Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153996.roa
File: AS153996.roa (raw, json)
Hash identifier: s8QFXA5aDCRbPp9rQBWTn133hA1Tqfdv2xIb2MkdbQ0=
Subject key identifier: 0B:BA:E9:34:5B:7D:CE:5C:42:50:05:DD:4C:F4:6D:01:54:15:BC:BF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2417EBD734F88007F0D13A20ED5B0A1785F7FECC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153996.roa
Signing time: Sat 16 May 2026 13:30:54 +0000
ROA not before: Sat 16 May 2026 13:25:54 +0000
ROA not after: Sat 15 May 2027 13:30:54 +0000
asID: 153996
IP address blocks: 143.14.9.0/24 maxlen: 24
143.14.11.0/24 maxlen: 24
143.14.16.0/24 maxlen: 24
143.14.200.0/24 maxlen: 24
143.14.208.0/23 maxlen: 24
162.141.142.0/24 maxlen: 24
168.222.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:17:eb:d7:34:f8:80:07:f0:d1:3a:20:ed:5b:0a:17:85:f7:fe:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 16 13:25:54 2026 GMT
Not After : May 15 13:30:54 2027 GMT
Subject: CN=0BBAE9345B7DCE5C425005DD4CF46D015415BCBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:61:a0:14:8e:31:24:49:8e:40:4e:98:3f:06:
1b:00:21:51:cf:f7:9d:e7:ac:5f:20:88:03:b1:ad:
f1:16:2d:32:61:bd:08:4d:a2:59:15:35:be:41:25:
b9:96:9c:cb:92:dd:7a:a5:2c:00:1e:9c:d9:9b:65:
c0:14:e7:76:10:4a:f0:10:9b:53:bb:17:cd:b3:99:
15:12:29:39:ca:d4:9d:94:77:23:fd:da:c2:4a:1e:
c7:4f:42:40:5a:64:dd:01:97:6c:ec:8b:d5:bc:70:
1f:96:64:1d:55:d0:f9:f0:7a:98:44:f7:19:f9:9c:
34:6e:d9:80:71:a5:0a:d2:ac:92:5a:43:80:9e:78:
0d:9e:9c:05:2f:d9:7d:80:91:50:29:5d:c2:0f:ed:
ab:fe:f4:a6:cf:2e:65:37:74:73:01:12:22:1b:88:
a5:cd:e2:51:ce:53:19:7e:de:ee:b2:9f:eb:96:98:
36:5e:0a:8b:19:20:b6:be:3c:41:4b:47:d6:fc:f7:
5e:b1:a1:46:f8:91:c0:9e:f9:57:ee:d3:d0:21:af:
73:99:a6:15:14:3f:06:99:f4:92:3a:c8:15:b6:c0:
83:cb:68:0e:14:f0:b6:e3:22:8a:4c:ce:b1:c8:e7:
ca:2a:59:27:11:32:8e:55:d1:22:04:eb:77:0e:68:
d8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BA:E9:34:5B:7D:CE:5C:42:50:05:DD:4C:F4:6D:01:54:15:BC:BF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.9.0/24
143.14.11.0/24
143.14.16.0/24
143.14.200.0/24
143.14.208.0/23
162.141.142.0/24
168.222.8.0/24
Signature Algorithm: sha256WithRSAEncryption
40:5f:98:6b:76:b4:ad:4f:bd:13:f4:82:8a:74:9b:4d:f1:b7:
7c:6c:a4:fe:c0:2f:67:68:6b:20:3d:13:ae:a7:a5:47:67:e7:
99:2a:72:31:12:9b:d7:4a:86:db:34:ae:32:8f:e6:1a:93:2a:
9b:a9:d6:7a:ec:43:46:3a:da:f6:7f:64:77:24:d3:2d:2c:52:
2c:b5:02:4b:9f:d7:53:e1:f7:ce:c9:b2:5e:84:31:1e:55:2d:
d1:49:cd:a4:d4:8c:b9:ab:97:80:03:5a:ad:13:70:ad:18:92:
c4:97:77:17:8e:8a:91:f2:0e:f3:eb:70:ff:00:fb:a9:00:f5:
b2:9d:9e:50:d7:9d:54:58:e8:42:48:64:2b:e5:27:bf:a9:62:
85:56:84:2e:fd:5b:c2:45:09:76:7c:d4:3d:e2:0f:5a:df:46:
b4:a5:5a:24:40:20:1b:43:29:f9:47:73:06:7a:af:0e:22:a2:
2c:91:fd:71:80:67:5c:94:32:93:5b:39:55:04:34:13:dd:b7:
65:ed:2c:eb:80:2b:a6:5c:aa:07:b3:c3:77:dd:6a:4a:3b:eb:
c5:d0:fe:e2:68:61:b6:fc:a2:e9:20:8e:11:08:76:6a:79:3f:
57:f6:f8:d8:4c:36:a9:af:0b:52:7c:f0:86:da:48:d7:56:a5:
28:cc:84:47
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUJBfr1zT4gAfw0Tog7VsKF4X3/swwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MTYxMzI1NTRaFw0yNzA1MTUxMzMwNTRaMDMxMTAvBgNV
BAMTKDBCQkFFOTM0NUI3RENFNUM0MjUwMDVERDRDRjQ2RDAxNTQxNUJDQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwYaAUjjEkSY5ATpg/BhsAIVHP
953nrF8giAOxrfEWLTJhvQhNolkVNb5BJbmWnMuS3XqlLAAenNmbZcAU53YQSvAQ
m1O7F82zmRUSKTnK1J2UdyP92sJKHsdPQkBaZN0Bl2zsi9W8cB+WZB1V0PnwephE
9xn5nDRu2YBxpQrSrJJaQ4CeeA2enAUv2X2AkVApXcIP7av+9KbPLmU3dHMBEiIb
iKXN4lHOUxl+3u6yn+uWmDZeCosZILa+PEFLR9b8916xoUb4kcCe+Vfu09Ahr3OZ
phUUPwaZ9JI6yBW2wIPLaA4U8LbjIopMzrHI58oqWScRMo5V0SIE63cOaNhjAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUC7rpNFt9zlxCUAXdTPRtAVQVvL8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUzOTk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAjw4J
AwQAjw4LAwQAjw4QAwQAjw7IAwQBjw7QAwQAoo2OAwQAqN4IMA0GCSqGSIb3DQEB
CwUAA4IBAQBAX5hrdrStT70T9IKKdJtN8bd8bKT+wC9naGsgPROup6VHZ+eZKnIx
EpvXSobbNK4yj+YakyqbqdZ67ENGOtr2f2R3JNMtLFIstQJLn9dT4ffOybJehDEe
VS3RSc2k1Iy5q5eAA1qtE3CtGJLEl3cXjoqR8g7z63D/APupAPWynZ5Q151UWOhC
SGQr5Se/qWKFVoQu/VvCRQl2fNQ94g9a30a0pVokQCAbQyn5R3MGeq8OIqIskf1x
gGdclDKTWzlVBDQT3bdl7SzrgCumXKoHs8N33WpKO+vF0P7iaGG2/KLpII4RCHZq
eT9X9vjYTDaprwtSfPCG2kjXVqUozIRH
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:25:52 2026 by rpki-client