Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS200957.roa
File: AS200957.roa (raw, json)
Hash identifier: JufnlDp2NVJ4roHruOxIKmwZT+UAQOCziUIO7zPQYQU=
Subject key identifier: B8:F7:F0:58:90:8E:A3:26:76:AC:9F:85:07:0D:C6:BF:56:73:19:8D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3EDA09B37BAD07B0712199CF85EE12AF14301E12
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS200957.roa
Signing time: Wed 18 Feb 2026 13:59:21 +0000
ROA not before: Wed 18 Feb 2026 13:54:21 +0000
ROA not after: Wed 17 Feb 2027 13:59:21 +0000
asID: 200957
IP address blocks: 140.150.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:da:09:b3:7b:ad:07:b0:71:21:99:cf:85:ee:12:af:14:30:1e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 18 13:54:21 2026 GMT
Not After : Feb 17 13:59:21 2027 GMT
Subject: CN=B8F7F058908EA32676AC9F85070DC6BF5673198D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f4:7a:0d:84:7f:5a:66:a3:0f:7d:66:71:d9:
40:da:8c:21:cd:1c:e3:af:33:fd:92:5d:25:25:a2:
e0:92:09:ba:07:8b:7e:6f:3a:51:3f:4d:78:b6:21:
13:64:cf:88:23:5b:96:e6:22:e4:c5:5f:be:56:3a:
d2:75:5c:0a:fc:6c:bd:ac:0c:e5:93:c1:93:70:09:
ef:17:fb:b8:50:87:33:57:d8:db:9f:de:9a:65:fe:
f6:54:47:8a:32:2c:5b:8a:4f:0a:07:39:ad:f7:97:
a0:89:7a:56:92:50:0d:96:42:c9:e8:d8:f9:c1:17:
a0:5f:5f:76:0c:95:3c:9b:80:ec:c3:98:b7:10:0d:
1d:ea:44:93:60:47:76:f7:7e:aa:aa:8e:32:67:1f:
61:80:c4:41:5a:7e:bc:32:40:2a:8b:0c:b7:48:81:
86:8a:c2:1c:3d:37:6d:d0:a4:e3:6a:2b:2f:80:8f:
12:b9:c3:46:de:dd:70:b2:d6:ae:0c:5a:fe:da:e2:
8e:10:dc:9d:10:fb:8f:05:fa:17:1c:29:c3:8e:47:
ca:ff:c0:e6:35:be:6d:7b:d9:13:cd:54:24:41:25:
3f:b8:a4:44:2e:00:60:3f:33:77:25:15:0e:bd:eb:
f9:6c:8e:c3:5a:ad:a7:c2:77:2d:57:7a:a2:db:60:
2a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F7:F0:58:90:8E:A3:26:76:AC:9F:85:07:0D:C6:BF:56:73:19:8D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS200957.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.155.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:4d:a7:98:cc:a0:4e:51:d1:d6:e4:d7:df:a9:fe:3e:da:fc:
64:82:9c:f6:45:40:5b:fe:b5:82:09:5f:8b:87:d2:ee:03:18:
6d:0b:24:d6:92:70:e0:6d:4f:f5:d0:55:33:a7:80:4f:b5:6d:
b0:95:5f:8e:c7:74:c0:1e:b8:86:30:6a:53:95:4d:ec:ac:fe:
df:50:dd:bd:c6:b8:67:31:49:87:0d:17:be:d3:6a:69:1a:2e:
e5:f0:8b:14:10:35:71:84:be:bf:ac:90:15:06:fa:49:e3:3f:
09:40:b3:08:b5:89:68:5f:97:74:ce:dc:e8:6d:cb:8a:6d:5f:
c2:c9:16:1b:87:46:db:8b:7a:09:d3:13:94:5f:15:a0:a9:ec:
30:c1:a8:c1:02:4f:b6:9b:72:73:bc:cb:c7:05:97:88:91:18:
9f:ea:23:70:77:bd:da:53:6c:89:1e:85:55:d2:23:0b:fd:89:
b9:2e:50:23:68:9c:fc:07:86:51:ba:c3:0c:5a:85:c0:79:60:
e2:1f:28:5a:7e:a9:55:04:5b:a8:57:ab:23:59:04:77:28:f0:
4d:28:94:95:ce:0f:3b:9a:fb:79:32:ac:28:af:da:aa:9f:a4:
33:af:b0:55:36:64:c2:67:e8:52:c5:0b:be:6f:03:be:21:6f:
b3:84:ba:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUPtoJs3utB7BxIZnPhe4SrxQwHhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTgxMzU0MjFaFw0yNzAyMTcxMzU5MjFaMDMxMTAvBgNV
BAMTKEI4RjdGMDU4OTA4RUEzMjY3NkFDOUY4NTA3MERDNkJGNTY3MzE5OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv9HoNhH9aZqMPfWZx2UDajCHN
HOOvM/2SXSUlouCSCboHi35vOlE/TXi2IRNkz4gjW5bmIuTFX75WOtJ1XAr8bL2s
DOWTwZNwCe8X+7hQhzNX2Nuf3ppl/vZUR4oyLFuKTwoHOa33l6CJelaSUA2WQsno
2PnBF6BfX3YMlTybgOzDmLcQDR3qRJNgR3b3fqqqjjJnH2GAxEFafrwyQCqLDLdI
gYaKwhw9N23QpONqKy+AjxK5w0be3XCy1q4MWv7a4o4Q3J0Q+48F+hccKcOOR8r/
wOY1vm172RPNVCRBJT+4pEQuAGA/M3clFQ696/lsjsNarafCdy1XeqLbYCr1AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUuPfwWJCOoyZ2rJ+FBw3Gv1ZzGY0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAwOTU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjJab
MA0GCSqGSIb3DQEBCwUAA4IBAQCcTaeYzKBOUdHW5Nffqf4+2vxkgpz2RUBb/rWC
CV+Lh9LuAxhtCyTWknDgbU/10FUzp4BPtW2wlV+Ox3TAHriGMGpTlU3srP7fUN29
xrhnMUmHDRe+02ppGi7l8IsUEDVxhL6/rJAVBvpJ4z8JQLMItYloX5d0ztzobcuK
bV/CyRYbh0bbi3oJ0xOUXxWgqewwwajBAk+2m3JzvMvHBZeIkRif6iNwd73aU2yJ
HoVV0iML/Ym5LlAjaJz8B4ZRusMMWoXAeWDiHyhafqlVBFuoV6sjWQR3KPBNKJSV
zg87mvt5Mqwor9qqn6Qzr7BVNmTCZ+hSxQu+bwO+IW+zhLrX
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:07:45 2026 by rpki-client