Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS151389.roa
File: AS151389.roa (raw, json)
Hash identifier: t2wUttJ4Xka8RSCuIRLrZXg3IocspTifEdl3RbbKbpU=
Subject key identifier: AC:11:12:F6:E3:62:C7:E8:1A:95:F1:9B:BD:60:2D:12:51:22:EC:A3
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 502B59D9A351162C1B276AE631F8ED8A48095EF5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS151389.roa
Signing time: Fri 03 Apr 2026 13:30:46 +0000
ROA not before: Fri 03 Apr 2026 13:25:46 +0000
ROA not after: Fri 02 Apr 2027 13:30:46 +0000
asID: 151389
IP address blocks: 147.79.31.0/24 maxlen: 24
162.141.125.0/24 maxlen: 24
167.148.139.0/24 maxlen: 24
168.222.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 Apr 2026 13:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:2b:59:d9:a3:51:16:2c:1b:27:6a:e6:31:f8:ed:8a:48:09:5e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 3 13:25:46 2026 GMT
Not After : Apr 2 13:30:46 2027 GMT
Subject: CN=AC1112F6E362C7E81A95F19BBD602D125122ECA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:55:00:d2:91:a7:27:95:65:c0:1f:0e:b5:c8:
20:20:3e:17:77:29:01:ef:75:ea:95:a7:49:34:f4:
a6:05:fb:b2:db:9c:89:7e:19:b9:3e:4f:51:ce:fb:
5a:74:24:09:66:a3:e7:f1:ab:18:8b:77:9f:e6:bf:
e5:0f:6c:2b:92:c3:24:14:cd:b8:30:67:5d:a4:e4:
b5:d6:3a:fc:d9:ce:67:cd:06:28:b9:0d:fa:91:b9:
f3:77:b9:ff:29:ab:48:a6:40:cf:bb:2a:88:94:4a:
52:b1:1f:62:96:5c:c9:da:b7:f6:89:9a:8e:38:27:
05:01:6a:ce:d1:89:80:50:67:04:da:0a:e0:ad:3c:
85:24:07:42:32:6d:8d:d1:25:fb:49:a6:a4:f0:8b:
b4:29:f4:6a:41:ce:1e:13:00:d6:35:34:14:3c:77:
dc:64:d0:74:1d:85:a0:dc:11:29:6f:03:07:1b:d8:
d6:a4:33:94:b6:c9:62:58:97:44:7a:82:8a:be:ea:
f8:c9:4c:72:d1:5d:46:7c:2d:dc:9c:dc:15:02:52:
90:5c:ce:06:ee:9c:4d:7b:48:89:6e:fd:4d:ee:3f:
3c:63:e8:2a:23:32:9f:86:12:a0:71:a8:62:3e:12:
24:98:19:b2:52:de:ee:78:78:3d:99:f5:0f:27:7e:
5d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:11:12:F6:E3:62:C7:E8:1A:95:F1:9B:BD:60:2D:12:51:22:EC:A3
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS151389.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.31.0/24
162.141.125.0/24
167.148.139.0/24
168.222.125.0/24
Signature Algorithm: sha256WithRSAEncryption
93:69:81:74:c1:bf:7c:7e:ae:1f:41:26:83:b8:e0:4e:bb:d4:
ff:d8:2a:cc:7d:92:4a:29:60:0d:4a:68:e8:38:28:8b:02:f8:
9f:e9:d5:e2:88:f8:41:7b:ca:ba:d6:5c:45:fa:03:84:a6:d8:
aa:c3:f4:26:2c:db:d9:25:15:1c:96:f3:9c:2b:49:ba:00:ef:
9c:58:62:fe:2b:ff:2a:aa:d7:23:4c:49:60:46:32:89:57:7a:
f6:28:92:af:28:59:5e:59:a0:09:bc:f1:e6:ad:86:77:64:e1:
99:4a:0c:c0:eb:ea:74:e8:c7:6e:d0:a3:b7:e5:dd:7f:84:bf:
31:24:f8:f5:e6:a1:3c:b7:c2:1f:3e:8a:4c:e2:97:7e:df:e9:
31:8a:9c:71:bb:8c:32:c8:f0:89:ff:af:1c:3b:d2:68:57:36:
f6:11:42:1c:5c:be:51:29:33:fe:ea:bf:e3:7c:8d:31:ac:e8:
a3:3b:83:fd:51:eb:89:b9:59:46:c9:69:f3:7d:f3:6c:de:95:
3d:29:ed:91:98:07:54:75:9f:17:23:a8:2c:91:df:f7:9b:2c:
bc:00:b3:30:c5:52:1a:2c:27:47:5c:b5:bb:8a:0a:a8:d1:d3:
de:a6:0b:4c:a2:f4:50:38:df:20:d8:ca:3f:cf:12:cc:be:91:
89:8f:e4:a9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUUCtZ2aNRFiwbJ2rmMfjtikgJXvUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDMxMzI1NDZaFw0yNzA0MDIxMzMwNDZaMDMxMTAvBgNV
BAMTKEFDMTExMkY2RTM2MkM3RTgxQTk1RjE5QkJENjAyRDEyNTEyMkVDQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJVQDSkacnlWXAHw61yCAgPhd3
KQHvdeqVp0k09KYF+7LbnIl+Gbk+T1HO+1p0JAlmo+fxqxiLd5/mv+UPbCuSwyQU
zbgwZ12k5LXWOvzZzmfNBii5DfqRufN3uf8pq0imQM+7KoiUSlKxH2KWXMnat/aJ
mo44JwUBas7RiYBQZwTaCuCtPIUkB0IybY3RJftJpqTwi7Qp9GpBzh4TANY1NBQ8
d9xk0HQdhaDcESlvAwcb2NakM5S2yWJYl0R6goq+6vjJTHLRXUZ8Ldyc3BUCUpBc
zgbunE17SIlu/U3uPzxj6CojMp+GEqBxqGI+EiSYGbJS3u54eD2Z9Q8nfl01AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUrBES9uNix+galfGbvWAtElEi7KMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUxMzg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAk08f
AwQAoo19AwQAp5SLAwQAqN59MA0GCSqGSIb3DQEBCwUAA4IBAQCTaYF0wb98fq4f
QSaDuOBOu9T/2CrMfZJKKWANSmjoOCiLAvif6dXiiPhBe8q61lxF+gOEptiqw/Qm
LNvZJRUclvOcK0m6AO+cWGL+K/8qqtcjTElgRjKJV3r2KJKvKFleWaAJvPHmrYZ3
ZOGZSgzA6+p06Mdu0KO35d1/hL8xJPj15qE8t8IfPopM4pd+3+kxipxxu4wyyPCJ
/68cO9JoVzb2EUIcXL5RKTP+6r/jfI0xrOijO4P9UeuJuVlGyWnzffNs3pU9Ke2R
mAdUdZ8XI6gskd/3myy8ALMwxVIaLCdHXLW7igqo0dPepgtMovRQON8g2Mo/zxLM
vpGJj+Sp
-----END CERTIFICATE-----
Generated at Mon Apr 6 01:02:36 2026 by rpki-client