
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153169.roa
File: AS153169.roa (raw, json)
Hash identifier: yY0sgvZk8S6KnuZEiNcgKJgIqnKTP4EktVtvSiBH1qU=
Subject key identifier: 4E:92:0A:12:42:33:3B:A8:C4:1E:CD:EA:07:F9:2A:85:BB:46:19:CB
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 44D612C429436F6B47A4C2222F217096209DCE69
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153169.roa
Signing time: Mon 22 Jun 2026 08:15:09 +0000
ROA not before: Mon 22 Jun 2026 08:10:09 +0000
ROA not after: Mon 21 Jun 2027 08:15:09 +0000
asID: 153169
IP address blocks: 167.148.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 Jul 2026 13:46:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:d6:12:c4:29:43:6f:6b:47:a4:c2:22:2f:21:70:96:20:9d:ce:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 22 08:10:09 2026 GMT
Not After : Jun 21 08:15:09 2027 GMT
Subject: CN=4E920A1242333BA8C41ECDEA07F92A85BB4619CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e3:4a:00:0f:68:ef:3e:82:dd:35:5f:0c:47:
15:5c:e5:16:37:5e:40:a6:5c:6d:98:7c:dd:6e:9d:
25:aa:c5:9e:9e:9a:6c:be:55:60:8f:54:4c:46:3e:
f3:df:d0:31:f3:39:7c:c9:30:46:58:3c:86:ac:4a:
e7:e5:5f:14:d6:36:1a:ae:5c:b3:bc:4a:df:22:16:
f9:e1:67:2e:92:a9:1b:20:28:d0:41:80:97:3b:71:
a9:b1:36:66:7d:c2:9e:76:2d:bb:2c:43:06:88:fa:
85:2d:1e:5d:34:9e:2c:da:27:19:8a:39:0f:c2:ed:
01:02:98:55:f3:f5:f2:39:be:50:b3:1e:4c:35:f6:
5f:8c:21:96:d5:8e:90:7c:a8:8a:a0:51:d6:e1:2b:
09:c6:ba:b2:9b:c6:2d:a0:98:56:12:ce:a9:5a:30:
19:e0:c5:78:56:e0:dd:bb:0c:8a:1c:f7:d8:71:9f:
66:5f:07:4b:73:64:b3:e0:d2:6b:9f:11:68:bb:43:
1c:46:80:a5:1c:67:16:bb:74:13:d0:7f:9d:ee:2c:
ec:e4:7a:41:c3:37:1c:d8:d4:b2:b8:d3:95:cd:3e:
c4:db:fa:cd:06:b0:ad:e2:9f:7b:50:47:28:f5:2d:
98:09:b8:72:97:bc:ad:bd:48:b1:25:d1:c2:b1:31:
c2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:92:0A:12:42:33:3B:A8:C4:1E:CD:EA:07:F9:2A:85:BB:46:19:CB
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153169.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.148.85.0/24
Signature Algorithm: sha256WithRSAEncryption
77:8c:cb:07:25:f4:fe:b0:ed:4f:e1:8b:46:26:22:e3:25:48:
e2:6e:07:14:c6:f7:e8:0c:af:ca:10:bf:27:09:17:6c:09:d4:
fc:8e:4a:06:e8:51:79:7b:07:94:7a:6f:49:25:e0:1e:8c:be:
bb:a3:93:93:58:29:87:67:25:ce:d6:ba:43:ba:82:fb:db:a9:
dd:70:d5:7d:91:bb:42:12:46:58:07:35:75:8b:a2:bf:47:21:
3d:19:dd:dc:48:95:66:75:a2:3a:1d:a1:3c:1a:da:a7:83:32:
b4:e6:32:63:94:04:d5:e6:47:79:36:f6:32:e1:4d:70:d1:04:
ea:98:e1:0c:ef:7c:cc:7e:f8:e3:14:db:0d:62:4f:65:f5:6a:
94:2b:b1:3d:2b:c3:0c:6b:4c:f0:7c:0e:32:34:0e:c3:51:a2:
8d:78:1f:f5:3b:c7:80:d9:62:37:fb:f6:74:32:cf:0c:6d:00:
4b:ec:4b:73:8e:2a:fb:a7:45:60:ce:73:43:63:a9:7b:a0:eb:
a3:cc:67:7b:e9:9b:44:ab:4c:44:85:f1:fb:09:3e:5e:c4:ac:
d9:ca:db:83:2c:e0:73:68:ad:1b:1a:ec:58:d3:e6:39:1d:0c:
c4:ab:2f:f6:69:a1:fc:ec:e7:56:a4:94:0c:50:47:73:b7:25:
d3:34:9c:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIURNYSxClDb2tHpMIiLyFwliCdzmkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MjIwODEwMDlaFw0yNzA2MjEwODE1MDlaMDMxMTAvBgNV
BAMTKDRFOTIwQTEyNDIzMzNCQThDNDFFQ0RFQTA3RjkyQTg1QkI0NjE5Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe40oAD2jvPoLdNV8MRxVc5RY3
XkCmXG2YfN1unSWqxZ6emmy+VWCPVExGPvPf0DHzOXzJMEZYPIasSuflXxTWNhqu
XLO8St8iFvnhZy6SqRsgKNBBgJc7camxNmZ9wp52LbssQwaI+oUtHl00nizaJxmK
OQ/C7QECmFXz9fI5vlCzHkw19l+MIZbVjpB8qIqgUdbhKwnGurKbxi2gmFYSzqla
MBngxXhW4N27DIoc99hxn2ZfB0tzZLPg0mufEWi7QxxGgKUcZxa7dBPQf53uLOzk
ekHDNxzY1LK405XNPsTb+s0GsK3in3tQRyj1LZgJuHKXvK29SLEl0cKxMcJrAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUTpIKEkIzO6jEHs3qB/kqhbtGGcswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUzMTY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAp5RV
MA0GCSqGSIb3DQEBCwUAA4IBAQB3jMsHJfT+sO1P4YtGJiLjJUjibgcUxvfoDK/K
EL8nCRdsCdT8jkoG6FF5eweUem9JJeAejL67o5OTWCmHZyXO1rpDuoL726ndcNV9
kbtCEkZYBzV1i6K/RyE9Gd3cSJVmdaI6HaE8GtqngzK05jJjlATV5kd5NvYy4U1w
0QTqmOEM73zMfvjjFNsNYk9l9WqUK7E9K8MMa0zwfA4yNA7DUaKNeB/1O8eA2WI3
+/Z0Ms8MbQBL7Etzjir7p0VgznNDY6l7oOujzGd76ZtEq0xEhfH7CT5exKzZytuD
LOBzaK0bGuxY0+Y5HQzEqy/2aaH87OdWpJQMUEdztyXTNJwI
-----END CERTIFICATE-----
Generated at Fri Jul 10 23:52:50 2026 by rpki-client