Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS26042.roa
File: AS26042.roa (raw, json)
Hash identifier: vJpg5piM96QoatIGE2tlLD8azUqszaX3z7QTfjZJatg=
Subject key identifier: 67:92:89:74:F5:85:30:1F:32:FA:5B:54:C0:33:B6:05:BF:3B:72:CC
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 5696437C07B32DDAFDA00FF29C0EF64044A3ECF5
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS26042.roa
Signing time: Sun 26 Oct 2025 22:54:56 +0000
ROA not before: Sun 26 Oct 2025 22:49:56 +0000
ROA not after: Sun 25 Oct 2026 22:54:56 +0000
asID: 26042
IP address blocks: 143.20.149.0/24 maxlen: 24
143.20.161.0/24 maxlen: 24
143.20.170.0/24 maxlen: 24
143.20.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:96:43:7c:07:b3:2d:da:fd:a0:0f:f2:9c:0e:f6:40:44:a3:ec:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Oct 26 22:49:56 2025 GMT
Not After : Oct 25 22:54:56 2026 GMT
Subject: CN=67928974F585301F32FA5B54C033B605BF3B72CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2e:26:81:05:58:cf:b1:88:fe:d7:e8:7a:26:
bd:60:82:6e:f1:2f:5b:d0:dc:01:32:a1:30:4f:d3:
1d:74:df:55:fa:16:32:74:37:d6:ec:58:f9:93:5a:
a3:86:67:cf:30:59:6d:d1:31:9c:84:6f:02:2e:6c:
62:eb:f5:05:6b:d0:2f:71:47:36:a7:76:bb:ca:98:
6d:16:1d:bd:9d:7b:58:c1:a1:e5:13:90:2c:fa:cc:
4b:08:59:d7:c8:66:10:da:f9:4a:c4:6f:f2:94:90:
b7:3f:58:85:f3:ca:29:e3:31:62:73:18:26:75:dc:
a7:c8:bf:97:c3:91:c1:f0:5b:6d:83:a6:b7:11:18:
a6:f9:2c:cc:53:ed:05:a5:ed:fc:c6:43:97:83:7a:
c2:b2:da:5a:be:ab:7d:0f:f3:3c:95:84:99:01:53:
ae:ef:d2:f4:4c:b8:1b:eb:66:07:0d:9b:0a:8c:87:
36:9f:52:d7:e0:1c:9e:ea:a4:4e:a3:27:20:c7:69:
d8:c3:ed:23:65:ce:f1:09:4b:98:3a:3a:c5:79:08:
df:5c:56:df:95:33:35:85:48:c5:0f:1a:53:ed:3e:
5d:b9:45:3d:ec:a8:5b:ca:a0:c8:b8:ec:da:ba:d9:
d1:dc:b2:23:4b:ee:81:8b:5b:8a:9e:72:f8:06:17:
19:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:92:89:74:F5:85:30:1F:32:FA:5B:54:C0:33:B6:05:BF:3B:72:CC
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS26042.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.149.0/24
143.20.161.0/24
143.20.170.0/24
143.20.230.0/24
Signature Algorithm: sha256WithRSAEncryption
90:68:15:06:60:a3:bf:40:6a:30:9c:1a:d2:7c:4c:0f:56:c3:
97:c5:0d:8c:2f:24:0b:e1:dd:e1:12:ed:7a:bd:ca:0e:c4:99:
58:b0:8c:a8:54:df:ff:1f:7e:03:c8:49:51:89:53:17:27:90:
86:9b:7b:c9:99:8c:dd:7a:ff:83:36:27:f1:90:e4:66:27:3a:
e6:14:2e:84:fe:e1:63:a5:f6:03:77:6f:33:08:a8:6e:fc:3a:
23:dc:b6:f0:46:6a:17:62:6d:9b:e6:b7:57:e8:cc:a5:38:eb:
b7:cc:ca:6b:a7:13:6a:c8:41:1f:3f:f4:8f:6d:9f:a8:70:7a:
da:b7:c8:31:41:c6:70:65:b4:f9:ed:b7:6d:94:ed:38:34:c3:
bc:0d:b6:59:13:b7:48:1f:a9:3b:53:43:b7:48:94:f9:e8:6a:
45:3e:c8:c2:ff:cf:14:33:31:c0:dc:f8:ff:90:8b:55:3e:bd:
fb:7c:f6:24:83:cb:4c:cb:9e:97:3f:ee:07:78:71:15:a8:3f:
b3:eb:c4:1c:bf:39:c4:bd:77:67:ae:c8:b4:f6:5a:9b:f2:10:
ab:f8:4e:02:98:88:80:47:30:49:7a:70:97:d9:fb:93:82:e0:
3e:2b:08:2a:f0:7f:e2:fa:f9:11:d7:87:63:91:4e:dd:02:e7:
23:41:49:fc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUVpZDfAezLdr9oA/ynA72QESj7PUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTEwMjYyMjQ5NTZaFw0yNjEwMjUyMjU0NTZaMDMxMTAvBgNV
BAMTKDY3OTI4OTc0RjU4NTMwMUYzMkZBNUI1NEMwMzNCNjA1QkYzQjcyQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDLiaBBVjPsYj+1+h6Jr1ggm7x
L1vQ3AEyoTBP0x1031X6FjJ0N9bsWPmTWqOGZ88wWW3RMZyEbwIubGLr9QVr0C9x
RzandrvKmG0WHb2de1jBoeUTkCz6zEsIWdfIZhDa+UrEb/KUkLc/WIXzyinjMWJz
GCZ13KfIv5fDkcHwW22DprcRGKb5LMxT7QWl7fzGQ5eDesKy2lq+q30P8zyVhJkB
U67v0vRMuBvrZgcNmwqMhzafUtfgHJ7qpE6jJyDHadjD7SNlzvEJS5g6OsV5CN9c
Vt+VMzWFSMUPGlPtPl25RT3sqFvKoMi47Nq62dHcsiNL7oGLW4qecvgGFxmhAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUZ5KJdPWFMB8y+ltUwDO2Bb87cswwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjYwNDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACPFJUD
BACPFKEDBACPFKoDBACPFOYwDQYJKoZIhvcNAQELBQADggEBAJBoFQZgo79AajCc
GtJ8TA9Ww5fFDYwvJAvh3eES7Xq9yg7EmViwjKhU3/8ffgPISVGJUxcnkIabe8mZ
jN16/4M2J/GQ5GYnOuYULoT+4WOl9gN3bzMIqG78OiPctvBGahdibZvmt1fozKU4
67fMymunE2rIQR8/9I9tn6hwetq3yDFBxnBltPntt22U7Tg0w7wNtlkTt0gfqTtT
Q7dIlPnoakU+yML/zxQzMcDc+P+Qi1U+vft89iSDy0zLnpc/7gd4cRWoP7PrxBy/
OcS9d2euyLT2WpvyEKv4TgKYiIBHMEl6cJfZ+5OC4D4rCCrwf+L6+RHXh2ORTt0C
5yNBSfw=
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:04:01 2025 by rpki-client