Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203054.roa
File: AS203054.roa (raw, json)
Hash identifier: 4jAeLiIZYD8Aoj2iHt7kY+LPryMmfK2mY5bjF5+LXUI=
Subject key identifier: 58:66:8D:69:61:DC:8D:B9:53:13:BA:14:4B:4B:DC:26:3B:B2:CD:1E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5BFFE3E9D7B790549A54A6CD81253C7AC3CCD4A7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203054.roa
Signing time: Fri 17 Apr 2026 03:54:26 +0000
ROA not before: Fri 17 Apr 2026 03:49:26 +0000
ROA not after: Fri 16 Apr 2027 03:54:26 +0000
asID: 203054
IP address blocks: 143.14.82.0/24 maxlen: 24
143.14.123.0/24 maxlen: 24
143.14.182.0/24 maxlen: 24
150.241.143.0/24 maxlen: 24
155.117.136.0/24 maxlen: 24
162.141.83.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
168.222.25.0/24 maxlen: 24
168.222.79.0/24 maxlen: 24
168.222.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:ff:e3:e9:d7:b7:90:54:9a:54:a6:cd:81:25:3c:7a:c3:cc:d4:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 17 03:49:26 2026 GMT
Not After : Apr 16 03:54:26 2027 GMT
Subject: CN=58668D6961DC8DB95313BA144B4BDC263BB2CD1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:70:d4:d7:48:3a:1e:fa:5f:6e:23:19:3a:56:
60:84:92:6a:a5:91:b4:f7:f6:c0:82:43:de:3c:04:
b6:33:9b:ae:a7:71:50:30:6a:4a:f8:a3:ea:55:15:
13:53:00:d1:aa:c2:28:43:d9:78:dd:43:58:52:25:
8b:11:34:79:5a:f4:49:2f:d1:19:6e:e1:f3:36:10:
f3:76:d9:a9:2b:e7:24:59:7b:e1:bd:f9:a9:6e:98:
b4:38:f4:ad:92:40:ee:b2:a1:af:31:86:b5:37:bd:
d4:6a:31:ac:35:6c:45:7f:2f:e8:ed:4e:6d:7b:dd:
63:90:cf:e9:3f:51:e7:28:be:96:fd:4c:35:4b:ab:
40:9f:4f:d6:9b:9c:6f:fc:3e:f5:a7:25:37:2f:fd:
09:19:4b:89:2a:19:b6:35:9b:17:30:59:80:c2:16:
42:41:4d:16:f2:50:7d:6a:88:ec:39:ff:4e:b5:41:
2a:48:ef:05:02:35:0b:e2:e9:d4:00:f8:58:5d:37:
ea:9c:45:a0:bf:b7:ee:06:b7:b4:cc:9b:31:6d:89:
5a:9f:c5:ab:51:6b:51:20:3f:22:a1:7a:ee:53:fb:
55:93:cb:fa:38:a7:10:8d:44:5c:37:6e:dd:fe:e6:
45:6a:38:d9:80:50:ab:35:8d:b9:86:83:7c:ed:e6:
ec:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:66:8D:69:61:DC:8D:B9:53:13:BA:14:4B:4B:DC:26:3B:B2:CD:1E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203054.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.82.0/24
143.14.123.0/24
143.14.182.0/24
150.241.143.0/24
155.117.136.0/24
162.141.83.0/24
162.141.116.0/24
168.222.25.0/24
168.222.79.0/24
168.222.107.0/24
Signature Algorithm: sha256WithRSAEncryption
25:38:45:25:55:82:d9:12:99:d7:2c:46:1b:a7:54:da:9a:5a:
25:47:de:f8:33:8c:fa:87:0d:c5:48:71:b9:94:82:1c:c3:01:
eb:c9:8e:70:32:46:96:5b:d1:3b:92:76:99:0d:f6:e3:a0:84:
00:29:f7:25:90:74:04:26:83:1c:61:a7:ba:f3:64:78:c4:a1:
62:46:9e:d3:71:d1:4c:e4:6e:2e:90:23:18:24:3d:62:7e:3d:
0b:63:9f:b1:b1:25:a1:b5:98:b3:62:bb:7a:5b:03:51:7a:4b:
9c:f6:57:b4:b3:2a:e3:63:1c:b7:4e:6f:a3:e9:56:0a:c3:43:
5f:7e:90:51:25:61:6d:84:91:12:91:dc:fc:42:bd:07:76:c7:
95:c0:7b:d7:aa:34:26:11:24:38:cc:2a:de:81:1d:5e:a8:13:
a8:45:94:60:e1:17:d0:e9:a5:3e:44:8f:03:e5:ab:2e:e8:15:
81:40:b0:44:64:81:25:ea:57:7d:0e:02:d8:a4:ed:b3:fc:0b:
28:4f:d1:67:7d:00:9b:0e:08:ea:70:12:e7:8b:d1:84:bc:ff:
f5:14:69:75:40:a2:ba:68:51:9f:07:61:df:d4:40:f7:00:47:
de:9c:e0:84:70:9d:95:a5:1f:4f:09:d5:de:df:a4:b6:eb:ec:
51:25:04:25
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUW//j6de3kFSaVKbNgSU8esPM1KcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTcwMzQ5MjZaFw0yNzA0MTYwMzU0MjZaMDMxMTAvBgNV
BAMTKDU4NjY4RDY5NjFEQzhEQjk1MzEzQkExNDRCNEJEQzI2M0JCMkNEMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFcNTXSDoe+l9uIxk6VmCEkmql
kbT39sCCQ948BLYzm66ncVAwakr4o+pVFRNTANGqwihD2XjdQ1hSJYsRNHla9Ekv
0Rlu4fM2EPN22akr5yRZe+G9+alumLQ49K2SQO6yoa8xhrU3vdRqMaw1bEV/L+jt
Tm173WOQz+k/Uecovpb9TDVLq0CfT9abnG/8PvWnJTcv/QkZS4kqGbY1mxcwWYDC
FkJBTRbyUH1qiOw5/061QSpI7wUCNQvi6dQA+FhdN+qcRaC/t+4Gt7TMmzFtiVqf
xatRa1EgPyKheu5T+1WTy/o4pxCNRFw3bt3+5kVqONmAUKs1jbmGg3zt5uxRAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUWGaNaWHcjblTE7oUS0vcJjuyzR4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAzMDU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAjw5S
AwQAjw57AwQAjw62AwQAlvGPAwQAm3WIAwQAoo1TAwQAoo10AwQAqN4ZAwQAqN5P
AwQAqN5rMA0GCSqGSIb3DQEBCwUAA4IBAQAlOEUlVYLZEpnXLEYbp1TamlolR974
M4z6hw3FSHG5lIIcwwHryY5wMkaWW9E7knaZDfbjoIQAKfclkHQEJoMcYae682R4
xKFiRp7TcdFM5G4ukCMYJD1ifj0LY5+xsSWhtZizYrt6WwNRekuc9le0syrjYxy3
Tm+j6VYKw0NffpBRJWFthJESkdz8Qr0HdseVwHvXqjQmESQ4zCregR1eqBOoRZRg
4RfQ6aU+RI8D5asu6BWBQLBEZIEl6ld9DgLYpO2z/AsoT9FnfQCbDgjqcBLni9GE
vP/1FGl1QKK6aFGfB2Hf1ED3AEfenOCEcJ2VpR9PCdXe36S26+xRJQQl
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:11:35 2026 by rpki-client