Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS197904.roa
File: AS197904.roa (raw, json)
Hash identifier: P+QCAQ/P9bVz5ij+zOEUagVRPnSO7mAuAZ52HHtQEjs=
Subject key identifier: 88:ED:9D:50:2B:AD:3D:44:FE:FC:BD:C8:23:64:1C:27:B9:49:D3:C8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5F6AA56D39D2581D4D4D322C67757253B9F6E265
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS197904.roa
Signing time: Mon 11 May 2026 17:32:48 +0000
ROA not before: Mon 11 May 2026 17:27:48 +0000
ROA not after: Mon 10 May 2027 17:32:48 +0000
asID: 197904
IP address blocks: 148.135.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:6a:a5:6d:39:d2:58:1d:4d:4d:32:2c:67:75:72:53:b9:f6:e2:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 11 17:27:48 2026 GMT
Not After : May 10 17:32:48 2027 GMT
Subject: CN=88ED9D502BAD3D44FEFCBDC823641C27B949D3C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bc:86:63:e8:e1:02:ce:14:b8:51:76:14:b2:
8b:d7:4b:e7:59:a8:b6:45:99:6b:a4:96:e1:4e:6e:
a1:e6:e5:a1:b3:cd:55:57:e7:9a:bd:1f:c2:29:bf:
12:45:e9:88:bf:e3:10:58:df:a5:a4:51:8c:a1:e2:
5d:6e:ed:9b:3e:7d:8f:40:0d:b9:41:1a:fc:0a:b7:
06:64:0a:91:15:fe:8e:83:1b:21:c9:17:88:7f:b4:
c7:7a:38:0b:fd:a2:7a:1c:ae:7a:55:9e:30:09:08:
a2:bf:94:a3:1d:72:36:3a:0e:0b:dc:3c:26:b0:76:
bc:9a:b4:ff:2e:cf:db:e4:9e:af:03:da:00:29:16:
ba:3d:21:17:2f:ab:3a:2a:c7:6f:6d:58:f0:f1:69:
51:73:b3:a2:e8:21:97:e8:53:c1:7c:e7:08:51:f7:
36:52:23:9e:af:95:cb:f4:d3:af:ec:5a:7e:2e:b2:
84:21:44:05:31:3c:7d:9b:2f:cd:0d:b4:cb:4f:05:
8e:42:fe:10:8e:8f:c5:06:cf:17:0f:0a:55:34:7b:
52:51:7e:29:09:73:5d:f9:86:e2:79:cb:24:02:8d:
c7:81:94:0f:3b:37:ca:75:5f:cb:b1:92:5d:e4:c7:
21:16:f8:dc:e1:78:f2:99:69:09:25:05:49:3b:a8:
e9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:ED:9D:50:2B:AD:3D:44:FE:FC:BD:C8:23:64:1C:27:B9:49:D3:C8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS197904.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.183.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:75:23:bf:5e:fe:c4:bc:10:8d:c1:44:60:67:08:f7:57:7b:
37:e3:2c:12:73:5a:6a:8d:12:e6:c5:5a:89:28:ab:e0:e9:30:
68:eb:b2:6c:67:d3:ee:ce:ea:46:ff:bc:ff:c5:34:23:95:a4:
a8:8d:85:1f:22:fe:0a:ff:2b:04:fe:69:67:d6:3b:af:60:58:
14:81:3d:cc:1f:4c:cb:5a:52:73:ac:37:1c:f4:91:91:bd:14:
28:e7:c1:b1:dc:5a:c8:1a:b5:86:53:68:5c:10:8e:74:16:4e:
4e:b3:9c:63:7c:f7:22:d2:d7:e9:31:c7:e4:0d:b6:bd:4c:67:
c0:d5:79:2b:13:a9:cd:ce:6d:c5:ad:17:e9:07:bb:bf:43:68:
2d:ef:13:db:37:35:9d:7c:7b:d0:2f:f4:69:db:96:f0:43:0c:
d6:9f:f1:97:a9:df:23:d6:91:bd:06:d1:43:24:79:62:ae:24:
9e:e8:e6:16:1f:21:18:7d:27:69:79:86:d4:4d:00:2b:cb:00:
6e:a0:ed:5b:80:09:75:29:da:5c:4e:a5:07:57:0d:3f:4b:b3:
37:59:5e:bd:c4:de:30:cb:4f:b6:86:b2:c3:61:12:b6:c6:c7:
42:5e:95:5f:5e:94:a1:cd:54:b6:44:bd:5a:01:cf:23:ea:23:
e8:e3:e1:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUX2qlbTnSWB1NTTIsZ3VyU7n24mUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MTExNzI3NDhaFw0yNzA1MTAxNzMyNDhaMDMxMTAvBgNV
BAMTKDg4RUQ5RDUwMkJBRDNENDRGRUZDQkRDODIzNjQxQzI3Qjk0OUQzQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+vIZj6OECzhS4UXYUsovXS+dZ
qLZFmWukluFObqHm5aGzzVVX55q9H8IpvxJF6Yi/4xBY36WkUYyh4l1u7Zs+fY9A
DblBGvwKtwZkCpEV/o6DGyHJF4h/tMd6OAv9onocrnpVnjAJCKK/lKMdcjY6Dgvc
PCawdryatP8uz9vknq8D2gApFro9IRcvqzoqx29tWPDxaVFzs6LoIZfoU8F85whR
9zZSI56vlcv006/sWn4usoQhRAUxPH2bL80NtMtPBY5C/hCOj8UGzxcPClU0e1JR
fikJc135huJ5yyQCjceBlA87N8p1X8uxkl3kxyEW+NzhePKZaQklBUk7qOk1AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUiO2dUCutPUT+/L3II2QcJ7lJ08gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTk3OTA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlIe3
MA0GCSqGSIb3DQEBCwUAA4IBAQCgdSO/Xv7EvBCNwURgZwj3V3s34ywSc1pqjRLm
xVqJKKvg6TBo67JsZ9PuzupG/7z/xTQjlaSojYUfIv4K/ysE/mln1juvYFgUgT3M
H0zLWlJzrDcc9JGRvRQo58Gx3FrIGrWGU2hcEI50Fk5Os5xjfPci0tfpMcfkDba9
TGfA1XkrE6nNzm3FrRfpB7u/Q2gt7xPbNzWdfHvQL/Rp25bwQwzWn/GXqd8j1pG9
BtFDJHliriSe6OYWHyEYfSdpeYbUTQArywBuoO1bgAl1KdpcTqUHVw0/S7M3WV69
xN4wy0+2hrLDYRK2xsdCXpVfXpShzVS2RL1aAc8j6iPo4+F7
-----END CERTIFICATE-----
Generated at Wed May 13 14:29:44 2026 by rpki-client