Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153671.roa
File: AS153671.roa (raw, json)
Hash identifier: veZM1UvFu0CvZvRbO5jNlscGCjt5xwXqje9VWXeLswU=
Subject key identifier: E3:BC:AE:77:30:F8:B1:F4:43:4F:4E:5B:AF:A6:BB:9A:64:91:27:05
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6200B9909EFEC26020DBD0FCC70B593392821833
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153671.roa
Signing time: Tue 21 Apr 2026 06:42:41 +0000
ROA not before: Tue 21 Apr 2026 06:37:41 +0000
ROA not after: Tue 20 Apr 2027 06:42:41 +0000
asID: 153671
IP address blocks: 143.14.47.0/24 maxlen: 24
148.135.194.0/24 maxlen: 24
155.117.23.0/24 maxlen: 24
162.141.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:00:b9:90:9e:fe:c2:60:20:db:d0:fc:c7:0b:59:33:92:82:18:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 21 06:37:41 2026 GMT
Not After : Apr 20 06:42:41 2027 GMT
Subject: CN=E3BCAE7730F8B1F4434F4E5BAFA6BB9A64912705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:78:c4:4d:86:1b:39:b3:14:7a:9f:b6:59:72:
e5:c9:4d:93:d7:a0:ab:ff:22:d0:dd:87:2c:3b:07:
db:74:8b:fd:dc:6b:6f:87:ab:18:00:c4:f6:69:4b:
09:65:3d:4f:5b:8c:5e:b7:f3:23:f8:db:48:b0:15:
5c:a3:4a:b7:4d:a3:f4:84:24:cb:3a:36:b9:58:a3:
52:18:dd:80:71:ff:93:f9:d6:b3:40:4e:1a:a2:89:
58:f2:9f:20:97:29:46:95:c6:cc:16:3a:49:5d:88:
bb:60:cb:75:31:a3:a0:59:b9:9f:9b:ed:2c:23:97:
5c:f4:ef:c6:38:9a:cb:80:b9:ed:c2:ed:4b:5c:16:
33:8f:78:6e:50:fc:c4:1c:ef:38:03:86:b4:25:6c:
35:53:36:9b:df:c8:92:1e:c2:cc:68:fa:05:fb:ed:
dd:ca:1d:c6:32:83:61:12:64:f4:0c:6d:27:b5:a0:
fc:ea:b7:65:f7:7c:9d:56:4c:f9:6b:7f:cc:ea:7c:
81:d9:b4:e6:c2:94:32:36:f5:c7:0a:ec:96:98:bb:
09:43:49:90:ec:f6:00:d1:38:65:f2:23:96:40:63:
3a:39:0f:24:c1:96:fa:33:26:79:4f:52:b2:18:24:
ed:fb:d2:d9:0e:31:cc:90:e1:40:07:83:b2:00:1e:
7d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:BC:AE:77:30:F8:B1:F4:43:4F:4E:5B:AF:A6:BB:9A:64:91:27:05
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153671.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.47.0/24
148.135.194.0/24
155.117.23.0/24
162.141.1.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:b2:58:48:fb:3f:87:78:ba:f2:7b:50:c0:6c:9a:99:f0:78:
64:d2:3f:c9:7f:b5:05:00:91:7e:c3:ae:f0:68:50:10:c2:0c:
24:b5:9f:90:e7:aa:4c:4b:0c:79:16:25:5b:ba:9f:ec:20:06:
ad:21:24:4a:64:af:68:01:fe:f4:76:d8:5e:30:8a:1c:68:b2:
6b:b2:4a:ba:08:e5:8e:b2:59:97:02:95:ab:73:2d:e9:1e:6b:
97:54:32:92:96:c7:be:85:f9:da:14:06:83:45:59:09:96:5f:
1b:52:3a:7a:c5:9c:3b:a2:08:fd:ac:54:3d:62:38:f0:ac:10:
ed:29:33:0f:3a:ac:1f:30:40:0e:24:16:75:3d:b9:3a:52:ca:
49:b6:b7:48:02:02:1c:81:03:80:ed:55:2c:1f:7d:8a:89:84:
8a:24:c2:2b:c8:ff:07:36:32:96:01:0d:85:c7:77:1b:1f:f3:
af:03:97:73:18:a0:fe:ff:3b:81:b4:99:df:68:54:96:36:7e:
c5:8a:d9:b1:f2:2d:80:75:e6:69:67:bc:98:a3:6a:74:ee:83:
32:b8:7f:34:09:13:ce:c0:a0:f4:ba:72:be:dc:0f:bb:fd:ee:
84:05:95:da:f9:3a:92:0c:2b:3f:39:0e:fb:8d:ce:75:13:d4:
a0:a9:b6:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUYgC5kJ7+wmAg29D8xwtZM5KCGDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjEwNjM3NDFaFw0yNzA0MjAwNjQyNDFaMDMxMTAvBgNV
BAMTKEUzQkNBRTc3MzBGOEIxRjQ0MzRGNEU1QkFGQTZCQjlBNjQ5MTI3MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCceMRNhhs5sxR6n7ZZcuXJTZPX
oKv/ItDdhyw7B9t0i/3ca2+HqxgAxPZpSwllPU9bjF638yP420iwFVyjSrdNo/SE
JMs6NrlYo1IY3YBx/5P51rNAThqiiVjynyCXKUaVxswWOkldiLtgy3Uxo6BZuZ+b
7Swjl1z078Y4msuAue3C7UtcFjOPeG5Q/MQc7zgDhrQlbDVTNpvfyJIewsxo+gX7
7d3KHcYyg2ESZPQMbSe1oPzqt2X3fJ1WTPlrf8zqfIHZtObClDI29ccK7JaYuwlD
SZDs9gDROGXyI5ZAYzo5DyTBlvozJnlPUrIYJO370tkOMcyQ4UAHg7IAHn3DAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU47yudzD4sfRDT05br6a7mmSRJwUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUzNjcxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw4v
AwQAlIfCAwQAm3UXAwQAoo0BMA0GCSqGSIb3DQEBCwUAA4IBAQCNslhI+z+HeLry
e1DAbJqZ8Hhk0j/Jf7UFAJF+w67waFAQwgwktZ+Q56pMSwx5FiVbup/sIAatISRK
ZK9oAf70dtheMIocaLJrskq6COWOslmXApWrcy3pHmuXVDKSlse+hfnaFAaDRVkJ
ll8bUjp6xZw7ogj9rFQ9YjjwrBDtKTMPOqwfMEAOJBZ1Pbk6UspJtrdIAgIcgQOA
7VUsH32KiYSKJMIryP8HNjKWAQ2Fx3cbH/OvA5dzGKD+/zuBtJnfaFSWNn7Fitmx
8i2AdeZpZ7yYo2p07oMyuH80CRPOwKD0unK+3A+7/e6EBZXa+TqSDCs/OQ77jc51
E9Sgqbay
-----END CERTIFICATE-----
Generated at Mon Apr 27 11:15:54 2026 by rpki-client