Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS198250.roa
File: AS198250.roa (raw, json)
Hash identifier: haTX1ixX4d2dM+c2L8Hmcd+w6bqvU3ItERHH5OY3/qY=
Subject key identifier: 60:DD:7B:E5:5B:44:57:9E:68:F0:76:AD:0C:39:35:35:88:85:6D:15
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5A9379C4FA39246CB77E98506E32A7A74850023E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS198250.roa
Signing time: Mon 13 Apr 2026 23:54:46 +0000
ROA not before: Mon 13 Apr 2026 23:49:46 +0000
ROA not after: Mon 12 Apr 2027 23:54:46 +0000
asID: 198250
IP address blocks: 143.14.229.0/24 maxlen: 24
148.135.185.0/24 maxlen: 24
155.117.118.0/24 maxlen: 24
155.117.158.0/24 maxlen: 24
155.117.179.0/24 maxlen: 24
162.141.113.0/24 maxlen: 24
168.222.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:93:79:c4:fa:39:24:6c:b7:7e:98:50:6e:32:a7:a7:48:50:02:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 13 23:49:46 2026 GMT
Not After : Apr 12 23:54:46 2027 GMT
Subject: CN=60DD7BE55B44579E68F076AD0C39353588856D15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bc:cf:71:01:af:a9:f1:48:49:31:66:17:d0:
ac:14:e6:57:04:ba:b6:5e:1b:ec:ba:30:62:a0:04:
7b:e7:1c:8c:7c:33:24:64:a0:93:40:be:86:03:f8:
02:03:2f:74:47:31:3a:c4:d8:38:61:da:fc:84:7f:
2d:3c:5d:f6:d9:f4:7c:05:cd:13:ad:ce:a6:20:2c:
ad:bd:e2:2e:50:12:c9:fc:09:ca:67:ab:89:68:08:
6d:57:51:86:b1:04:a7:cc:5c:01:3f:e2:c4:2d:d6:
e3:fe:38:7a:c9:96:4e:1e:db:05:62:f5:07:d0:2c:
0e:b9:86:e5:64:fb:0e:dc:34:b2:4c:74:a5:65:3e:
19:5e:97:33:3a:e2:8b:b5:fd:2c:7b:ba:08:c1:f5:
6b:ed:ca:0f:80:47:63:da:99:0f:e6:a3:0c:51:6a:
0d:1f:ba:64:4e:96:97:38:b7:90:50:e5:9f:a3:d4:
84:ff:5f:6e:f9:16:b4:0e:60:ef:b9:e9:06:7d:d9:
d2:36:c9:5a:15:03:03:64:78:cb:4a:c3:ba:1d:1f:
6b:87:f0:6d:c2:00:aa:61:2a:f8:20:1a:2a:b9:27:
68:22:49:df:d3:dc:68:05:dd:87:f2:93:0f:e2:af:
60:0d:1c:d5:db:d8:8c:50:85:18:ec:f3:66:59:2b:
81:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DD:7B:E5:5B:44:57:9E:68:F0:76:AD:0C:39:35:35:88:85:6D:15
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS198250.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.229.0/24
148.135.185.0/24
155.117.118.0/24
155.117.158.0/24
155.117.179.0/24
162.141.113.0/24
168.222.15.0/24
Signature Algorithm: sha256WithRSAEncryption
72:a4:8f:91:e0:a3:2d:9b:d5:99:fc:8a:a9:d1:5c:a6:d9:99:
3a:06:6f:83:8b:56:66:ee:90:cd:14:8d:11:2d:e1:9c:ce:54:
14:61:26:fa:15:51:a8:60:fc:8f:45:2d:09:54:98:47:9d:cd:
f0:9f:a3:e6:85:f8:93:b9:1b:1e:53:94:61:8d:6f:f7:4c:18:
0d:03:52:32:4b:98:0e:4c:0c:66:05:c5:d4:76:ac:42:62:09:
49:d2:1f:d8:21:5e:62:f7:f2:ba:7b:13:4a:15:3b:e0:12:d9:
e6:50:de:f4:17:4a:c8:70:f2:8a:bb:d2:4a:17:5a:a6:c3:25:
30:d7:65:21:47:1d:69:60:da:6a:d2:56:5a:42:cf:68:a3:51:
ae:5f:ea:3b:ba:77:75:c4:df:b0:34:11:33:2d:1d:02:c3:a9:
ea:f5:4c:a8:f2:93:a8:39:52:22:f6:a6:f0:09:1d:c0:1f:f8:
09:a6:25:bb:a5:4c:e9:09:e4:3f:a4:79:1a:e3:c0:5e:7e:7f:
ee:1f:4f:0c:b0:dc:e4:d4:10:c9:ea:5b:bb:fb:55:60:f5:77:
fb:35:95:34:1b:f9:f5:18:9f:08:ac:0b:d1:b9:64:6f:18:04:
fc:6b:ba:a9:df:e4:d7:be:72:c3:1c:33:ad:c4:7e:a5:78:c9:
43:cf:8c:3a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUWpN5xPo5JGy3fphQbjKnp0hQAj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTMyMzQ5NDZaFw0yNzA0MTIyMzU0NDZaMDMxMTAvBgNV
BAMTKDYwREQ3QkU1NUI0NDU3OUU2OEYwNzZBRDBDMzkzNTM1ODg4NTZEMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQvM9xAa+p8UhJMWYX0KwU5lcE
urZeG+y6MGKgBHvnHIx8MyRkoJNAvoYD+AIDL3RHMTrE2Dhh2vyEfy08XfbZ9HwF
zROtzqYgLK294i5QEsn8Ccpnq4loCG1XUYaxBKfMXAE/4sQt1uP+OHrJlk4e2wVi
9QfQLA65huVk+w7cNLJMdKVlPhlelzM64ou1/Sx7ugjB9Wvtyg+AR2PamQ/mowxR
ag0fumROlpc4t5BQ5Z+j1IT/X275FrQOYO+56QZ92dI2yVoVAwNkeMtKw7odH2uH
8G3CAKphKvggGiq5J2giSd/T3GgF3Yfykw/ir2ANHNXb2IxQhRjs82ZZK4EdAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUYN175VtEV55o8HatDDk1NYiFbRUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTk4MjUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAjw7l
AwQAlIe5AwQAm3V2AwQAm3WeAwQAm3WzAwQAoo1xAwQAqN4PMA0GCSqGSIb3DQEB
CwUAA4IBAQBypI+R4KMtm9WZ/Iqp0Vym2Zk6Bm+Di1Zm7pDNFI0RLeGczlQUYSb6
FVGoYPyPRS0JVJhHnc3wn6PmhfiTuRseU5RhjW/3TBgNA1IyS5gOTAxmBcXUdqxC
YglJ0h/YIV5i9/K6exNKFTvgEtnmUN70F0rIcPKKu9JKF1qmwyUw12UhRx1pYNpq
0lZaQs9oo1GuX+o7und1xN+wNBEzLR0Cw6nq9Uyo8pOoOVIi9qbwCR3AH/gJpiW7
pUzpCeQ/pHka48Befn/uH08MsNzk1BDJ6lu7+1Vg9Xf7NZU0G/n1GJ8IrAvRuWRv
GAT8a7qp3+TXvnLDHDOtxH6leMlDz4w6
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:06 2026 by rpki-client