Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7488.roa
File: AS7488.roa (raw, json)
Hash identifier: 6VYorbzGDeuOTOEs2mXi5TJvE6+E9p6jl6YWAmSW8pk=
Subject key identifier: E2:DC:16:87:D0:F4:FE:6E:C5:AD:33:34:0F:05:89:81:8B:F3:3D:4F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 14D7D46ABE63E2E99E055965ADF630ADB8C3D8D8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7488.roa
Signing time: Fri 19 Jun 2026 07:51:37 +0000
ROA not before: Fri 19 Jun 2026 07:46:37 +0000
ROA not after: Fri 18 Jun 2027 07:51:37 +0000
asID: 7488
IP address blocks: 140.233.175.0/24 maxlen: 24
148.135.196.0/24 maxlen: 24
148.135.197.0/24 maxlen: 24
148.135.204.0/24 maxlen: 24
148.135.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d7:d4:6a:be:63:e2:e9:9e:05:59:65:ad:f6:30:ad:b8:c3:d8:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 19 07:46:37 2026 GMT
Not After : Jun 18 07:51:37 2027 GMT
Subject: CN=E2DC1687D0F4FE6EC5AD33340F0589818BF33D4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:89:09:75:b8:f6:f2:71:fd:d6:9d:5d:73:95:
5b:cc:aa:80:a0:67:96:c5:a6:43:59:07:2d:b2:3f:
20:f9:8d:5c:8d:99:a1:15:67:b4:ee:0e:f3:08:09:
62:46:63:ca:cd:95:08:a3:e2:c8:f9:21:44:92:6a:
bd:0b:1d:42:cb:64:8f:00:1f:5d:fb:92:05:3a:4c:
fb:bc:ca:02:2d:90:9b:38:d1:a4:cb:70:31:3c:94:
53:66:e3:05:a8:a9:7b:c1:e8:a0:11:e1:78:34:80:
54:6c:62:67:d3:39:f3:f5:93:5c:1e:7f:78:c4:7f:
81:28:d0:32:0e:f3:fe:49:7b:d6:b5:54:74:1d:e0:
d0:25:26:6d:50:69:dc:56:d4:f2:83:c3:a4:2c:af:
3a:7b:9f:a7:a7:5d:e1:5f:7b:00:a5:7f:54:4e:82:
88:e3:cc:03:19:cd:ef:25:f0:bb:87:5a:ed:a1:42:
99:6d:65:33:d0:63:6d:0e:74:89:4f:d2:3c:4e:37:
81:5d:de:a8:f8:61:c4:78:8d:bf:58:fc:ba:3b:71:
1d:89:45:65:51:a0:25:48:eb:e4:28:2f:5c:a1:93:
8c:e5:c8:d8:0e:17:cb:d0:41:b0:d5:16:7c:c5:b4:
2a:2e:ab:c0:8e:fa:df:20:d3:cc:03:e7:11:29:57:
62:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DC:16:87:D0:F4:FE:6E:C5:AD:33:34:0F:05:89:81:8B:F3:3D:4F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS7488.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.175.0/24
148.135.196.0/23
148.135.204.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:c7:63:f2:1d:a8:42:5d:5c:cc:a5:df:c4:2d:a9:78:c8:92:
a8:ff:c0:26:b0:15:f0:ae:19:fd:75:ed:5a:5f:d2:8e:22:ae:
39:11:be:cf:bd:d8:58:14:ad:44:23:34:c5:c1:14:6d:d0:1d:
85:51:56:ba:1e:2d:14:3b:4d:0e:c0:72:ff:fd:a4:8f:f1:cf:
00:82:fa:76:b5:29:d9:49:18:dc:98:af:d8:90:ad:d6:72:23:
6b:9f:82:dd:9d:b4:e6:4c:78:81:e7:db:a0:a8:6f:95:eb:ea:
fd:5a:d5:84:81:f2:0e:14:e8:03:57:e3:7c:0c:86:12:cf:5c:
32:fe:cf:6a:87:92:7b:06:e0:58:ce:ed:c8:42:34:08:91:e9:
af:4f:9c:fb:52:b3:5f:dd:d4:4b:e5:71:ce:87:b7:a1:d1:5b:
e0:df:ce:c6:d7:2f:e1:a8:a9:bf:d4:8b:83:c4:0a:b0:0a:a7:
83:08:ee:79:e1:7e:46:27:e8:c8:2b:a3:8e:0c:17:13:84:d8:
07:7b:20:a0:37:f3:33:a7:35:d0:c1:24:57:7f:0b:61:f2:35:
ff:3c:bd:2a:f5:56:25:54:09:d0:31:49:e3:55:63:11:2a:14:
64:74:37:14:b7:81:0c:19:8e:71:27:b7:2c:cd:89:1b:68:3b:
df:64:f6:cc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUFNfUar5j4umeBVllrfYwrbjD2NgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MTkwNzQ2MzdaFw0yNzA2MTgwNzUxMzdaMDMxMTAvBgNV
BAMTKEUyREMxNjg3RDBGNEZFNkVDNUFEMzMzNDBGMDU4OTgxOEJGMzNENEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGiQl1uPbycf3WnV1zlVvMqoCg
Z5bFpkNZBy2yPyD5jVyNmaEVZ7TuDvMICWJGY8rNlQij4sj5IUSSar0LHULLZI8A
H137kgU6TPu8ygItkJs40aTLcDE8lFNm4wWoqXvB6KAR4Xg0gFRsYmfTOfP1k1we
f3jEf4Eo0DIO8/5Je9a1VHQd4NAlJm1QadxW1PKDw6Qsrzp7n6enXeFfewClf1RO
gojjzAMZze8l8LuHWu2hQpltZTPQY20OdIlP0jxON4Fd3qj4YcR4jb9Y/Lo7cR2J
RWVRoCVI6+QoL1yhk4zlyNgOF8vQQbDVFnzFtCouq8CO+t8g08wD5xEpV2L3AgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQU4twWh9D0/m7FrTM0DwWJgYvzPU8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNzQ4OC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAIzprwME
AZSHxAMEAZSHzDANBgkqhkiG9w0BAQsFAAOCAQEAjsdj8h2oQl1czKXfxC2peMiS
qP/AJrAV8K4Z/XXtWl/SjiKuORG+z73YWBStRCM0xcEUbdAdhVFWuh4tFDtNDsBy
//2kj/HPAIL6drUp2UkY3Jiv2JCt1nIja5+C3Z205kx4gefboKhvlevq/VrVhIHy
DhToA1fjfAyGEs9cMv7PaoeSewbgWM7tyEI0CJHpr0+c+1KzX93US+Vxzoe3odFb
4N/Oxtcv4aipv9SLg8QKsAqngwjueeF+RifoyCujjgwXE4TYB3sgoDfzM6c10MEk
V38LYfI1/zy9KvVWJVQJ0DFJ41VjESoUZHQ3FLeBDBmOcSe3LM2JG2g732T2zA==
-----END CERTIFICATE-----
Generated at Sat Jun 20 02:51:15 2026 by rpki-client