Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1257.roa
File: AS1257.roa (raw, json)
Hash identifier: SNnXTFzJl8TIP/J5Md4ckCWqpI5rIqU4DSKUx7p94wk=
Subject key identifier: 03:FF:0D:03:A2:E1:97:16:3B:67:B3:B0:2D:72:1C:F1:54:C1:01:2C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 42E0D9C2440E114C17AC8AF45DB3E4D5D4A9DFC3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1257.roa
Signing time: Wed 03 Jun 2026 14:47:26 +0000
ROA not before: Wed 03 Jun 2026 14:42:26 +0000
ROA not after: Wed 02 Jun 2027 14:47:26 +0000
asID: 1257
IP address blocks: 96.62.194.0/24 maxlen: 24
96.62.195.0/24 maxlen: 24
96.62.253.0/24 maxlen: 24
150.241.196.0/24 maxlen: 24
150.241.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:e0:d9:c2:44:0e:11:4c:17:ac:8a:f4:5d:b3:e4:d5:d4:a9:df:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 3 14:42:26 2026 GMT
Not After : Jun 2 14:47:26 2027 GMT
Subject: CN=03FF0D03A2E197163B67B3B02D721CF154C1012C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:77:f2:62:09:1d:ce:bd:a5:67:d6:ea:ac:ed:
2b:28:ac:bb:e8:7f:ef:a0:fe:08:b1:30:9c:39:9e:
0d:c2:d6:de:3d:44:02:bf:09:42:25:e3:a2:f2:73:
3b:19:cc:d2:ee:c4:b0:4d:84:d7:f8:6e:e1:68:68:
c3:12:cc:b2:43:bf:ea:30:5f:a2:37:8e:e7:15:41:
45:d4:a9:9b:5f:5f:2b:5b:66:4d:ee:28:90:b2:1c:
fd:b3:20:a7:2e:a8:0a:a9:ee:9c:89:72:86:56:fb:
f1:68:af:66:7a:e7:8c:ab:ac:6a:90:d9:e1:d9:41:
38:0d:b3:4a:26:0f:cd:48:de:ef:52:16:d8:32:0e:
e3:4b:10:a2:b7:5d:a1:02:ae:9c:29:02:a7:5a:b0:
8b:9d:dd:95:2d:00:f5:40:de:ec:e7:2e:ad:0d:f2:
f4:b9:63:9a:66:41:9a:cb:ef:a3:35:3a:82:49:1c:
f5:36:60:27:27:af:a7:76:d5:05:f8:3a:ae:c1:85:
9c:18:ee:fb:be:b3:2e:d3:d1:6a:11:7a:36:16:d8:
02:4c:3a:c2:24:9e:fe:33:e7:58:f2:49:76:6a:2c:
e8:d0:a1:4c:7f:1a:e5:5a:0c:9e:66:26:2d:27:da:
14:ee:5f:2b:ef:9e:f4:84:6a:fc:3e:81:55:18:55:
c0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FF:0D:03:A2:E1:97:16:3B:67:B3:B0:2D:72:1C:F1:54:C1:01:2C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.194.0/23
96.62.253.0/24
150.241.196.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:ee:95:97:6e:69:44:35:09:69:60:c6:db:9c:31:96:be:e6:
37:70:cb:62:9b:b1:b9:3a:9c:e2:16:e7:bd:a2:36:33:ad:42:
e1:6f:e1:8d:71:fb:8e:69:15:a3:dd:74:fe:80:4b:8c:ac:77:
be:e0:26:87:fe:53:44:66:f2:32:c9:2a:42:90:0e:52:20:07:
19:67:7c:26:1e:00:76:bb:c3:10:ed:ef:ff:85:42:92:cb:8b:
9a:6b:f2:49:03:f3:c5:01:86:e8:be:c7:54:4b:7f:77:8c:31:
53:d7:8a:86:a4:f9:b8:fd:88:69:b9:22:f8:1a:5e:ec:4e:03:
bf:a0:c1:c7:5a:77:9f:22:4d:af:b7:d2:8d:7e:6a:46:74:7a:
9b:bb:7c:d1:71:3d:ac:d4:d8:07:b0:05:9f:6e:d1:eb:fe:da:
27:fb:80:b2:98:72:86:b0:be:f2:2d:4f:93:48:4d:cb:e9:6c:
0a:f7:2b:fb:f1:94:55:40:6e:e0:f1:4a:3e:2b:3a:ce:8a:e3:
6e:85:04:b7:46:16:f8:a7:91:eb:aa:b2:49:c1:01:4f:67:ae:
16:15:fd:a4:2c:e2:58:55:9b:83:60:07:b7:56:f6:1a:19:ef:
13:a4:75:92:43:9a:bd:f9:41:24:3f:d8:45:2a:b0:d9:f1:45:
f8:3d:a6:c1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUQuDZwkQOEUwXrIr0XbPk1dSp38MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDMxNDQyMjZaFw0yNzA2MDIxNDQ3MjZaMDMxMTAvBgNV
BAMTKDAzRkYwRDAzQTJFMTk3MTYzQjY3QjNCMDJENzIxQ0YxNTRDMTAxMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkd/JiCR3OvaVn1uqs7SsorLvo
f++g/gixMJw5ng3C1t49RAK/CUIl46LyczsZzNLuxLBNhNf4buFoaMMSzLJDv+ow
X6I3jucVQUXUqZtfXytbZk3uKJCyHP2zIKcuqAqp7pyJcoZW+/For2Z654yrrGqQ
2eHZQTgNs0omD81I3u9SFtgyDuNLEKK3XaECrpwpAqdasIud3ZUtAPVA3uznLq0N
8vS5Y5pmQZrL76M1OoJJHPU2YCcnr6d21QX4Oq7BhZwY7vu+sy7T0WoRejYW2AJM
OsIknv4z51jySXZqLOjQoUx/GuVaDJ5mJi0n2hTuXyvvnvSEavw+gVUYVcD5AgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQUA/8NA6LhlxY7Z7OwLXIc8VTBASwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAWA+wgME
AGA+/QMEAZbxxDANBgkqhkiG9w0BAQsFAAOCAQEApu6Vl25pRDUJaWDG25wxlr7m
N3DLYpuxuTqc4hbnvaI2M61C4W/hjXH7jmkVo910/oBLjKx3vuAmh/5TRGbyMskq
QpAOUiAHGWd8Jh4AdrvDEO3v/4VCksuLmmvySQPzxQGG6L7HVEt/d4wxU9eKhqT5
uP2Iabki+Bpe7E4Dv6DBx1p3nyJNr7fSjX5qRnR6m7t80XE9rNTYB7AFn27R6/7a
J/uAsphyhrC+8i1Pk0hNy+lsCvcr+/GUVUBu4PFKPis6zorjboUEt0YW+KeR66qy
ScEBT2euFhX9pCziWFWbg2AHt1b2GhnvE6R1kkOavflBJD/YRSqw2fFF+D2mwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:17:09 2026 by rpki-client