Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11426.roa
File: AS11426.roa (raw, json)
Hash identifier: dlRhAe8Q2eNuBE17tmK+gbXPpMnQ9LJiBvTskvelFZ8=
Subject key identifier: FA:1E:E7:7B:B1:2C:D2:76:33:F7:FE:7F:2A:62:5C:A5:A8:7A:AD:89
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0A2532405D1ADB47AA4E7270C646BF03E9DE1497
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11426.roa
Signing time: Fri 18 Jul 2025 13:33:05 +0000
ROA not before: Fri 18 Jul 2025 13:28:05 +0000
ROA not after: Fri 17 Jul 2026 13:33:05 +0000
asID: 11426
IP address blocks: 143.14.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:25:32:40:5d:1a:db:47:aa:4e:72:70:c6:46:bf:03:e9:de:14:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 18 13:28:05 2025 GMT
Not After : Jul 17 13:33:05 2026 GMT
Subject: CN=FA1EE77BB12CD27633F7FE7F2A625CA5A87AAD89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f5:29:1d:cb:ae:53:e1:ac:4e:cd:a5:67:ac:
d7:e8:b1:c4:9d:19:e7:40:f5:c0:a4:66:86:51:0c:
0e:3b:03:86:d3:85:3f:aa:07:17:69:77:f3:31:c4:
01:7c:54:ff:bb:db:c2:39:de:69:1a:d2:b6:3a:4c:
a4:4b:6c:ef:70:ce:8f:53:80:0f:45:04:ea:2b:5a:
32:fd:6a:0f:a4:91:8c:1b:61:d3:32:f8:59:28:1f:
e9:27:2e:54:07:b4:8b:11:dd:ef:5a:6f:f2:70:4a:
a0:db:bb:94:80:c5:ff:50:f6:5f:be:34:8c:94:3b:
e0:aa:f5:63:a0:7a:3b:84:e4:72:e4:94:37:a2:13:
0b:cf:56:dd:0f:2a:ff:f0:17:d4:ab:dc:f6:79:c0:
c7:23:48:a1:d0:25:f6:83:eb:8c:33:5c:7b:7c:ef:
64:70:a9:44:49:d6:e0:4c:64:e7:01:b9:cf:c5:a3:
4e:8e:74:fd:a2:7c:ea:55:08:91:51:3e:75:85:1c:
81:51:ab:cc:df:63:0a:89:32:60:2a:d9:f4:2b:38:
7b:7c:73:64:af:46:e6:2e:9a:b5:b9:fe:92:6f:2e:
60:16:07:c9:f8:d0:e5:1c:32:a4:0c:05:a9:13:cb:
0f:b8:4a:f4:7a:51:2a:4c:96:5d:e1:ef:33:24:63:
ce:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1E:E7:7B:B1:2C:D2:76:33:F7:FE:7F:2A:62:5C:A5:A8:7A:AD:89
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11426.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.175.0/24
Signature Algorithm: sha256WithRSAEncryption
48:9b:f1:1d:e4:41:3d:b5:cf:b3:9e:bb:9c:08:54:6f:22:f3:
7b:c7:70:0d:64:07:db:99:d4:4c:7d:75:15:31:3f:d6:89:0c:
06:b2:5f:4e:6e:cb:57:2a:bf:56:8a:17:e5:03:31:a1:b3:5c:
08:0e:25:a9:ac:27:aa:b3:dc:19:56:37:1c:1a:d2:00:f9:ae:
c8:b8:f9:53:d9:1a:01:b1:89:11:69:12:1a:04:13:a3:f2:45:
49:9f:2c:5f:26:22:38:3e:df:9f:96:02:e2:8c:c7:c6:76:02:
55:e2:f6:cd:38:d4:70:c9:08:45:8e:3c:ac:23:66:07:33:7e:
80:cd:0b:b0:bb:64:e2:6f:4e:ea:9b:6f:3f:3b:a9:16:df:9a:
bc:77:43:0f:c3:aa:a0:eb:8d:86:c7:21:16:04:ef:df:11:b7:
04:d1:1e:90:88:84:18:47:f4:c6:e3:a3:74:26:53:67:ff:32:
ac:af:2b:24:ad:7f:0f:74:a5:05:d3:0d:d5:e8:10:f4:1d:7d:
a1:28:f3:ae:13:d1:4b:db:71:91:1e:f3:94:d6:ba:a8:99:9b:
0e:ed:72:37:21:99:be:3b:13:7b:a5:4d:7e:c3:42:4a:f9:bb:
62:74:ef:1c:4a:5c:d0:1d:ac:1c:55:67:23:b4:a8:87:8c:3b:
3b:d6:a2:5e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUCiUyQF0a20eqTnJwxka/A+neFJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTgxMzI4MDVaFw0yNjA3MTcxMzMzMDVaMDMxMTAvBgNV
BAMTKEZBMUVFNzdCQjEyQ0QyNzYzM0Y3RkU3RjJBNjI1Q0E1QTg3QUFEODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA9Skdy65T4axOzaVnrNfoscSd
GedA9cCkZoZRDA47A4bThT+qBxdpd/MxxAF8VP+728I53mka0rY6TKRLbO9wzo9T
gA9FBOorWjL9ag+kkYwbYdMy+FkoH+knLlQHtIsR3e9ab/JwSqDbu5SAxf9Q9l++
NIyUO+Cq9WOgejuE5HLklDeiEwvPVt0PKv/wF9Sr3PZ5wMcjSKHQJfaD64wzXHt8
72RwqURJ1uBMZOcBuc/Fo06OdP2ifOpVCJFRPnWFHIFRq8zfYwqJMmAq2fQrOHt8
c2SvRuYumrW5/pJvLmAWB8n40OUcMqQMBakTyw+4SvR6USpMll3h7zMkY85fAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU+h7ne7Es0nYz9/5/KmJcpah6rYkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTE0MjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPDq8w
DQYJKoZIhvcNAQELBQADggEBAEib8R3kQT21z7Oeu5wIVG8i83vHcA1kB9uZ1Ex9
dRUxP9aJDAayX05uy1cqv1aKF+UDMaGzXAgOJamsJ6qz3BlWNxwa0gD5rsi4+VPZ
GgGxiRFpEhoEE6PyRUmfLF8mIjg+35+WAuKMx8Z2AlXi9s041HDJCEWOPKwjZgcz
foDNC7C7ZOJvTuqbbz87qRbfmrx3Qw/DqqDrjYbHIRYE798RtwTRHpCIhBhH9Mbj
o3QmU2f/MqyvKyStfw90pQXTDdXoEPQdfaEo864T0UvbcZEe85TWuqiZmw7tcjch
mb47E3ulTX7DQkr5u2J07xxKXNAdrBxVZyO0qIeMOzvWol4=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:06:37 2025 by rpki-client