Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS267507.roa
File: AS267507.roa (raw, json)
Hash identifier: x2go3NAMGi3eUN2+wZ3J3+QnNa6XFHR+8vBPiGPBzf0=
Subject key identifier: 16:05:71:F7:81:4F:40:1D:8D:2B:72:D6:B6:6F:FA:4C:FB:F8:06:8B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3A69F845F7A5FCADDC078D385A3145A709DB57D2
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS267507.roa
Signing time: Thu 02 Apr 2026 01:46:58 +0000
ROA not before: Thu 02 Apr 2026 01:41:58 +0000
ROA not after: Thu 01 Apr 2027 01:46:58 +0000
asID: 267507
IP address blocks: 143.14.134.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 12:13:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:69:f8:45:f7:a5:fc:ad:dc:07:8d:38:5a:31:45:a7:09:db:57:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 2 01:41:58 2026 GMT
Not After : Apr 1 01:46:58 2027 GMT
Subject: CN=160571F7814F401D8D2B72D6B66FFA4CFBF8068B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b2:f0:05:d3:84:94:2f:e9:c8:8b:2d:b4:a2:
8c:3c:74:ad:52:9f:ea:cc:1d:c3:ec:5d:54:53:a5:
22:f1:44:eb:aa:34:79:fa:e9:f3:d1:9c:4f:e4:5d:
99:bb:8e:1d:66:42:1a:45:c9:3b:ab:06:e3:54:1a:
96:7b:42:cd:4a:04:03:38:d6:c6:df:ae:32:af:34:
12:3d:70:c7:81:07:4a:8a:9a:96:64:37:87:f5:11:
24:8c:53:e4:54:5c:f0:0e:b5:91:08:68:1c:9c:60:
15:ca:9b:43:af:39:e3:de:fb:b8:b4:3b:1e:33:f3:
23:cf:0b:0f:1a:ae:33:04:80:1b:e6:04:5c:14:79:
ec:3c:2d:ed:4c:fb:5d:ba:4d:14:d2:56:8b:25:e9:
ad:b9:9a:5a:9a:7b:8d:bc:cd:33:b2:da:d5:49:97:
8e:b6:1f:9e:ca:53:d7:0e:64:34:42:c5:48:17:d6:
80:79:22:e4:05:5f:cd:65:f1:41:24:93:93:8a:41:
22:2a:41:be:1e:ae:6d:fc:43:0a:19:55:e5:cd:21:
34:65:d0:ed:4c:41:16:a8:b0:e6:42:24:96:c9:f1:
f4:a2:7b:db:7c:ca:6d:95:93:ba:01:ff:67:55:80:
39:81:77:26:76:3c:6a:b8:68:26:ef:0a:e8:c2:7f:
5b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:05:71:F7:81:4F:40:1D:8D:2B:72:D6:B6:6F:FA:4C:FB:F8:06:8B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS267507.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.134.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:d3:4f:4c:82:a2:7d:cd:28:0d:27:ee:81:16:44:76:0a:8e:
f9:56:61:d3:67:32:f2:fb:5b:25:61:76:e2:ae:f6:de:39:7d:
bd:84:c4:a1:26:21:97:d3:bb:92:9b:df:4e:4b:48:4d:e6:57:
89:07:c2:16:c0:7a:02:90:cd:f9:7c:4f:03:cf:45:33:32:8e:
c9:cd:28:2b:96:60:07:13:43:4f:83:34:03:84:45:ec:d5:35:
a4:bc:78:04:2a:62:08:66:50:75:78:46:be:49:c8:16:59:75:
8d:50:89:a4:90:37:08:e1:c5:a8:f2:a4:1c:e2:03:45:1e:55:
c8:c6:5f:54:85:14:9c:7c:00:f7:d0:2f:29:ca:f8:d1:18:d5:
77:e6:6e:b4:11:a9:b4:2e:31:a6:f9:d4:f0:6d:f3:8d:32:cf:
ab:21:46:5b:21:68:94:2b:b2:97:87:6f:f9:fe:40:6c:89:42:
b5:1a:86:e8:89:08:28:6e:3d:d1:2c:aa:14:2d:ad:ad:e3:da:
7e:2b:58:73:9e:f3:9f:79:2a:37:91:45:1a:35:ce:be:6c:df:
e9:7a:58:cb:40:31:d4:fa:ee:59:19:44:1d:51:93:35:87:63:
de:ef:ae:21:dc:e6:2c:42:27:d7:ce:34:9b:01:0a:10:28:29:
99:01:95:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUOmn4Rfel/K3cB404WjFFpwnbV9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDIwMTQxNThaFw0yNzA0MDEwMTQ2NThaMDMxMTAvBgNV
BAMTKDE2MDU3MUY3ODE0RjQwMUQ4RDJCNzJENkI2NkZGQTRDRkJGODA2OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRsvAF04SUL+nIiy20oow8dK1S
n+rMHcPsXVRTpSLxROuqNHn66fPRnE/kXZm7jh1mQhpFyTurBuNUGpZ7Qs1KBAM4
1sbfrjKvNBI9cMeBB0qKmpZkN4f1ESSMU+RUXPAOtZEIaBycYBXKm0OvOePe+7i0
Ox4z8yPPCw8arjMEgBvmBFwUeew8Le1M+126TRTSVosl6a25mlqae428zTOy2tVJ
l462H57KU9cOZDRCxUgX1oB5IuQFX81l8UEkk5OKQSIqQb4erm38QwoZVeXNITRl
0O1MQRaosOZCJJbJ8fSie9t8ym2Vk7oB/2dVgDmBdyZ2PGq4aCbvCujCf1uZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUFgVx94FPQB2NK3LWtm/6TPv4BoswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjY3NTA3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjw6G
MA0GCSqGSIb3DQEBCwUAA4IBAQBM009MgqJ9zSgNJ+6BFkR2Co75VmHTZzLy+1sl
YXbirvbeOX29hMShJiGX07uSm99OS0hN5leJB8IWwHoCkM35fE8Dz0UzMo7JzSgr
lmAHE0NPgzQDhEXs1TWkvHgEKmIIZlB1eEa+ScgWWXWNUImkkDcI4cWo8qQc4gNF
HlXIxl9UhRScfAD30C8pyvjRGNV35m60Eam0LjGm+dTwbfONMs+rIUZbIWiUK7KX
h2/5/kBsiUK1GoboiQgobj3RLKoULa2t49p+K1hznvOfeSo3kUUaNc6+bN/peljL
QDHU+u5ZGUQdUZM1h2Pe764h3OYsQifXzjSbAQoQKCmZAZUl
-----END CERTIFICATE-----
Generated at Wed Apr 8 15:56:30 2026 by rpki-client