Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204765.roa
File: AS204765.roa (raw, json)
Hash identifier: 5pXFp0kL3v49hgfP/yTcubfyFexONr96ACU/Odhn91A=
Subject key identifier: 66:AB:07:14:E4:52:74:19:34:AE:7F:5D:5B:0F:95:41:98:0D:84:08
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7BF37879CC2C8A585DA8A17F9DD07295FE7DFEAE
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204765.roa
Signing time: Fri 27 Mar 2026 16:35:36 +0000
ROA not before: Fri 27 Mar 2026 16:30:36 +0000
ROA not after: Fri 26 Mar 2027 16:35:36 +0000
asID: 204765
IP address blocks: 143.14.252.0/24 maxlen: 24
148.135.171.0/24 maxlen: 24
155.117.141.0/24 maxlen: 24
155.117.154.0/24 maxlen: 24
155.117.241.0/24 maxlen: 24
162.141.139.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
167.148.2.0/24 maxlen: 24
167.148.8.0/24 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.122.0/24 maxlen: 24
167.148.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:f3:78:79:cc:2c:8a:58:5d:a8:a1:7f:9d:d0:72:95:fe:7d:fe:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 27 16:30:36 2026 GMT
Not After : Mar 26 16:35:36 2027 GMT
Subject: CN=66AB0714E452741934AE7F5D5B0F9541980D8408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:90:ef:69:40:ba:7a:20:55:18:d1:54:36:f8:
3d:91:7f:5b:ba:51:b6:a6:9f:a2:bb:25:00:86:b2:
b4:06:3f:9b:bb:ab:12:a2:a8:24:75:0b:d0:5a:e9:
f7:64:8f:05:be:d8:d4:6d:a4:e0:63:68:69:8d:da:
55:55:25:5a:1a:6d:f2:78:29:cb:90:76:29:e3:7e:
3c:5e:cf:32:e9:c1:7c:33:75:cd:7d:96:eb:eb:f5:
b5:f0:cb:d4:a3:25:b9:da:c0:29:5d:b8:33:89:14:
f7:5c:69:c0:cd:48:04:7b:56:7a:5f:91:8d:d3:7f:
80:97:1f:ba:2c:ce:6f:12:92:0c:53:ac:f8:c9:e9:
ab:4b:52:01:4e:65:c7:25:7e:51:c7:c1:2d:fc:7b:
4c:4e:03:65:94:67:06:25:c9:ea:9e:d7:ea:43:bd:
ef:7d:06:9a:1d:10:15:b3:4b:b4:4e:1e:15:7b:8b:
35:32:1d:f6:44:37:83:62:6e:fb:ff:14:88:69:98:
4e:f2:cf:ea:ea:5c:fd:eb:4e:4f:7d:76:d3:fa:93:
8b:f2:92:f0:68:2c:aa:d2:f9:9f:47:c0:e7:32:8a:
8f:38:48:21:e8:0f:22:23:8c:2b:2b:bf:5e:5f:4c:
11:60:33:65:cb:f4:f2:ab:dd:84:39:19:8c:4c:59:
72:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AB:07:14:E4:52:74:19:34:AE:7F:5D:5B:0F:95:41:98:0D:84:08
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204765.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.252.0/24
148.135.171.0/24
155.117.141.0/24
155.117.154.0/24
155.117.241.0/24
162.141.139.0/24
162.141.153.0/24
167.148.2.0/24
167.148.8.0/24
167.148.68.0/24
167.148.122.0/24
167.148.197.0/24
Signature Algorithm: sha256WithRSAEncryption
74:eb:ae:7b:66:a7:9d:f1:5c:4e:7f:c3:6c:d7:92:b7:05:f2:
5d:03:b2:58:d3:ba:53:2c:8d:2d:e7:0d:b5:15:a9:6c:80:9c:
c0:83:dc:ef:d8:de:2d:5d:3d:98:15:03:bd:06:1b:9a:8b:66:
3d:7f:2b:3b:a5:dc:93:59:46:33:32:86:8e:1e:8e:e4:c0:b2:
03:29:c7:e1:1d:4a:aa:1d:2a:85:dd:af:f9:0c:aa:41:db:0c:
b8:09:0e:ee:e4:4f:8f:87:86:5b:4e:62:80:12:e1:a4:bc:73:
1a:ff:f3:88:47:e4:89:75:6d:02:8a:25:d4:87:0e:56:b6:f1:
cd:35:c7:e5:48:89:bc:b8:a4:e9:3c:5b:dd:e6:86:c7:92:75:
dd:02:7f:70:72:d5:7e:9c:cc:f9:42:79:cf:9e:b0:6a:b6:f8:
e7:09:f9:aa:18:75:cf:2c:9e:a0:4a:26:be:3c:13:c1:7b:44:
87:7e:20:93:58:a2:85:e3:e1:57:96:e3:b9:ab:d3:fc:18:2e:
67:0b:ae:01:aa:aa:29:66:ae:c4:37:89:e2:3c:1f:b4:da:c8:
9e:e4:57:c4:52:de:e2:94:43:1c:d9:91:b4:91:4f:e1:e6:88:
79:2e:17:0b:e8:b9:49:9b:75:b6:7c:06:3c:d5:fa:db:4a:3e:
29:30:49:3a
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUe/N4ecwsilhdqKF/ndBylf59/q4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjcxNjMwMzZaFw0yNzAzMjYxNjM1MzZaMDMxMTAvBgNV
BAMTKDY2QUIwNzE0RTQ1Mjc0MTkzNEFFN0Y1RDVCMEY5NTQxOTgwRDg0MDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8kO9pQLp6IFUY0VQ2+D2Rf1u6
Ubamn6K7JQCGsrQGP5u7qxKiqCR1C9Ba6fdkjwW+2NRtpOBjaGmN2lVVJVoabfJ4
KcuQdinjfjxezzLpwXwzdc19luvr9bXwy9SjJbnawClduDOJFPdcacDNSAR7Vnpf
kY3Tf4CXH7oszm8SkgxTrPjJ6atLUgFOZcclflHHwS38e0xOA2WUZwYlyeqe1+pD
ve99BpodEBWzS7ROHhV7izUyHfZEN4Nibvv/FIhpmE7yz+rqXP3rTk99dtP6k4vy
kvBoLKrS+Z9HwOcyio84SCHoDyIjjCsrv15fTBFgM2XL9PKr3YQ5GYxMWXIBAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUZqsHFORSdBk0rn9dWw+VQZgNhAgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAjw78
AwQAlIerAwQAm3WNAwQAm3WaAwQAm3XxAwQAoo2LAwQAoo2ZAwQAp5QCAwQAp5QI
AwQAp5REAwQAp5R6AwQAp5TFMA0GCSqGSIb3DQEBCwUAA4IBAQB06657Zqed8VxO
f8Ns15K3BfJdA7JY07pTLI0t5w21FalsgJzAg9zv2N4tXT2YFQO9Bhuai2Y9fys7
pdyTWUYzMoaOHo7kwLIDKcfhHUqqHSqF3a/5DKpB2wy4CQ7u5E+Ph4ZbTmKAEuGk
vHMa//OIR+SJdW0CiiXUhw5WtvHNNcflSIm8uKTpPFvd5obHknXdAn9wctV+nMz5
QnnPnrBqtvjnCfmqGHXPLJ6gSia+PBPBe0SHfiCTWKKF4+FXluO5q9P8GC5nC64B
qqopZq7EN4niPB+02sie5FfEUt7ilEMc2ZG0kU/h5oh5LhcL6LlJm3W2fAY81frb
Sj4pMEk6
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:10:54 2026 by rpki-client