:07:bd:b6:4f:80:2c:a5:7a:
e8:b6:a4:41:40:13:b1:f0:9c:c1:93:63:fa:98:63:f3:ec:5f:
4b:4c:d1:9b:ae:6f:66:8e:ea:da:aa:b1:2e:0c:e9:70:3b:45:
d6:d7:97:22:c5:6e:af:63:41:fe:84:49:d2:b8:b5:ef:1a:97:
52:f1:c1:fd:cd:48:cc:78:c9:9a:0a:60:c7:f3:1d:3e:d2:ba:
74:58:c2:f7:e6:ad:40:80:43:30:0f:f0:e2:d5:7c:90:8c:ad:
bf:a1:aa:5d:f0:7f:7d:be:41:b0:04:1a:cd:bd:06:09:0e:33:
21:a2:cc:86:a1:bc:f9:ae:70:27:af:a4:0c:90:5a:30:89:47:
39:1f:14:29:87:b9:80:ad:53:12:81:01:40:99:6a:4c:e5:92:
c8:f9:60:3a:fb:0b:87:f2:4c:76:90:01:09:94:73:ff:50:7a:
52:87:2a:00:84:53:1b:49:24:a5:80:86:f0:36:4a:2a:4e:9a:
88:5e:f3:68:3d:94:e1:98:d1:dd:85:16:34:3e:e8:70:41:1d:
2a:9a:3e:00
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUa/qw0rzRxoV3FYy2MunDVwXEcz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA1MjExODAzMDNaFw0yNzA1MjAxODA4MDNaMDMxMTAvBgNV
BAMTKEVDOTk5QTBBRkMxOTlCMDg2NkY0QUQzRUE1QUMxQTQ5MjNERDJEQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC79XK6iVviGxd5NjPoXWfap5b3
+vEbrOIO/flTxEt+T0ubKk13TqTH4AhRtC7RSIDjJcA043/+XfnCllCclzmP1dOo
Ors4bqug2rZ9o8Rpt0qEujvlKuYHTl5lxVSZTJAFVjXRCTpJW1Ufqf1tUcfpczA1
FrmonnVCZEbTqciKPV9j3gFfeu744fy4XCWL7Ept/FHBcKrh/2lTbCfEQKJAKbj8
tzDC49pQlO5GtWRSvQv370jWSeXlcifS9tb7tdmnf3qGeT5XxqyI9U1a+tF7l0QR
7WebkSbaD1gVb0NXjOWDy4d8nhT9qsVBK6x6ci1nltcKBrxRfdlgHAZXr77pAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQU7JmaCvwZmwhm9K0+pawaSSPdLcgwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjAzMDU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBjxRW
AwQAjxRvAwQAjxTCAwQAjxTKAwQAjxTcMA0GCSqGSIb3DQEBCwUAA4IBAQB4L3Vk
JcJmTMjGOIfLmUSDn2PQtfFc9JNoXAuPwGbRIgbqGcUI5XxSRaMG98JrB722T4As
pXrotqRBQBOx8JzBk2P6mGPz7F9LTNGbrm9mjuraqrEuDOlwO0XW15cixW6vY0H+
hEnSuLXvGpdS8cH9zUjMeMmaCmDH8x0+0rp0WML35q1AgEMwD/Di1XyQjK2/oapd
8H99vkGwBBrNvQYJDjMhosyGobz5rnAnr6QMkFowiUc5HxQph7mArVMSgQFAmWpM
5ZLI+WA6+wuH8kx2kAEJlHP/UHpShyoAhFMbSSSlgIbwNkoqTpqIXvNoPZThmNHd
hRY0PuhwQR0qmj4A
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:04:41 2026 by rpki-client