Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204765.roa
File: AS204765.roa (raw, json)
Hash identifier: CQmY+PMvcg1XAkNm0NhcExP2x0CGsGKcuVP5dsLyT58=
Subject key identifier: 3B:ED:D3:DE:99:02:62:65:ED:44:90:9A:E0:BB:61:79:F0:68:E3:2C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4F93237E70252D383445B5B94CFCC4C9D7AFE2BB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204765.roa
Signing time: Sat 06 Jun 2026 17:58:14 +0000
ROA not before: Sat 06 Jun 2026 17:53:14 +0000
ROA not after: Sat 05 Jun 2027 17:58:14 +0000
asID: 204765
IP address blocks: 143.14.252.0/24 maxlen: 24
148.135.171.0/24 maxlen: 24
155.117.141.0/24 maxlen: 24
155.117.154.0/24 maxlen: 24
155.117.241.0/24 maxlen: 24
162.141.139.0/24 maxlen: 24
167.148.2.0/24 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.122.0/24 maxlen: 24
167.148.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:93:23:7e:70:25:2d:38:34:45:b5:b9:4c:fc:c4:c9:d7:af:e2:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 17:53:14 2026 GMT
Not After : Jun 5 17:58:14 2027 GMT
Subject: CN=3BEDD3DE99026265ED44909AE0BB6179F068E32C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:15:db:1a:0e:7f:7a:9f:41:c5:69:f0:20:b1:
b1:f9:90:fe:d5:62:c0:ed:0a:60:20:2a:9b:17:04:
7c:6b:ed:86:78:64:f8:de:fb:ca:bd:4f:b7:9a:01:
da:f1:28:b5:6d:42:5f:0f:a5:45:ee:49:e9:2e:2b:
cf:6e:04:f7:b2:1a:40:99:b9:c3:9c:9d:09:82:0c:
b7:c6:d5:81:cd:75:07:81:ca:0e:e0:76:54:da:aa:
22:ba:5e:8a:dd:86:1d:fb:c0:69:31:1f:63:f7:1d:
43:07:b8:4b:26:06:84:bb:ee:80:5a:57:89:7e:14:
3d:f3:b5:c0:1c:37:b4:b5:56:45:d1:14:8a:1e:8f:
47:a6:34:75:72:aa:69:62:32:94:25:ba:23:12:cb:
20:dd:fe:aa:b0:b1:7f:41:44:1f:fe:67:57:ca:13:
42:09:16:87:e7:e0:46:ab:7d:e2:c3:b0:78:85:c4:
8f:c4:3f:b2:de:35:fc:12:d7:4a:80:66:3f:94:8e:
07:dd:25:19:e9:d3:2c:29:8a:84:ce:29:c7:9f:3b:
1d:76:15:54:5a:ae:a9:cd:43:99:41:1f:01:7a:df:
28:d0:45:5c:ed:8a:6b:87:40:cb:38:b2:16:1c:23:
ed:e8:a1:32:a2:b1:37:2b:22:35:46:1b:c5:ad:d0:
72:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:ED:D3:DE:99:02:62:65:ED:44:90:9A:E0:BB:61:79:F0:68:E3:2C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204765.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.252.0/24
148.135.171.0/24
155.117.141.0/24
155.117.154.0/24
155.117.241.0/24
162.141.139.0/24
167.148.2.0/24
167.148.68.0/24
167.148.122.0/24
167.148.197.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:34:7d:f2:df:2e:72:2f:56:48:4a:4e:ee:56:a2:04:48:b8:
80:03:8a:2c:41:16:e5:ac:ff:6b:85:48:72:7a:75:00:a7:c8:
46:0e:65:6d:3f:5f:43:4b:d0:fd:e9:53:3e:f9:7e:1b:7c:26:
73:cb:c1:3a:be:9b:09:6d:bd:82:cc:14:da:64:a7:c5:0b:62:
5c:3b:52:99:08:86:97:9a:03:40:34:43:dd:95:06:5c:5d:f7:
c7:22:54:12:c9:d3:28:57:09:d7:72:9d:a3:d6:b2:ff:62:a5:
0b:f3:af:6e:c3:07:bf:57:87:9c:83:79:e7:7e:ff:68:0e:28:
7b:84:96:a8:90:dc:1c:c8:a0:9b:40:87:20:82:fa:4a:4b:32:
a5:e4:ef:07:12:2f:ac:ff:c2:ec:70:6c:49:d0:62:74:48:c0:
72:ee:b0:bd:b2:9d:56:17:ee:75:37:aa:81:29:ba:92:00:fb:
4f:16:b2:49:4b:af:5b:a4:81:3f:8c:4c:af:24:2b:0b:1f:33:
8a:8d:4d:7a:b7:17:a0:fe:ef:c0:6a:75:50:1c:5f:da:a3:a3:
29:11:22:7b:75:4c:80:40:ca:4b:41:9a:4e:11:78:ac:45:09:
8d:52:80:2c:8d:e6:b6:5b:d8:14:d0:6d:c4:e4:64:23:f5:f4:
70:72:e2:0b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUT5MjfnAlLTg0RbW5TPzEydev4rswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDYxNzUzMTRaFw0yNzA2MDUxNzU4MTRaMDMxMTAvBgNV
BAMTKDNCRUREM0RFOTkwMjYyNjVFRDQ0OTA5QUUwQkI2MTc5RjA2OEUzMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzFdsaDn96n0HFafAgsbH5kP7V
YsDtCmAgKpsXBHxr7YZ4ZPje+8q9T7eaAdrxKLVtQl8PpUXuSekuK89uBPeyGkCZ
ucOcnQmCDLfG1YHNdQeByg7gdlTaqiK6Xordhh37wGkxH2P3HUMHuEsmBoS77oBa
V4l+FD3ztcAcN7S1VkXRFIoej0emNHVyqmliMpQluiMSyyDd/qqwsX9BRB/+Z1fK
E0IJFofn4EarfeLDsHiFxI/EP7LeNfwS10qAZj+UjgfdJRnp0ywpioTOKcefOx12
FVRarqnNQ5lBHwF63yjQRVztimuHQMs4shYcI+3ooTKisTcrIjVGG8Wt0HKVAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUO+3T3pkCYmXtRJCa4LthefBo4ywwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAjw78
AwQAlIerAwQAm3WNAwQAm3WaAwQAm3XxAwQAoo2LAwQAp5QCAwQAp5REAwQAp5R6
AwQAp5TFMA0GCSqGSIb3DQEBCwUAA4IBAQCsNH3y3y5yL1ZISk7uVqIESLiAA4os
QRblrP9rhUhyenUAp8hGDmVtP19DS9D96VM++X4bfCZzy8E6vpsJbb2CzBTaZKfF
C2JcO1KZCIaXmgNANEPdlQZcXffHIlQSydMoVwnXcp2j1rL/YqUL869uwwe/V4ec
g3nnfv9oDih7hJaokNwcyKCbQIcggvpKSzKl5O8HEi+s/8LscGxJ0GJ0SMBy7rC9
sp1WF+51N6qBKbqSAPtPFrJJS69bpIE/jEyvJCsLHzOKjU16txeg/u/AanVQHF/a
o6MpESJ7dUyAQMpLQZpOEXisRQmNUoAsjea2W9gU0G3E5GQj9fRwcuIL
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:46:27 2026 by rpki-client