Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153169.roa
File: AS153169.roa (raw, json)
Hash identifier: MTakQiGbu2ZWO5eHIrsFE76GWGFP+c/X8EE2hTcU0WA=
Subject key identifier: F4:18:48:43:8E:0A:85:32:8C:EC:19:E1:93:7D:85:B5:AA:AC:34:8F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 71A6BDA6E91833E132B41F5B06DC1D1BEE49D14E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153169.roa
Signing time: Fri 22 May 2026 08:21:52 +0000
ROA not before: Fri 22 May 2026 08:16:52 +0000
ROA not after: Fri 21 May 2027 08:21:52 +0000
asID: 153169
IP address blocks: 143.14.33.0/24 maxlen: 24
155.117.105.0/24 maxlen: 24
167.148.85.0/24 maxlen: 24
168.222.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:a6:bd:a6:e9:18:33:e1:32:b4:1f:5b:06:dc:1d:1b:ee:49:d1:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 22 08:16:52 2026 GMT
Not After : May 21 08:21:52 2027 GMT
Subject: CN=F41848438E0A85328CEC19E1937D85B5AAAC348F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:08:38:e7:c1:96:99:eb:91:d3:4d:43:f1:1d:
2e:26:3e:e0:4d:ba:a5:4b:dc:33:87:6b:b0:69:83:
a1:3e:97:0f:06:93:c9:70:c7:c1:92:26:88:95:58:
f5:c4:2e:71:96:c7:68:73:3f:76:e2:4e:35:40:2f:
d9:e3:94:1b:eb:7d:0b:1a:d7:a4:1f:39:87:8f:37:
c5:88:39:77:0e:f5:ec:0f:0d:76:ab:e2:67:f5:22:
30:e3:94:58:98:6c:1b:eb:f3:ee:f2:36:34:be:aa:
be:7d:7a:ae:f2:45:8f:de:d2:7a:2b:ae:d2:98:e5:
ae:2a:17:f9:b3:3a:e3:ab:20:bb:c8:ff:2b:27:b1:
75:b6:88:72:cb:73:b4:8c:46:11:23:f0:2b:4e:cc:
c7:98:43:17:3d:8f:0e:13:b7:3f:29:47:69:86:aa:
d4:cd:c2:4b:43:d0:69:d8:cb:6e:28:69:24:d5:a5:
10:fd:9b:20:1f:da:53:c6:2e:7b:40:0e:3a:30:71:
c3:e0:6f:33:d3:09:0d:72:60:b3:07:e2:58:82:c6:
57:f5:ec:c9:42:67:69:51:cb:70:9d:42:5d:a9:27:
46:d0:64:6d:9d:95:74:76:19:c2:5d:ad:17:e8:14:
0e:37:39:f9:a6:5f:9e:07:21:e4:3b:7b:4c:1f:8c:
5a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:18:48:43:8E:0A:85:32:8C:EC:19:E1:93:7D:85:B5:AA:AC:34:8F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153169.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.33.0/24
155.117.105.0/24
167.148.85.0/24
168.222.30.0/24
Signature Algorithm: sha256WithRSAEncryption
12:1b:5e:52:74:c0:d2:a0:f1:a5:b0:8b:01:ff:cd:4c:0c:c1:
fa:e1:5d:b1:9a:e1:7a:ec:77:62:a1:2d:e0:8a:23:92:66:fb:
19:6e:9e:b2:8d:16:2e:16:d8:63:3f:b6:2b:12:8d:e2:c6:3d:
48:89:9c:8b:df:c1:0c:ab:e5:12:66:06:eb:22:fb:2a:70:d6:
f1:db:a9:33:fb:cf:6b:eb:f2:a4:b2:c4:70:ff:83:34:27:1a:
7f:4d:bd:75:95:1d:a5:38:1c:93:15:09:5f:c8:fb:64:04:47:
9c:a2:f9:aa:3e:ef:50:de:0f:31:24:0b:48:f0:b8:5b:64:1f:
9d:e6:99:8d:e4:7d:15:94:9b:9a:be:bf:6d:62:3a:03:0f:8c:
02:a7:0e:93:6e:69:21:98:b4:73:dc:32:b8:aa:a6:36:0d:6a:
1f:81:d9:65:b8:a4:72:12:54:b7:5d:96:e5:48:a7:33:5c:4c:
55:f7:05:64:b1:b7:86:c2:9b:08:9e:a3:21:b6:6e:41:11:ad:
dc:09:79:36:e7:53:f8:eb:b5:de:f4:21:b9:b5:19:81:43:41:
10:3a:13:80:3a:87:16:45:d0:4f:31:6c:41:1a:f6:98:40:92:
15:5f:d2:6f:76:32:de:a5:91:cc:f9:65:86:f8:6e:8f:a1:1e:
47:9e:27:d2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUcaa9pukYM+EytB9bBtwdG+5J0U4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MjIwODE2NTJaFw0yNzA1MjEwODIxNTJaMDMxMTAvBgNV
BAMTKEY0MTg0ODQzOEUwQTg1MzI4Q0VDMTlFMTkzN0Q4NUI1QUFBQzM0OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6CDjnwZaZ65HTTUPxHS4mPuBN
uqVL3DOHa7Bpg6E+lw8Gk8lwx8GSJoiVWPXELnGWx2hzP3biTjVAL9njlBvrfQsa
16QfOYePN8WIOXcO9ewPDXar4mf1IjDjlFiYbBvr8+7yNjS+qr59eq7yRY/e0nor
rtKY5a4qF/mzOuOrILvI/ysnsXW2iHLLc7SMRhEj8CtOzMeYQxc9jw4Ttz8pR2mG
qtTNwktD0GnYy24oaSTVpRD9myAf2lPGLntADjowccPgbzPTCQ1yYLMH4liCxlf1
7MlCZ2lRy3CdQl2pJ0bQZG2dlXR2GcJdrRfoFA43OfmmX54HIeQ7e0wfjFo1AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU9BhIQ44KhTKM7Bnhk32FtaqsNI8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUzMTY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw4h
AwQAm3VpAwQAp5RVAwQAqN4eMA0GCSqGSIb3DQEBCwUAA4IBAQASG15SdMDSoPGl
sIsB/81MDMH64V2xmuF67HdioS3giiOSZvsZbp6yjRYuFthjP7YrEo3ixj1IiZyL
38EMq+USZgbrIvsqcNbx26kz+89r6/KkssRw/4M0Jxp/Tb11lR2lOByTFQlfyPtk
BEecovmqPu9Q3g8xJAtI8LhbZB+d5pmN5H0VlJuavr9tYjoDD4wCpw6TbmkhmLRz
3DK4qqY2DWofgdlluKRyElS3XZblSKczXExV9wVksbeGwpsInqMhtm5BEa3cCXk2
51P467Xe9CG5tRmBQ0EQOhOAOocWRdBPMWxBGvaYQJIVX9JvdjLepZHM+WWG+G6P
oR5HnifS
-----END CERTIFICATE-----
Generated at Fri May 22 14:18:41 2026 by rpki-client