Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS402215.roa
File: AS402215.roa (raw, json)
Hash identifier: xLdotwmlCjRHtIqhSSnncmI2P5pcscVWaLgcAof84vA=
Subject key identifier: 7E:D7:50:9D:17:E8:E2:CF:7D:BC:D6:45:34:D2:43:8C:36:94:96:FA
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 569276AF090327B86D959C609C0C150414821BE1
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS402215.roa
Signing time: Mon 13 Apr 2026 03:38:47 +0000
ROA not before: Mon 13 Apr 2026 03:33:47 +0000
ROA not after: Mon 12 Apr 2027 03:38:47 +0000
asID: 402215
IP address blocks: 143.20.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:92:76:af:09:03:27:b8:6d:95:9c:60:9c:0c:15:04:14:82:1b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Apr 13 03:33:47 2026 GMT
Not After : Apr 12 03:38:47 2027 GMT
Subject: CN=7ED7509D17E8E2CF7DBCD64534D2438C369496FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:45:fa:a7:81:80:55:48:97:70:f7:b3:4f:1f:
61:97:99:33:a9:f1:b0:bd:94:bd:26:a1:62:18:7d:
f5:d2:e6:0d:8d:31:52:e4:32:4f:5b:17:0e:17:fd:
05:47:d7:97:9d:f5:50:69:08:8f:2b:e0:7e:81:58:
d9:49:55:1e:38:2d:89:a6:ea:89:33:b7:69:9c:49:
ee:79:2a:0f:c1:da:73:bd:eb:a2:cf:ea:3e:6b:93:
53:cd:4e:a3:1f:f4:a9:ab:80:81:f6:04:12:b9:16:
c7:7d:03:2c:e9:af:34:e3:40:b6:e5:74:f8:b1:df:
68:67:19:58:ee:a2:d8:85:ea:14:09:bc:2d:48:61:
ad:57:1c:2c:02:10:dc:b1:84:d4:e9:2d:8e:75:16:
28:94:1d:8d:d1:9e:9c:0b:1d:91:d7:f9:9a:11:a4:
0a:09:9e:50:ba:0a:c7:0a:44:d6:40:e0:67:2d:b8:
71:aa:ca:e8:2b:07:c2:b9:a2:27:12:84:a1:70:2f:
1c:cc:f1:b8:7b:f0:51:3e:f5:7b:fe:76:fa:52:38:
14:cf:3f:6a:34:cf:cd:5d:a3:71:0f:64:90:dc:b4:
ba:9c:31:dd:a9:0c:3f:9e:36:87:0f:0e:34:05:e2:
56:82:e6:6e:c5:51:4e:d7:a9:d7:cc:57:cf:45:7e:
8a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D7:50:9D:17:E8:E2:CF:7D:BC:D6:45:34:D2:43:8C:36:94:96:FA
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS402215.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.43.0/24
Signature Algorithm: sha256WithRSAEncryption
58:79:a6:49:a8:fa:fc:60:27:47:73:a1:a8:25:e8:e3:90:42:
f8:ff:70:ca:19:8f:90:53:f2:14:ef:d9:89:2c:3d:8e:f7:af:
3c:71:6f:11:f9:7d:c5:65:b0:fd:5b:b8:0d:17:ce:d6:9f:a7:
96:d0:29:35:4f:f5:c3:c4:66:4e:55:9a:40:c5:be:16:4b:ca:
75:c6:39:86:37:90:9e:23:3c:18:e9:4b:ac:ca:f4:48:8d:b9:
12:ab:20:15:9a:77:67:86:e6:08:c6:2a:29:2d:80:f8:11:af:
22:6f:a9:96:e6:50:ce:2f:4f:0a:1f:13:27:9a:2f:61:08:86:
89:6e:fe:e2:7a:d2:32:46:41:7a:b7:ec:ae:83:e8:fc:5e:e2:
4c:50:bd:1c:b7:ec:97:6e:42:bd:b0:a4:1e:b8:0c:dc:b3:46:
83:f7:38:34:26:8b:81:60:a5:02:50:ac:37:0d:d2:11:1d:36:
3c:d6:36:84:0c:1a:1e:9f:7f:64:b3:c0:e9:f6:e7:e5:5e:ff:
69:de:29:28:5a:f8:7f:8d:cb:80:54:46:db:bc:53:cb:eb:ef:
33:4d:ec:0a:3d:b0:9a:e7:12:12:71:a3:a1:a6:ff:cc:3f:d4:
e3:f3:94:1a:f5:2b:6d:c1:5e:b3:ed:de:2a:19:1d:75:18:ac:
b6:8b:46:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVpJ2rwkDJ7htlZxgnAwVBBSCG+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA0MTMwMzMzNDdaFw0yNzA0MTIwMzM4NDdaMDMxMTAvBgNV
BAMTKDdFRDc1MDlEMTdFOEUyQ0Y3REJDRDY0NTM0RDI0MzhDMzY5NDk2RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDERfqngYBVSJdw97NPH2GXmTOp
8bC9lL0moWIYffXS5g2NMVLkMk9bFw4X/QVH15ed9VBpCI8r4H6BWNlJVR44LYmm
6okzt2mcSe55Kg/B2nO966LP6j5rk1PNTqMf9KmrgIH2BBK5Fsd9AyzprzTjQLbl
dPix32hnGVjuotiF6hQJvC1IYa1XHCwCENyxhNTpLY51FiiUHY3RnpwLHZHX+ZoR
pAoJnlC6CscKRNZA4GctuHGqyugrB8K5oicShKFwLxzM8bh78FE+9Xv+dvpSOBTP
P2o0z81do3EPZJDctLqcMd2pDD+eNocPDjQF4laC5m7FUU7XqdfMV89FforHAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUftdQnRfo4s99vNZFNNJDjDaUlvowHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNDAyMjE1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxQr
MA0GCSqGSIb3DQEBCwUAA4IBAQBYeaZJqPr8YCdHc6GoJejjkEL4/3DKGY+QU/IU
79mJLD2O9688cW8R+X3FZbD9W7gNF87Wn6eW0Ck1T/XDxGZOVZpAxb4WS8p1xjmG
N5CeIzwY6UusyvRIjbkSqyAVmndnhuYIxiopLYD4Ea8ib6mW5lDOL08KHxMnmi9h
CIaJbv7ietIyRkF6t+yug+j8XuJMUL0ct+yXbkK9sKQeuAzcs0aD9zg0JouBYKUC
UKw3DdIRHTY81jaEDBoen39ks8Dp9uflXv9p3ikoWvh/jcuAVEbbvFPL6+8zTewK
PbCa5xIScaOhpv/MP9Tj85Qa9SttwV6z7d4qGR11GKy2i0bV
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:02:41 2026 by rpki-client