Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS205489.roa
File: AS205489.roa (raw, json)
Hash identifier: 5IJRdchaVh0huSGb5mU+D47yNtfpxHzT+RDatvd8Ba0=
Subject key identifier: DE:D1:9F:BC:39:E0:AD:CC:9E:AD:B8:17:7F:51:E3:93:98:50:69:4E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 73065D36787C85AC35A98897F71A95DF400AAE65
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS205489.roa
Signing time: Sat 06 Jun 2026 18:16:19 +0000
ROA not before: Sat 06 Jun 2026 18:11:19 +0000
ROA not after: Sat 05 Jun 2027 18:16:19 +0000
asID: 205489
IP address blocks: 140.150.239.0/24 maxlen: 24
143.14.23.0/24 maxlen: 24
143.14.123.0/24 maxlen: 24
143.14.128.0/24 maxlen: 24
143.14.131.0/24 maxlen: 24
143.14.147.0/24 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.174.0/24 maxlen: 24
143.14.183.0/24 maxlen: 24
143.14.208.0/24 maxlen: 24
146.103.37.0/24 maxlen: 24
147.79.16.0/24 maxlen: 24
150.241.140.0/24 maxlen: 24
155.117.113.0/24 maxlen: 24
155.117.124.0/24 maxlen: 24
155.117.143.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
155.117.156.0/24 maxlen: 24
155.117.158.0/24 maxlen: 24
155.117.178.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.205.0/24 maxlen: 24
162.141.4.0/24 maxlen: 24
162.141.66.0/24 maxlen: 24
162.141.67.0/24 maxlen: 24
162.141.69.0/24 maxlen: 24
162.141.96.0/24 maxlen: 24
167.148.83.0/24 maxlen: 24
167.148.105.0/24 maxlen: 24
167.148.141.0/24 maxlen: 24
167.148.177.0/24 maxlen: 24
167.148.189.0/24 maxlen: 24
167.148.206.0/24 maxlen: 24
168.222.13.0/24 maxlen: 24
168.222.24.0/24 maxlen: 24
168.222.42.0/24 maxlen: 24
168.222.45.0/24 maxlen: 24
168.222.48.0/24 maxlen: 24
168.222.67.0/24 maxlen: 24
168.222.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:06:5d:36:78:7c:85:ac:35:a9:88:97:f7:1a:95:df:40:0a:ae:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 18:11:19 2026 GMT
Not After : Jun 5 18:16:19 2027 GMT
Subject: CN=DED19FBC39E0ADCC9EADB8177F51E3939850694E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:72:d2:7f:73:70:84:96:e3:f1:eb:b1:f6:58:
c8:34:83:a6:59:ce:f5:86:1d:ac:ca:91:34:32:8e:
64:08:43:39:78:07:e7:33:c1:30:f6:2c:f7:e3:76:
f2:04:3a:ac:9f:0a:e0:bd:61:fa:38:ed:50:3d:de:
22:9e:e0:36:58:3f:aa:bd:0e:87:d0:62:88:5c:18:
6d:f0:c6:be:72:3b:fd:86:1e:93:65:40:37:96:89:
f7:34:b6:ed:b5:f2:40:b8:34:be:39:29:b7:51:15:
5c:bf:37:5e:39:db:b0:90:2a:d4:31:c9:13:38:8b:
13:f4:8a:d4:36:d7:b3:30:5f:82:23:ea:3a:94:23:
8a:86:96:a2:2a:c4:12:38:3c:c1:26:96:e5:ff:74:
7d:a2:3f:4d:71:05:a6:d4:1c:04:bd:7c:5a:f4:3a:
4a:45:cb:41:97:68:14:17:06:13:a3:49:e6:a6:f8:
b9:c8:e1:db:74:d0:79:1e:4f:0b:77:3b:d6:5f:dc:
43:a4:f4:62:02:df:57:a5:05:29:69:c7:a4:83:e7:
8e:9a:2e:43:78:8f:e0:ff:00:6b:72:20:3d:6e:18:
59:92:21:a4:e3:4b:b6:0f:ba:13:44:9d:45:e0:1e:
5d:6e:4d:b3:d5:8b:48:5b:7e:20:97:54:ce:60:7e:
29:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D1:9F:BC:39:E0:AD:CC:9E:AD:B8:17:7F:51:E3:93:98:50:69:4E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS205489.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.239.0/24
143.14.23.0/24
