Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209104.roa
File: AS209104.roa (raw, json)
Hash identifier: 4Hs0mxTNag4IhsiLpZHFj3DsKSx7Vqsc0yVX7dayZlE=
Subject key identifier: 64:B0:2C:BD:AD:03:56:6D:76:2D:03:50:E3:98:10:77:1C:E3:07:6D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5542C8BAC263D4340A2A1B22655874F669F16A79
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209104.roa
Signing time: Sat 11 Apr 2026 13:04:21 +0000
ROA not before: Sat 11 Apr 2026 12:59:21 +0000
ROA not after: Sat 10 Apr 2027 13:04:21 +0000
asID: 209104
IP address blocks: 143.14.120.0/24 maxlen: 24
155.117.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:42:c8:ba:c2:63:d4:34:0a:2a:1b:22:65:58:74:f6:69:f1:6a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 11 12:59:21 2026 GMT
Not After : Apr 10 13:04:21 2027 GMT
Subject: CN=64B02CBDAD03566D762D0350E39810771CE3076D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9d:02:da:95:c6:02:14:2e:e1:2d:1c:48:c3:
08:c0:55:72:b5:0c:97:a8:eb:07:9d:b8:9f:c9:cc:
c3:af:2b:5e:44:d8:ba:98:d1:6d:2b:ac:80:2b:f7:
e3:5a:39:e9:1e:8a:61:03:7d:d9:aa:5c:17:12:90:
9f:3c:1d:7f:91:fe:85:a2:3f:40:50:d8:02:fd:29:
2a:2a:0c:7f:e4:57:ba:b9:be:69:d6:f9:4e:ba:f7:
42:54:5b:3d:7d:b1:74:60:8a:4f:98:da:a4:1e:a6:
52:3a:da:bf:9c:83:b5:c7:33:30:bf:9d:db:35:f4:
36:7f:ba:b7:4b:63:85:d7:62:74:a7:a0:5a:09:12:
2e:5d:81:18:df:f6:79:21:8c:e0:50:b0:04:74:7b:
29:5e:7b:46:4a:83:b0:ac:5b:bc:d0:18:b1:5a:3d:
d5:09:b4:0c:29:9a:17:d6:18:1f:fb:9d:eb:ef:90:
d9:3d:8d:a1:de:8c:9c:02:7c:6f:89:74:c4:af:8a:
27:44:e1:61:2a:da:c3:73:d8:4c:66:63:c2:de:eb:
70:29:e7:95:15:0c:b0:b6:46:67:ea:f6:c7:ba:7e:
86:19:6c:60:33:29:1e:5e:32:fe:15:c6:16:40:99:
73:92:3a:c0:57:73:90:90:29:5f:04:28:09:eb:64:
96:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B0:2C:BD:AD:03:56:6D:76:2D:03:50:E3:98:10:77:1C:E3:07:6D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209104.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.120.0/24
155.117.38.0/24
Signature Algorithm: sha256WithRSAEncryption
11:3b:e5:44:c6:2f:10:fe:b5:57:d2:91:92:94:35:74:58:52:
d7:68:20:61:f2:ca:b8:47:2c:38:1b:b6:0c:43:4b:25:cb:00:
47:f9:4d:02:96:1c:ba:87:ff:af:a2:42:a1:8f:b0:de:59:07:
47:78:8a:14:58:28:bb:52:41:3e:17:b7:57:41:b5:9f:ec:5f:
eb:25:14:46:a6:d4:af:b6:e1:ec:b3:d9:6e:01:0c:45:36:19:
c2:38:7d:dc:b3:c3:84:1a:13:27:09:d1:43:da:db:1f:84:b0:
26:39:05:94:de:1f:52:e4:ec:20:e2:f1:47:cd:22:56:53:96:
47:ed:83:47:fd:67:52:ff:27:68:35:28:fb:60:a7:f0:30:1f:
92:91:40:80:22:07:c2:d1:c5:b5:23:b5:e0:5b:d9:a3:a7:34:
2f:ed:91:5b:09:a6:a0:c1:e8:bd:4f:d1:e4:52:80:99:3c:d9:
72:58:e4:ab:92:87:39:61:aa:c0:2c:15:58:a6:aa:23:5e:4d:
f8:0b:5e:28:a6:e3:2b:fd:4f:82:be:91:0e:8f:71:fb:b4:d7:
d1:da:ba:1a:c6:22:bc:08:03:13:fc:fa:15:1b:5b:a4:0d:73:
2d:ea:8c:28:d2:e8:73:ae:41:91:66:83:41:a4:36:e6:5a:11:
92:b9:9c:ab
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUVULIusJj1DQKKhsiZVh09mnxankwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTExMjU5MjFaFw0yNzA0MTAxMzA0MjFaMDMxMTAvBgNV
BAMTKDY0QjAyQ0JEQUQwMzU2NkQ3NjJEMDM1MEUzOTgxMDc3MUNFMzA3NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNnQLalcYCFC7hLRxIwwjAVXK1
DJeo6weduJ/JzMOvK15E2LqY0W0rrIAr9+NaOekeimEDfdmqXBcSkJ88HX+R/oWi
P0BQ2AL9KSoqDH/kV7q5vmnW+U6690JUWz19sXRgik+Y2qQeplI62r+cg7XHMzC/
nds19DZ/urdLY4XXYnSnoFoJEi5dgRjf9nkhjOBQsAR0eylee0ZKg7CsW7zQGLFa
PdUJtAwpmhfWGB/7nevvkNk9jaHejJwCfG+JdMSviidE4WEq2sNz2ExmY8Le63Ap
55UVDLC2Rmfq9se6foYZbGAzKR5eMv4VxhZAmXOSOsBXc5CQKV8EKAnrZJarAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUZLAsva0DVm12LQNQ45gQdxzjB20wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA5MTA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjw54
AwQAm3UmMA0GCSqGSIb3DQEBCwUAA4IBAQARO+VExi8Q/rVX0pGSlDV0WFLXaCBh
8sq4Ryw4G7YMQ0slywBH+U0Clhy6h/+vokKhj7DeWQdHeIoUWCi7UkE+F7dXQbWf
7F/rJRRGptSvtuHss9luAQxFNhnCOH3cs8OEGhMnCdFD2tsfhLAmOQWU3h9S5Owg
4vFHzSJWU5ZH7YNH/WdS/ydoNSj7YKfwMB+SkUCAIgfC0cW1I7XgW9mjpzQv7ZFb
Caagwei9T9HkUoCZPNlyWOSrkoc5YarALBVYpqojXk34C14opuMr/U+CvpEOj3H7
tNfR2roaxiK8CAMT/PoVG1ukDXMt6owo0uhzrkGRZoNBpDbmWhGSuZyr
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:05 2026 by rpki-client