Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204957.roa
File: AS204957.roa (raw, json)
Hash identifier: NuO0qMom73MxkmUvy4wXwrY1/GeE9BoFEH7akCRfuPs=
Subject key identifier: 41:C2:3D:8E:B1:D0:CE:C5:91:E3:81:D5:63:CA:E7:2B:BB:C8:C8:05
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0F8B0E07A8C8594305B65AD57D3B643C825D472F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204957.roa
Signing time: Thu 22 Jan 2026 09:55:35 +0000
ROA not before: Thu 22 Jan 2026 09:50:35 +0000
ROA not after: Thu 21 Jan 2027 09:55:35 +0000
asID: 204957
IP address blocks: 150.241.214.0/24 maxlen: 24
150.241.224.0/24 maxlen: 24
150.241.225.0/24 maxlen: 24
150.241.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:8b:0e:07:a8:c8:59:43:05:b6:5a:d5:7d:3b:64:3c:82:5d:47:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 22 09:50:35 2026 GMT
Not After : Jan 21 09:55:35 2027 GMT
Subject: CN=41C23D8EB1D0CEC591E381D563CAE72BBBC8C805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ab:b3:6e:f6:5e:3d:8a:e7:5d:f7:59:85:4c:
5f:da:1a:8d:ce:bf:41:f8:6f:14:4f:78:ed:c0:54:
23:b0:28:4d:d2:6d:3d:06:01:92:09:e3:39:a9:73:
82:8d:9f:b2:ed:1f:0f:2a:2c:84:d6:f0:ef:3f:1e:
a6:5a:38:54:9a:91:dc:53:92:f3:0f:3f:48:a8:45:
64:2b:0e:28:6b:93:e4:99:ea:2b:aa:73:a3:f5:45:
d0:c4:eb:02:bb:99:42:e0:1b:c3:b4:fe:09:73:45:
db:12:aa:3b:cc:d8:86:61:c7:95:2d:ef:65:2f:89:
58:0d:68:72:7a:49:49:33:aa:66:57:d2:76:51:f0:
99:8b:e6:4a:f3:b0:48:4e:06:23:84:66:7a:27:8d:
97:7f:c9:78:90:bb:0c:a9:fd:18:83:05:21:04:d3:
13:95:60:b8:45:76:c6:fe:0f:4a:8c:e9:94:07:00:
1e:3c:4c:84:6c:ee:d1:8b:83:da:27:25:78:00:d3:
51:3d:28:40:b3:3c:5b:17:06:e1:37:0e:cf:7b:9d:
8d:e4:0f:32:3b:cf:f9:f0:bb:b2:a4:62:80:1a:c4:
2b:3d:b2:4f:c0:10:d3:06:72:a7:4c:b5:22:61:74:
bf:fc:5d:2d:ad:4e:85:71:44:7a:c2:58:80:3a:5e:
25:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C2:3D:8E:B1:D0:CE:C5:91:E3:81:D5:63:CA:E7:2B:BB:C8:C8:05
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS204957.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.214.0/24
150.241.224.0/23
150.241.235.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:27:a2:b8:fc:27:75:f6:24:e8:63:8d:83:52:30:66:2b:79:
3a:2d:e7:9b:9f:cf:03:1a:92:40:e9:63:a2:dc:e5:4c:25:37:
39:61:1a:fa:85:79:f8:49:e5:65:e4:ee:25:cd:a4:e4:28:3a:
88:3a:11:7d:23:62:53:02:06:dc:91:79:62:89:43:d2:86:3b:
69:e0:1b:39:db:62:6c:5d:7b:4c:d5:f4:f8:85:f7:a3:53:8a:
5c:e7:54:94:e3:d5:6f:92:f9:bd:5e:f5:63:2a:12:be:77:12:
00:18:ea:88:81:47:05:93:c2:86:47:8d:d6:17:10:e1:96:a2:
c2:f7:5b:fb:60:8b:75:da:f9:3a:22:c8:9f:4d:66:ca:b3:67:
d8:a5:95:ca:68:98:3f:07:65:91:3f:e8:6d:bb:a6:11:16:fb:
02:b8:c0:cd:b5:96:4a:36:06:12:55:b3:fa:20:1e:9b:04:b3:
c6:23:00:4d:fa:b6:e8:44:c6:99:2a:f8:38:41:f1:82:a2:21:
4e:22:1d:45:d9:04:bc:04:ca:67:45:cd:71:67:bc:db:0a:81:
f5:86:33:12:9c:73:b2:39:f5:3d:d6:71:1d:b9:86:70:ec:97:
ea:b0:28:42:3e:20:15:0e:99:74:31:5b:e6:ac:c3:71:d3:b8:
21:78:e0:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUD4sOB6jIWUMFtlrVfTtkPIJdRy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAxMjIwOTUwMzVaFw0yNzAxMjEwOTU1MzVaMDMxMTAvBgNV
BAMTKDQxQzIzRDhFQjFEMENFQzU5MUUzODFENTYzQ0FFNzJCQkJDOEM4MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUq7Nu9l49iudd91mFTF/aGo3O
v0H4bxRPeO3AVCOwKE3SbT0GAZIJ4zmpc4KNn7LtHw8qLITW8O8/HqZaOFSakdxT
kvMPP0ioRWQrDihrk+SZ6iuqc6P1RdDE6wK7mULgG8O0/glzRdsSqjvM2IZhx5Ut
72UviVgNaHJ6SUkzqmZX0nZR8JmL5krzsEhOBiOEZnonjZd/yXiQuwyp/RiDBSEE
0xOVYLhFdsb+D0qM6ZQHAB48TIRs7tGLg9onJXgA01E9KECzPFsXBuE3Ds97nY3k
DzI7z/nwu7KkYoAaxCs9sk/AENMGcqdMtSJhdL/8XS2tToVxRHrCWIA6XiX9AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUQcI9jrHQzsWR44HVY8rnK7vIyAUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0OTU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAlvHW
AwQBlvHgAwQAlvHrMA0GCSqGSIb3DQEBCwUAA4IBAQAvJ6K4/Cd19iToY42DUjBm
K3k6Leebn88DGpJA6WOi3OVMJTc5YRr6hXn4SeVl5O4lzaTkKDqIOhF9I2JTAgbc
kXliiUPShjtp4Bs522JsXXtM1fT4hfejU4pc51SU49Vvkvm9XvVjKhK+dxIAGOqI
gUcFk8KGR43WFxDhlqLC91v7YIt12vk6IsifTWbKs2fYpZXKaJg/B2WRP+htu6YR
FvsCuMDNtZZKNgYSVbP6IB6bBLPGIwBN+rboRMaZKvg4QfGCoiFOIh1F2QS8BMpn
Rc1xZ7zbCoH1hjMSnHOyOfU91nEduYZw7JfqsChCPiAVDpl0MVvmrMNx07gheOD/
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:27:57 2026 by rpki-client