Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11404.roa
File: AS11404.roa (raw, json)
Hash identifier: LoXimR5s1PuKii4j/yqAmFf30apo6wCS7BXY/VZ1bIc=
Subject key identifier: DB:94:7E:BB:19:45:CD:BE:A0:47:79:C4:97:46:BC:4D:7E:1A:8C:2F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2232D24A63FBBAA6D33366D4A3D1686D2DF0BB07
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11404.roa
Signing time: Tue 26 Aug 2025 00:03:59 +0000
ROA not before: Mon 25 Aug 2025 23:58:59 +0000
ROA not after: Tue 25 Aug 2026 00:03:59 +0000
asID: 11404
IP address blocks: 136.143.244.0/24 maxlen: 24
136.143.251.0/24 maxlen: 24
136.143.253.0/24 maxlen: 24
136.143.255.0/24 maxlen: 24
143.14.16.0/21 maxlen: 24
158.140.195.0/24 maxlen: 24
158.140.198.0/24 maxlen: 24
158.140.201.0/24 maxlen: 24
158.140.204.0/24 maxlen: 24
158.140.206.0/23 maxlen: 23
158.140.212.0/23 maxlen: 23
158.140.215.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.120.0/22 maxlen: 24
203.100.208.0/23 maxlen: 23
203.100.211.0/24 maxlen: 24
203.160.112.0/23 maxlen: 23
203.160.115.0/24 maxlen: 24
203.160.119.0/24 maxlen: 24
203.160.120.0/23 maxlen: 23
203.160.122.0/24 maxlen: 24
203.160.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 20:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:32:d2:4a:63:fb:ba:a6:d3:33:66:d4:a3:d1:68:6d:2d:f0:bb:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 25 23:58:59 2025 GMT
Not After : Aug 25 00:03:59 2026 GMT
Subject: CN=DB947EBB1945CDBEA04779C49746BC4D7E1A8C2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:12:a4:66:1d:67:d5:47:bc:c1:da:2d:aa:58:
54:1a:7b:ad:08:2f:60:a5:cd:2d:2f:e2:8a:bd:18:
fe:eb:fb:fc:b8:16:7e:89:40:3e:9e:e6:d1:eb:29:
d1:91:57:52:42:43:9f:c3:5a:e7:b8:9b:81:3b:e9:
dd:65:a0:59:e1:cf:8d:ee:98:e3:45:3d:49:e7:1f:
42:91:ec:d7:22:54:28:22:40:6b:ef:e0:e6:7f:d4:
09:e5:3b:9d:4f:ad:3d:9c:1e:ae:51:66:6b:89:67:
4f:a1:85:30:19:64:3d:69:bf:b0:eb:4f:93:b0:5d:
06:ec:4b:22:2a:f6:c0:d8:28:28:6e:e4:f4:04:d7:
d3:e4:8b:7d:6f:a2:dd:64:08:af:e1:7f:cb:b0:1a:
e2:41:c6:51:ea:32:49:5a:fc:31:82:e4:7c:ce:f5:
25:a5:ce:bf:6d:e4:7a:8e:8c:00:1b:2c:01:c3:ea:
6d:8a:d5:03:13:84:fa:fc:c5:b2:e3:07:7e:04:9c:
b3:42:84:41:49:ae:5e:55:a4:43:e9:33:5e:fd:cd:
75:a5:94:49:e2:74:e0:b4:91:02:fa:c3:f3:96:85:
b4:31:46:f1:88:be:38:78:36:f5:e5:3d:24:f0:15:
3e:c2:20:35:4a:f7:f7:36:18:4a:f0:74:74:c8:aa:
d1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:94:7E:BB:19:45:CD:BE:A0:47:79:C4:97:46:BC:4D:7E:1A:8C:2F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11404.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.143.244.0/24
136.143.251.0/24
136.143.253.0/24
136.143.255.0/24
143.14.16.0/21
158.140.195.0/24
158.140.198.0/24
158.140.201.0/24
158.140.204.0/24
158.140.206.0/23
158.140.212.0/23
158.140.215.0/24
