Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
File: AS53356.roa (raw, json)
Hash identifier: WNT+T/fWz9ELB/aCkA5vHZ8tVJ31vOFOmjQDKOC9fe8=
Subject key identifier: E8:90:50:94:6F:E2:9B:3F:1B:80:65:B9:8E:75:8E:4D:52:4F:FC:D6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 22C3E4788A4F0AB54AADD595CE70643E3B23CD9F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
Signing time: Sun 01 Mar 2026 21:48:26 +0000
ROA not before: Sun 01 Mar 2026 21:43:26 +0000
ROA not after: Sun 28 Feb 2027 21:48:26 +0000
asID: 53356
IP address blocks: 143.14.17.0/24 maxlen: 24
143.14.19.0/24 maxlen: 24
143.14.21.0/24 maxlen: 24
143.14.38.0/24 maxlen: 24
143.14.39.0/24 maxlen: 24
148.135.163.0/24 maxlen: 24
155.117.207.0/24 maxlen: 24
162.141.14.0/24 maxlen: 24
167.148.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 07:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:c3:e4:78:8a:4f:0a:b5:4a:ad:d5:95:ce:70:64:3e:3b:23:cd:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 1 21:43:26 2026 GMT
Not After : Feb 28 21:48:26 2027 GMT
Subject: CN=E89050946FE29B3F1B8065B98E758E4D524FFCD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6e:8b:5c:08:a3:a8:08:ff:b1:2b:74:43:af:
91:62:62:be:b9:90:cb:7e:6f:81:8c:09:7d:a6:10:
d7:bf:c6:3e:81:cb:d6:20:d3:07:a2:ea:9b:dc:aa:
3a:b9:3d:03:86:41:b8:a1:17:5f:ed:3f:f4:e6:d0:
ec:14:9d:9d:f0:a7:d9:b9:ae:1e:d3:0b:04:93:cf:
fe:b4:c6:5e:f9:f1:52:45:b2:ca:c8:7a:b7:f9:7d:
08:8f:82:5d:23:e3:ad:f9:b4:72:e0:74:8b:80:cb:
fa:0f:3d:b4:29:a0:34:b4:6d:b5:a2:f0:fa:cb:35:
d2:38:5e:e2:2d:f3:d8:e2:81:c9:76:a8:cb:ca:f3:
38:87:97:d4:fa:6d:a2:af:5f:cb:0d:53:df:f1:a8:
fc:5c:91:88:3a:ad:66:8a:07:d2:08:3c:b0:f8:a8:
f5:41:a6:a3:35:35:70:00:2c:0a:ed:e6:a9:00:cb:
61:eb:a9:f2:5d:95:3b:8d:e1:60:64:36:75:48:34:
09:7b:5c:b0:9b:86:03:43:ed:cf:47:c2:0d:0c:3d:
73:06:d6:fb:42:cc:6c:31:c4:0d:15:e5:5c:d7:a8:
1f:14:e8:3e:d6:b0:f9:62:3c:97:9a:bf:40:a7:e2:
80:79:af:fa:1d:d1:74:49:54:5b:d8:2c:3a:56:83:
8a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:90:50:94:6F:E2:9B:3F:1B:80:65:B9:8E:75:8E:4D:52:4F:FC:D6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.17.0/24
143.14.19.0/24
143.14.21.0/24
143.14.38.0/23
148.135.163.0/24
155.117.207.0/24
162.141.14.0/24
167.148.182.0/24
Signature Algorithm: sha256WithRSAEncryption
58:5f:0a:12:d4:d4:59:4a:cd:30:8a:37:d7:cc:43:79:bc:7d:
0f:96:9f:48:e2:af:f2:73:a9:1b:27:44:b6:10:bc:f4:5e:7c:
aa:6e:26:58:4d:0e:5b:1b:30:34:ea:2f:8f:3a:5f:8f:27:ea:
e8:68:25:dd:8c:ca:e0:93:0c:cf:2c:06:1e:78:fb:5d:ef:94:
95:14:59:97:e7:be:82:6a:46:7e:66:07:c6:e9:3d:72:ff:d2:
b7:37:6b:10:92:42:2d:19:95:58:60:f6:fc:af:1d:71:0b:09:
94:b6:4e:0a:c3:8c:46:d2:bb:7f:1a:20:6a:06:63:45:3b:68:
46:a1:71:43:86:d7:de:5e:c8:fd:dc:e2:02:c1:87:6f:ed:51:
65:2b:94:c4:e0:79:29:13:0b:72:54:3c:95:6f:88:76:05:59:
f4:fc:b5:2f:3a:1f:86:24:2d:fc:97:21:6b:e0:f3:38:fc:2f:
a9:b7:55:81:9b:70:f5:d8:af:90:e6:fe:0b:f5:cb:82:73:4a:
61:55:48:a6:e7:dd:37:b4:96:d9:a5:d2:e4:a8:c6:80:6c:c6:
e7:87:6f:76:52:c4:a0:ef:1d:d4:f5:9c:ba:90:9d:15:65:bb:
62:f9:3e:a4:a4:84:a6:59:f9:fd:ea:0b:d8:6b:75:62:f0:58:
c1:39:5c:21
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUIsPkeIpPCrVKrdWVznBkPjsjzZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDEyMTQzMjZaFw0yNzAyMjgyMTQ4MjZaMDMxMTAvBgNV
BAMTKEU4OTA1MDk0NkZFMjlCM0YxQjgwNjVCOThFNzU4RTRENTI0RkZDRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhbotcCKOoCP+xK3RDr5FiYr65
kMt+b4GMCX2mENe/xj6By9Yg0wei6pvcqjq5PQOGQbihF1/tP/Tm0OwUnZ3wp9m5
rh7TCwSTz/60xl758VJFssrIerf5fQiPgl0j4635tHLgdIuAy/oPPbQpoDS0bbWi
8PrLNdI4XuIt89jigcl2qMvK8ziHl9T6baKvX8sNU9/xqPxckYg6rWaKB9IIPLD4
qPVBpqM1NXAALArt5qkAy2HrqfJdlTuN4WBkNnVINAl7XLCbhgND7c9Hwg0MPXMG
1vtCzGwxxA0V5VzXqB8U6D7WsPliPJeav0Cn4oB5r/od0XRJVFvYLDpWg4qNAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU6JBQlG/imz8bgGW5jnWOTVJP/NYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTMzNTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBACPDhED
BACPDhMDBACPDhUDBAGPDiYDBACUh6MDBACbdc8DBACijQ4DBACnlLYwDQYJKoZI
hvcNAQELBQADggEBAFhfChLU1FlKzTCKN9fMQ3m8fQ+Wn0jir/JzqRsnRLYQvPRe
fKpuJlhNDlsbMDTqL486X48n6uhoJd2MyuCTDM8sBh54+13vlJUUWZfnvoJqRn5m
B8bpPXL/0rc3axCSQi0ZlVhg9vyvHXELCZS2TgrDjEbSu38aIGoGY0U7aEahcUOG
195eyP3c4gLBh2/tUWUrlMTgeSkTC3JUPJVviHYFWfT8tS86H4YkLfyXIWvg8zj8
L6m3VYGbcPXYr5Dm/gv1y4JzSmFVSKbn3Te0ltml0uSoxoBsxueHb3ZSxKDvHdT1
nLqQnRVlu2L5PqSkhKZZ+f3qC9hrdWLwWME5XCE=
-----END CERTIFICATE-----
Generated at Thu Mar 5 10:46:46 2026 by rpki-client