143.14.123.0/24
143.14.128.0/24
143.14.131.0/24
143.14.147.0/24
143.14.152.0/24
143.14.174.0/24
143.14.183.0/24
143.14.208.0/24
146.103.37.0/24
147.79.16.0/24
150.241.140.0/24
155.117.113.0/24
155.117.124.0/24
155.117.143.0/24
155.117.150.0/24
155.117.156.0/24
155.117.158.0/24
155.117.178.0/24
155.117.186.0/24
155.117.205.0/24
162.141.4.0/24
162.141.66.0/23
162.141.69.0/24
162.141.96.0/24
167.148.83.0/24
167.148.105.0/24
167.148.141.0/24
167.148.177.0/24
167.148.189.0/24
167.148.206.0/24
168.222.13.0/24
168.222.24.0/24
168.222.42.0/24
168.222.45.0/24
168.222.48.0/24
168.222.67.0/24
168.222.77.0/24
Signature Algorithm: sha256WithRSAEncryption
58:3c:da:b8:e6:cb:90:fa:f8:67:89:23:24:12:53:11:82:65:
69:c4:2b:fe:c7:30:b3:05:2a:a5:1e:bb:90:c1:89:11:a4:81:
66:dd:e5:8c:9f:09:93:38:05:d1:ca:52:6f:80:97:e2:c2:aa:
fa:c8:f6:b0:a3:bf:b7:67:fc:28:01:37:d1:7b:4e:59:10:1e:
9b:6f:b3:d2:21:07:0c:70:53:e6:16:1d:7f:53:e4:fa:a8:5a:
32:75:30:54:b3:bc:ea:b5:fe:0e:6e:48:69:27:0e:eb:53:0f:
c8:5d:fb:d4:a2:c4:94:ff:d1:68:fd:07:21:52:27:6f:a1:25:
61:c0:d3:df:fd:79:c4:d8:b5:8e:cd:43:c2:0d:f4:9a:0d:97:
08:c9:f0:c5:71:60:64:1e:48:64:b6:cc:40:05:c6:d8:f9:c6:
ef:bb:ea:af:22:a4:05:3c:dd:45:6b:3d:3f:ff:ab:5a:2e:c6:
3b:5c:c4:bd:a1:4b:49:b6:25:11:1b:d9:54:ef:11:97:af:00:
d8:50:bf:aa:61:7a:dd:6b:df:55:53:0b:b9:55:bb:32:87:a2:
2a:96:43:bf:53:82:fb:6e:5b:a0:a1:67:fb:ee:02:d2:cd:ab:
ca:62:58:03:57:99:b3:b8:9e:86:c3:39:79:e1:9d:ea:88:d8:
98:56:57:23
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgIUcwZdNnh8haw1qYiX9xqV30AKrmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDYxODExMTlaFw0yNzA2MDUxODE2MTlaMDMxMTAvBgNV
BAMTKERFRDE5RkJDMzlFMEFEQ0M5RUFEQjgxNzdGNTFFMzkzOTg1MDY5NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ctJ/c3CEluPx67H2WMg0g6ZZ
zvWGHazKkTQyjmQIQzl4B+czwTD2LPfjdvIEOqyfCuC9Yfo47VA93iKe4DZYP6q9
DofQYohcGG3wxr5yO/2GHpNlQDeWifc0tu218kC4NL45KbdRFVy/N14527CQKtQx
yRM4ixP0itQ217MwX4Ij6jqUI4qGlqIqxBI4PMEmluX/dH2iP01xBabUHAS9fFr0
OkpFy0GXaBQXBhOjSeam+LnI4dt00HkeTwt3O9Zf3EOk9GIC31elBSlpx6SD546a
LkN4j+D/AGtyID1uGFmSIaTjS7YPuhNEnUXgHl1uTbPVi0hbfiCXVM5gfinDAgMB
AAGjggL0MIIC8DAdBgNVHQ4EFgQU3tGfvDngrcyerbgXf1Hjk5hQaU4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA1NDg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHq
AwQAjJbvAwQAjw4XAwQAjw57AwQAjw6AAwQAjw6DAwQAjw6TAwQAjw6YAwQAjw6u
AwQAjw63AwQAjw7QAwQAkmclAwQAk08QAwQAlvGMAwQAm3VxAwQAm3V8AwQAm3WP
AwQAm3WWAwQAm3WcAwQAm3WeAwQAm3WyAwQAm3W6AwQAm3XNAwQAoo0EAwQBoo1C
AwQAoo1FAwQAoo1gAwQAp5RTAwQAp5RpAwQAp5SNAwQAp5SxAwQAp5S9AwQAp5TO
AwQAqN4NAwQAqN4YAwQAqN4qAwQAqN4tAwQAqN4wAwQAqN5DAwQAqN5NMA0GCSqG
SIb3DQEBCwUAA4IBAQBYPNq45suQ+vhniSMkElMRgmVpxCv+xzCzBSqlHruQwYkR
pIFm3eWMnwmTOAXRylJvgJfiwqr6yPawo7+3Z/woATfRe05ZEB6bb7PSIQcMcFPm
Fh1/U+T6qFoydTBUs7zqtf4ObkhpJw7rUw/IXfvUosSU/9Fo/QchUidvoSVhwNPf
/XnE2LWOzUPCDfSaDZcIyfDFcWBkHkhktsxABcbY+cbvu+qvIqQFPN1Faz0//6ta
LsY7XMS9oUtJtiURG9lU7xGXrwDYUL+qYXrda99VUwu5Vbsyh6IqlkO/U4L7blug
oWf77gLSzavKYlgDV5mzuJ6Gwzl54Z3qiNiYVlcj
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:38:01 2026 by rpki-client