162.141.24.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.168.0/21
162.141.184.0/21
167.148.16.0-167.148.27.255
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.120.0/22
203.100.208.0/23
203.100.211.0/24
203.160.112.0/23
203.160.115.0/24
203.160.119.0-203.160.122.255
203.160.124.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:6f:9a:14:9b:21:63:46:7f:99:a7:4c:55:54:51:cd:47:bb:
0f:71:e1:49:81:ec:2a:5e:46:fb:98:26:8c:2e:2e:ee:1c:d1:
de:a4:78:a1:41:91:c0:63:09:8a:68:48:de:fa:d1:9a:f0:3f:
15:e5:15:a9:78:cb:81:e1:b0:ae:cd:b1:63:23:88:46:94:50:
25:05:25:6e:14:bf:27:b4:2b:47:67:69:22:f4:38:2e:cf:4b:
8c:e5:51:5f:b0:ec:59:f7:30:25:54:3e:80:4c:61:78:e4:4e:
8d:af:46:96:b4:ca:cb:95:9f:f9:96:10:6c:ba:ef:d8:88:96:
a3:13:d8:37:17:34:76:31:30:72:e1:74:90:1c:17:18:39:8b:
67:99:f2:db:54:37:81:2b:76:3d:c6:0e:55:a5:5e:7d:4e:9c:
aa:3b:4f:f7:84:b3:6e:33:15:7e:a0:6e:0b:07:cc:94:65:e6:
b5:1a:e1:84:35:63:e4:58:6a:1e:a3:cc:04:d6:2b:df:3b:29:
93:3c:85:ab:a2:eb:01:9f:26:82:74:29:0a:0c:41:d7:78:cd:
22:54:a9:ea:a3:48:cc:e0:4d:f3:15:4d:20:87:b8:15:15:62:
d1:0f:e0:c9:12:27:13:cb:b4:7a:c8:2d:6a:37:76:93:31:d0:
c9:89:8e:24
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgIUIjLSSmP7uqbTM2bUo9FobS3wuwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjUyMzU4NTlaFw0yNjA4MjUwMDAzNTlaMDMxMTAvBgNV
BAMTKERCOTQ3RUJCMTk0NUNEQkVBMDQ3NzlDNDk3NDZCQzREN0UxQThDMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUEqRmHWfVR7zB2i2qWFQae60I
L2ClzS0v4oq9GP7r+/y4Fn6JQD6e5tHrKdGRV1JCQ5/DWue4m4E76d1loFnhz43u
mONFPUnnH0KR7NciVCgiQGvv4OZ/1AnlO51PrT2cHq5RZmuJZ0+hhTAZZD1pv7Dr
T5OwXQbsSyIq9sDYKChu5PQE19Pki31vot1kCK/hf8uwGuJBxlHqMkla/DGC5HzO
9SWlzr9t5HqOjAAbLAHD6m2K1QMThPr8xbLjB34EnLNChEFJrl5VpEPpM179zXWl
lEnidOC0kQL6w/OWhbQxRvGIvjh4NvXlPSTwFT7CIDVK9/c2GErwdHTIqtERAgMB
AAGjggLoMIIC5DAdBgNVHQ4EFgQU25R+uxlFzb6gR3nEl0a8TX4ajC8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTE0MDQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgf0GCCsGAQUFBwEHAQH/BIHtMIHqMIHnBAIAATCB4AME
AIiP9AMEAIiP+wMEAIiP/QMEAIiP/wMEA48OEAMEAJ6MwwMEAJ6MxgMEAJ6MyQME
AJ6MzAMEAZ6MzgMEAZ6M1AMEAJ6M1zAMAwQDoo0YAwQCoo0gAwQCoo0oAwQDoo04
AwQCoo1IAwQDoo2QAwQDoo2oAwQDoo24MAwDBASnlBADBAKnlBgwDAMEBKeUMAME
AqeUOAMEAqeUQAMEAqeUTAMEA6eUWAMEAqeUbAMEAqeUeAMEActk0AMEAMtk0wME
AcugcAMEAMugczAMAwQAy6B3AwQAy6B6AwQAy6B8MA0GCSqGSIb3DQEBCwUAA4IB
AQCjb5oUmyFjRn+Zp0xVVFHNR7sPceFJgewqXkb7mCaMLi7uHNHepHihQZHAYwmK
aEje+tGa8D8V5RWpeMuB4bCuzbFjI4hGlFAlBSVuFL8ntCtHZ2ki9Dguz0uM5VFf
sOxZ9zAlVD6ATGF45E6Nr0aWtMrLlZ/5lhBsuu/YiJajE9g3FzR2MTBy4XSQHBcY
OYtnmfLbVDeBK3Y9xg5VpV59TpyqO0/3hLNuMxV+oG4LB8yUZea1GuGENWPkWGoe
o8wE1ivfOymTPIWrousBnyaCdCkKDEHXeM0iVKnqo0jM4E3zFU0gh7gVFWLRD+DJ
EicTy7R6yC1qN3aTMdDJiY4k
-----END CERTIFICATE-----
Generated at Sat Sep 6 23:51:04 2025 by rpki-client