Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: 3IujEeO0q31j0DK0zlQ1gSaWs03VDB5VBXFl0olcerw=
Subject key identifier: B8:1C:83:6D:BC:45:AE:24:E3:33:59:EE:AF:7B:20:28:79:82:33:D5
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 485458C73D3F841ED0B9FC8B8992E3B3AD107286
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
Signing time: Tue 02 Sep 2025 11:02:14 +0000
ROA not before: Tue 02 Sep 2025 10:57:14 +0000
ROA not after: Tue 01 Sep 2026 11:02:14 +0000
asID: 396356
IP address blocks: 145.223.40.0/24 maxlen: 24
146.103.46.0/24 maxlen: 24
150.241.135.0/24 maxlen: 24
155.117.180.0/22 maxlen: 22
155.117.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 11:24:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:54:58:c7:3d:3f:84:1e:d0:b9:fc:8b:89:92:e3:b3:ad:10:72:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 2 10:57:14 2025 GMT
Not After : Sep 1 11:02:14 2026 GMT
Subject: CN=B81C836DBC45AE24E33359EEAF7B2028798233D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:4a:3b:0e:94:6b:3f:e0:b2:80:f9:ac:02:73:
4f:c6:97:18:fe:3f:96:2d:39:cd:c5:32:65:33:d3:
96:d5:b3:cb:ff:57:e1:ed:ec:47:74:bf:30:49:e4:
ef:a8:f4:aa:a4:f9:8e:a6:19:86:ef:bd:2c:ee:d1:
30:01:ac:46:7b:fa:bb:df:04:96:bb:2a:bd:cc:34:
34:5a:32:87:10:a6:7c:fd:39:0f:e4:f7:b0:a3:a7:
2c:a6:1a:f1:1b:d3:25:d0:5a:88:79:f6:90:c6:93:
65:27:83:27:f8:42:f8:a3:75:67:d2:bf:0d:71:6b:
84:7e:75:92:af:b6:ee:ba:d5:1b:90:8a:46:d5:28:
c6:1f:9c:75:08:1e:b6:c0:55:60:1a:e1:03:36:70:
0d:47:f8:fa:f8:5f:49:64:fb:5e:a3:58:10:03:34:
24:60:b1:95:fb:a6:cc:85:5e:7e:8f:e6:7d:58:92:
4c:20:1c:3b:b6:33:ba:0b:a1:9d:a3:b8:bf:90:c0:
7b:9b:f8:2f:a9:26:39:5b:51:28:8c:f0:70:c9:20:
f3:af:57:96:da:75:a3:2d:26:e1:fa:a6:ea:a6:61:
d1:bd:6e:db:c1:86:2b:c4:67:f2:05:27:35:90:60:
30:66:2f:0e:f8:f5:99:81:88:0a:68:27:4f:bb:74:
0d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:1C:83:6D:BC:45:AE:24:E3:33:59:EE:AF:7B:20:28:79:82:33:D5
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.40.0/24
146.103.46.0/24
150.241.135.0/24
155.117.180.0/22
155.117.248.0/22
Signature Algorithm: sha256WithRSAEncryption
61:cc:91:0a:d1:14:81:5b:ab:2d:7a:58:c4:02:e2:fa:97:9a:
8e:fe:81:be:b4:5c:0d:84:dd:80:8a:e2:d6:7b:a3:11:c5:9c:
6e:18:fe:08:4e:1d:7d:2f:49:18:e9:9e:af:58:e0:a8:ac:b1:
9f:3d:89:92:fe:3c:23:2a:6a:02:84:07:68:da:9c:ef:2a:7b:
c1:09:9c:9b:1c:87:e5:48:ae:88:e9:93:1a:53:a6:11:57:36:
08:ff:31:4e:2a:9e:36:e3:25:77:e0:61:02:8d:c8:64:93:7c:
ac:62:d4:25:e6:03:dd:f6:c8:b2:f2:e5:17:96:a9:0b:72:3d:
2c:8d:89:52:ae:b9:ec:5e:d5:4a:cf:7a:ac:d2:2d:57:7c:88:
4c:cd:10:19:b4:94:c7:32:8c:8d:d3:22:00:02:4b:68:26:c3:
15:b4:14:64:53:97:b5:d3:5e:27:2a:d1:d2:df:28:64:2c:33:
9c:53:f9:ff:09:f0:c8:bc:cc:a2:bb:ca:a5:9d:3a:52:e1:59:
b7:83:b1:a6:04:48:4c:ac:8d:77:1f:e0:0e:d0:5b:5b:7b:6a:
76:f5:57:da:e2:20:db:00:9a:69:9f:6e:07:b1:55:05:fb:82:
6f:22:e0:6d:37:44:3b:6a:45:ba:9a:a2:a4:7c:da:f5:61:06:
ab:d5:bc:c3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUSFRYxz0/hB7QufyLiZLjs60QcoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MDIxMDU3MTRaFw0yNjA5MDExMTAyMTRaMDMxMTAvBgNV
BAMTKEI4MUM4MzZEQkM0NUFFMjRFMzMzNTlFRUFGN0IyMDI4Nzk4MjMzRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoSjsOlGs/4LKA+awCc0/Glxj+
P5YtOc3FMmUz05bVs8v/V+Ht7Ed0vzBJ5O+o9Kqk+Y6mGYbvvSzu0TABrEZ7+rvf
BJa7Kr3MNDRaMocQpnz9OQ/k97CjpyymGvEb0yXQWoh59pDGk2Ungyf4QvijdWfS
vw1xa4R+dZKvtu661RuQikbVKMYfnHUIHrbAVWAa4QM2cA1H+Pr4X0lk+16jWBAD
NCRgsZX7psyFXn6P5n1YkkwgHDu2M7oLoZ2juL+QwHub+C+pJjlbUSiM8HDJIPOv
V5badaMtJuH6puqmYdG9btvBhivEZ/IFJzWQYDBmLw749ZmBiApoJ0+7dA0bAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUuByDbbxFriTjM1nur3sgKHmCM9UwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkd8o
AwQAkmcuAwQAlvGHAwQCm3W0AwQCm3X4MA0GCSqGSIb3DQEBCwUAA4IBAQBhzJEK
0RSBW6steljEAuL6l5qO/oG+tFwNhN2AiuLWe6MRxZxuGP4ITh19L0kY6Z6vWOCo
rLGfPYmS/jwjKmoChAdo2pzvKnvBCZybHIflSK6I6ZMaU6YRVzYI/zFOKp424yV3
4GECjchkk3ysYtQl5gPd9siy8uUXlqkLcj0sjYlSrrnsXtVKz3qs0i1XfIhMzRAZ
tJTHMoyN0yIAAktoJsMVtBRkU5e1014nKtHS3yhkLDOcU/n/CfDIvMyiu8qlnTpS
4Vm3g7GmBEhMrI13H+AO0Ftbe2p29Vfa4iDbAJppn24HsVUF+4JvIuBtN0Q7akW6
mqKkfNr1YQar1bzD
-----END CERTIFICATE-----
Generated at Thu Sep 18 20:12:01 2025 by rpki-client