Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398704.roa
File: AS398704.roa (raw, json)
Hash identifier: ek7b4v8auA4KbrVVubYtail2/vVc1p3RFdcoN66q9Mc=
Subject key identifier: 7F:12:10:FD:8E:B7:4A:20:70:EA:3D:C7:32:BF:D6:02:A5:0A:22:CE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 218F8F67FBE194AEB5F1C1F76EAE28F2ACC3AE2B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398704.roa
Signing time: Wed 04 Mar 2026 08:29:26 +0000
ROA not before: Wed 04 Mar 2026 08:24:26 +0000
ROA not after: Wed 03 Mar 2027 08:29:26 +0000
asID: 398704
IP address blocks: 155.117.108.0/24 maxlen: 24
168.222.5.0/24 maxlen: 24
168.222.15.0/24 maxlen: 24
168.222.24.0/24 maxlen: 24
168.222.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 07:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:8f:8f:67:fb:e1:94:ae:b5:f1:c1:f7:6e:ae:28:f2:ac:c3:ae:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 4 08:24:26 2026 GMT
Not After : Mar 3 08:29:26 2027 GMT
Subject: CN=7F1210FD8EB74A2070EA3DC732BFD602A50A22CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2d:bd:87:56:24:e5:19:52:5e:b6:78:64:d1:
cf:fd:9b:7f:34:50:97:64:53:3d:6f:e9:9b:13:17:
76:40:c3:9d:15:91:e6:ff:45:ab:76:49:de:ef:97:
8b:c5:73:48:b8:15:86:6a:cd:fb:a0:29:09:70:05:
9a:ca:9d:6b:96:02:92:16:5b:0e:d3:58:2d:c9:83:
50:32:58:24:6f:c7:a4:11:f0:c4:cf:a5:02:a4:15:
9d:7b:1d:21:3f:6d:85:fe:0f:fc:61:50:51:9a:82:
3e:13:f7:b5:0e:b4:d3:e7:ee:f5:4d:4b:ed:34:52:
a7:9c:8a:ba:38:4c:5f:ff:aa:ab:77:92:bc:da:2f:
22:18:d7:6e:d7:77:a8:e1:ae:1d:a5:2c:35:42:70:
44:f1:63:c3:b9:fa:3b:e9:b7:d1:2e:48:f2:08:b3:
ec:a3:d0:ad:97:ac:d6:88:f7:63:88:80:b0:6d:97:
64:2b:70:93:53:48:26:f6:1d:e1:83:ff:57:58:68:
08:0f:76:58:86:d3:05:b3:d5:59:09:78:64:f6:52:
9e:70:8d:93:8a:cb:65:19:2f:b5:a6:21:a7:2f:73:
20:5c:63:f1:72:d1:ec:c8:eb:e9:dd:ca:29:eb:a0:
64:60:b8:62:7e:42:ab:10:6b:d2:de:6e:b8:db:e1:
fc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:12:10:FD:8E:B7:4A:20:70:EA:3D:C7:32:BF:D6:02:A5:0A:22:CE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398704.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.108.0/24
168.222.5.0/24
168.222.15.0/24
168.222.24.0/23
Signature Algorithm: sha256WithRSAEncryption
15:06:a8:f6:9c:0f:f1:f2:a4:e4:68:84:a6:78:60:53:e2:2a:
04:2b:8a:4a:bb:c7:98:f9:a6:25:4d:0b:79:08:dc:cd:42:8c:
13:c4:1a:3c:9e:84:70:e9:40:6f:a1:8c:53:4b:6a:ac:63:4c:
e3:02:5d:98:f2:78:1e:d5:6d:2e:9a:70:29:4b:c9:7c:c7:77:
32:ce:c7:d9:66:a6:f4:e9:e4:d5:b4:46:e6:17:56:b7:3e:42:
26:4b:16:13:df:67:08:49:74:57:21:ce:a7:c1:8b:5d:b6:13:
32:2c:a3:a3:af:27:f7:b4:c3:63:55:eb:48:03:aa:2b:35:3b:
59:59:29:fc:d7:8b:09:de:96:57:eb:34:5e:09:ec:1e:2d:51:
3a:84:aa:0a:df:7e:cd:5c:17:40:66:2a:9a:79:32:55:e9:ef:
05:d0:f3:e2:df:6f:d5:17:af:c4:e6:df:59:5d:4f:84:5f:de:
23:79:1d:79:79:83:6a:08:e9:7b:38:3a:ad:4d:c3:ad:f2:56:
48:25:ee:b0:c4:72:6a:43:21:4d:49:f4:b1:fd:95:de:04:1c:
a2:cf:9c:49:ad:f1:7e:fa:57:84:ae:a2:6f:43:99:a9:70:bf:
db:81:ee:6d:13:ff:c1:9b:e9:8d:d5:9e:18:e2:fb:3e:31:b1:
90:fc:47:83
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUIY+PZ/vhlK618cH3bq4o8qzDriswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDQwODI0MjZaFw0yNzAzMDMwODI5MjZaMDMxMTAvBgNV
BAMTKDdGMTIxMEZEOEVCNzRBMjA3MEVBM0RDNzMyQkZENjAyQTUwQTIyQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVLb2HViTlGVJetnhk0c/9m380
UJdkUz1v6ZsTF3ZAw50Vkeb/Rat2Sd7vl4vFc0i4FYZqzfugKQlwBZrKnWuWApIW
Ww7TWC3Jg1AyWCRvx6QR8MTPpQKkFZ17HSE/bYX+D/xhUFGagj4T97UOtNPn7vVN
S+00Uqeciro4TF//qqt3krzaLyIY127Xd6jhrh2lLDVCcETxY8O5+jvpt9EuSPII
s+yj0K2XrNaI92OIgLBtl2QrcJNTSCb2HeGD/1dYaAgPdliG0wWz1VkJeGT2Up5w
jZOKy2UZL7WmIacvcyBcY/Fy0ezI6+ndyinroGRguGJ+QqsQa9Lebrjb4fzTAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUfxIQ/Y63SiBw6j3HMr/WAqUKIs4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk4NzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAm3Vs
AwQAqN4FAwQAqN4PAwQBqN4YMA0GCSqGSIb3DQEBCwUAA4IBAQAVBqj2nA/x8qTk
aISmeGBT4ioEK4pKu8eY+aYlTQt5CNzNQowTxBo8noRw6UBvoYxTS2qsY0zjAl2Y
8nge1W0umnApS8l8x3cyzsfZZqb06eTVtEbmF1a3PkImSxYT32cISXRXIc6nwYtd
thMyLKOjryf3tMNjVetIA6orNTtZWSn814sJ3pZX6zReCeweLVE6hKoK337NXBdA
ZiqaeTJV6e8F0PPi32/VF6/E5t9ZXU+EX94jeR15eYNqCOl7ODqtTcOt8lZIJe6w
xHJqQyFNSfSx/ZXeBByiz5xJrfF++leErqJvQ5mpcL/bge5tE//Bm+mN1Z4Y4vs+
MbGQ/EeD
-----END CERTIFICATE-----
Generated at Thu Mar 5 10:46:46 2026 by rpki-client