Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS207019.roa
File: AS207019.roa (raw, json)
Hash identifier: aRF3aGSKqRzRz6nPApGYOaeOXuMpfjq5K+iZuFnPEhA=
Subject key identifier: 05:44:75:EF:BD:9E:BC:B4:91:6F:37:14:F7:84:63:49:8A:73:6E:F2
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0506BD4AE6AB756E11B461949223BDA39799D0FF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS207019.roa
Signing time: Fri 31 Oct 2025 08:07:10 +0000
ROA not before: Fri 31 Oct 2025 08:02:10 +0000
ROA not after: Fri 30 Oct 2026 08:07:10 +0000
asID: 207019
IP address blocks: 143.14.22.0/24 maxlen: 24
155.117.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:06:bd:4a:e6:ab:75:6e:11:b4:61:94:92:23:bd:a3:97:99:d0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 31 08:02:10 2025 GMT
Not After : Oct 30 08:07:10 2026 GMT
Subject: CN=054475EFBD9EBCB4916F3714F78463498A736EF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:74:03:a7:5b:59:18:18:67:78:8a:51:7a:1a:
d6:92:cf:0c:25:47:65:0e:4e:68:ef:b7:12:ca:7d:
f8:98:31:5a:1b:67:2c:27:13:79:ac:ba:2b:3c:a1:
55:8f:5b:af:f9:92:36:cd:0b:92:60:15:01:93:07:
bb:74:bd:bf:09:21:8f:72:68:48:54:2f:2b:08:f8:
5e:cc:16:8e:cf:76:90:e7:c5:cc:44:38:7f:f5:63:
b8:1d:25:92:7b:31:04:f1:a9:db:47:d0:74:41:bc:
da:c9:48:36:05:73:b8:f9:19:f0:30:8a:38:c7:bb:
f2:73:e7:4a:33:05:50:a2:6d:b3:77:9d:9d:11:42:
ca:a3:d0:8e:3c:da:7a:9b:9d:1b:50:06:52:7b:9f:
39:49:9e:91:f5:d0:8a:db:d7:11:d6:da:9b:58:54:
ff:90:02:81:df:99:d1:56:ae:2c:94:d0:22:33:38:
37:5e:21:c3:aa:ee:15:0d:ea:93:d0:64:ae:4d:85:
f0:ef:a6:45:05:4c:72:0d:a0:a1:b2:fa:35:5b:5d:
96:6d:a1:e2:44:88:a6:3b:df:81:67:c1:1b:b9:94:
3e:be:e7:01:d5:09:50:04:c9:73:61:7a:79:48:48:
fd:e5:1d:90:d4:04:f6:f0:f2:95:a8:46:32:24:6b:
00:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:44:75:EF:BD:9E:BC:B4:91:6F:37:14:F7:84:63:49:8A:73:6E:F2
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS207019.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.22.0/24
155.117.242.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7c:7a:2b:0e:ce:62:7e:d6:b9:bd:82:8a:77:8c:32:9a:51:
20:89:f4:27:f4:07:8e:8c:92:c5:4a:22:46:19:c2:c1:4c:4f:
c6:bc:49:b1:0f:eb:4a:8a:bb:56:0d:ee:b6:42:d6:26:50:29:
4f:45:00:53:d3:6f:b4:75:e9:92:cd:45:2d:e5:ed:4f:43:08:
30:e2:2b:51:15:ea:23:07:6b:7b:e0:e0:fa:d6:6b:5a:70:88:
fd:69:c4:5b:12:e6:4c:7c:0c:6b:ce:07:e4:62:bf:d0:5a:b4:
d5:ef:85:8d:e5:d7:89:59:96:4a:de:45:6a:c6:b7:09:26:05:
5b:b5:58:f0:d8:b7:00:2c:2a:a7:39:ba:67:8b:3f:25:ba:34:
88:d0:f7:3e:0a:14:6a:70:b7:74:cd:fc:2d:96:7b:7c:3a:ec:
89:4c:21:6f:36:b2:6b:e3:c8:1f:15:85:4a:3b:8f:8d:08:cc:
6c:7e:6a:fc:22:5f:80:ec:cd:22:3d:46:a9:c7:32:41:ce:46:
0c:6d:e1:44:02:4c:55:5c:4d:cd:49:f0:7f:7d:6f:20:fb:7c:
da:76:dc:5d:0f:3d:0d:60:9a:9d:18:1a:76:9e:64:6a:cb:18:
6f:8d:73:8a:bc:4e:fc:ba:d5:ef:90:e2:2c:a1:81:7d:24:00:
c0:b6:94:bd
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUBQa9SuardW4RtGGUkiO9o5eZ0P8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMzEwODAyMTBaFw0yNjEwMzAwODA3MTBaMDMxMTAvBgNV
BAMTKDA1NDQ3NUVGQkQ5RUJDQjQ5MTZGMzcxNEY3ODQ2MzQ5OEE3MzZFRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEdAOnW1kYGGd4ilF6GtaSzwwl
R2UOTmjvtxLKffiYMVobZywnE3msuis8oVWPW6/5kjbNC5JgFQGTB7t0vb8JIY9y
aEhULysI+F7MFo7PdpDnxcxEOH/1Y7gdJZJ7MQTxqdtH0HRBvNrJSDYFc7j5GfAw
ijjHu/Jz50ozBVCibbN3nZ0RQsqj0I482nqbnRtQBlJ7nzlJnpH10Irb1xHW2ptY
VP+QAoHfmdFWriyU0CIzODdeIcOq7hUN6pPQZK5NhfDvpkUFTHINoKGy+jVbXZZt
oeJEiKY734FnwRu5lD6+5wHVCVAEyXNhenlISP3lHZDUBPbw8pWoRjIkawAJAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUBUR1772evLSRbzcU94RjSYpzbvIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA3MDE5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjw4W
AwQAm3XyMA0GCSqGSIb3DQEBCwUAA4IBAQBjfHorDs5ifta5vYKKd4wymlEgifQn
9AeOjJLFSiJGGcLBTE/GvEmxD+tKirtWDe62QtYmUClPRQBT02+0demSzUUt5e1P
Qwgw4itRFeojB2t74OD61mtacIj9acRbEuZMfAxrzgfkYr/QWrTV74WN5deJWZZK
3kVqxrcJJgVbtVjw2LcALCqnObpniz8lujSI0Pc+ChRqcLd0zfwtlnt8OuyJTCFv
NrJr48gfFYVKO4+NCMxsfmr8Il+A7M0iPUapxzJBzkYMbeFEAkxVXE3NSfB/fW8g
+3zadtxdDz0NYJqdGBp2nmRqyxhvjXOKvE78utXvkOIsoYF9JADAtpS9
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:35:17 2025 by rpki-client