Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS207019.roa
File: AS207019.roa (raw, json)
Hash identifier: gT1wy/iNXRtZh4xF/bjksKOoqeu6fcPGNTY3Zqgf1BM=
Subject key identifier: CE:9E:F1:04:11:27:7A:31:B2:4E:D1:1A:AE:86:64:9C:47:15:9F:49
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 07EEEC1E6AB9E87C8767D2723DAF3DB78DA13E5B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS207019.roa
Signing time: Thu 05 Feb 2026 03:40:42 +0000
ROA not before: Thu 05 Feb 2026 03:35:42 +0000
ROA not after: Thu 04 Feb 2027 03:40:42 +0000
asID: 207019
IP address blocks: 143.14.22.0/24 maxlen: 24
155.117.242.0/24 maxlen: 24
168.222.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:ee:ec:1e:6a:b9:e8:7c:87:67:d2:72:3d:af:3d:b7:8d:a1:3e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 5 03:35:42 2026 GMT
Not After : Feb 4 03:40:42 2027 GMT
Subject: CN=CE9EF10411277A31B24ED11AAE86649C47159F49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:76:98:3a:0d:50:10:11:6c:84:21:9b:71:35:
4d:c4:6b:94:53:d8:a1:90:d3:a4:8e:7a:67:35:e6:
0f:dc:67:a2:56:65:21:b0:72:d1:3e:82:9b:b4:aa:
cd:cd:34:42:fd:86:7d:1d:e4:06:7b:97:41:52:54:
7b:5d:43:46:5a:bb:9c:83:81:83:f2:cb:89:81:2e:
b9:5c:2c:ba:f6:e0:7e:c2:e1:c2:4e:e1:3f:b7:ed:
88:a9:fa:35:0c:52:30:0d:2c:1a:ca:0f:07:df:1a:
d6:99:25:02:a7:75:50:73:cb:e9:b0:3c:ab:0e:85:
7a:bb:5e:98:f9:9e:90:97:10:8e:af:18:a3:0d:f0:
83:30:5c:51:46:2e:2b:6d:4c:30:b0:c9:50:8f:d7:
13:d4:e5:2d:dc:81:2a:f3:4e:e7:19:35:89:a9:e5:
0c:ba:8b:50:71:1b:f7:0d:b4:bd:ee:33:28:95:90:
72:01:69:9c:fb:af:a1:5f:2f:ca:08:a9:9a:d4:21:
3b:5b:c8:68:a8:39:14:47:f9:23:d1:b9:ce:62:36:
a7:06:91:7d:d2:d3:8d:47:c0:a7:d3:49:d1:65:f5:
2d:46:4e:1f:7c:53:0e:0f:5e:75:3e:a2:75:f8:ac:
8d:42:a7:05:39:9d:f1:cd:7b:45:09:b8:5b:35:bd:
98:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9E:F1:04:11:27:7A:31:B2:4E:D1:1A:AE:86:64:9C:47:15:9F:49
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS207019.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.22.0/24
155.117.242.0/24
168.222.111.0/24
Signature Algorithm: sha256WithRSAEncryption
25:58:b2:f9:ec:31:43:2a:c0:86:6e:15:2f:f9:2a:7a:eb:9b:
1f:67:23:8e:0c:ec:93:7f:7f:c3:42:22:6a:76:d2:be:67:30:
26:3e:e1:08:e9:32:e3:90:07:e6:0b:02:54:16:39:53:18:ad:
11:54:cc:79:64:c0:46:14:33:62:33:da:35:6f:31:fb:a7:a2:
b7:ad:34:10:78:73:18:70:36:f3:16:e7:7f:85:3e:71:6d:67:
7e:30:e3:68:09:20:25:a7:27:4f:8d:f0:48:fd:3b:39:da:fa:
8e:c5:4f:97:b4:dd:22:a1:1c:26:cc:ad:46:72:af:79:85:13:
67:fa:8e:7d:32:f8:19:00:8f:52:b7:fb:36:70:59:fe:d7:58:
24:71:36:55:5f:00:49:67:dc:f2:87:1b:24:b4:0d:35:56:01:
63:44:71:fd:df:63:96:ae:0a:54:1e:f0:06:7e:a0:07:03:08:
e1:de:0a:e1:22:be:1e:ed:fe:f7:99:38:22:c0:6f:b4:d4:b6:
46:04:95:35:bc:e3:2d:b8:b5:91:11:2a:15:fe:d6:c1:98:bd:
61:d3:00:0e:3e:7a:47:78:08:d8:ec:85:98:e0:7b:b2:ab:61:
f1:09:11:fd:4f:7e:1e:e3:e6:b0:7b:a8:76:68:65:2d:e5:a0:
ce:a1:56:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUB+7sHmq56HyHZ9JyPa89t42hPlswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMDUwMzM1NDJaFw0yNzAyMDQwMzQwNDJaMDMxMTAvBgNV
BAMTKENFOUVGMTA0MTEyNzdBMzFCMjRFRDExQUFFODY2NDlDNDcxNTlGNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsdpg6DVAQEWyEIZtxNU3Ea5RT
2KGQ06SOemc15g/cZ6JWZSGwctE+gpu0qs3NNEL9hn0d5AZ7l0FSVHtdQ0Zau5yD
gYPyy4mBLrlcLLr24H7C4cJO4T+37Yip+jUMUjANLBrKDwffGtaZJQKndVBzy+mw
PKsOhXq7Xpj5npCXEI6vGKMN8IMwXFFGLittTDCwyVCP1xPU5S3cgSrzTucZNYmp
5Qy6i1BxG/cNtL3uMyiVkHIBaZz7r6FfL8oIqZrUITtbyGioORRH+SPRuc5iNqcG
kX3S041HwKfTSdFl9S1GTh98Uw4PXnU+onX4rI1CpwU5nfHNe0UJuFs1vZipAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUzp7xBBEnejGyTtEaroZknEcVn0kwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA3MDE5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjw4W
AwQAm3XyAwQAqN5vMA0GCSqGSIb3DQEBCwUAA4IBAQAlWLL57DFDKsCGbhUv+Sp6
65sfZyOODOyTf3/DQiJqdtK+ZzAmPuEI6TLjkAfmCwJUFjlTGK0RVMx5ZMBGFDNi
M9o1bzH7p6K3rTQQeHMYcDbzFud/hT5xbWd+MONoCSAlpydPjfBI/Ts52vqOxU+X
tN0ioRwmzK1Gcq95hRNn+o59MvgZAI9St/s2cFn+11gkcTZVXwBJZ9zyhxsktA01
VgFjRHH932OWrgpUHvAGfqAHAwjh3grhIr4e7f73mTgiwG+01LZGBJU1vOMtuLWR
ESoV/tbBmL1h0wAOPnpHeAjY7IWY4Huyq2HxCRH9T34e4+awe6h2aGUt5aDOoVZq
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:04:07 2026 by rpki-client