Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11404.roa
File: AS11404.roa (raw, json)
Hash identifier: Mtfi99mBJN8bRWVEc1wUsQfwBq1xIAIP92lDOor58bQ=
Subject key identifier: BD:4A:72:84:E2:E9:AB:1E:C8:80:85:DB:A2:91:D3:63:60:C2:4D:09
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7E635DEB5DAC44239777D37B13D254B765C25C4E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11404.roa
Signing time: Sun 26 Oct 2025 00:10:14 +0000
ROA not before: Sun 26 Oct 2025 00:05:14 +0000
ROA not after: Sun 25 Oct 2026 00:10:14 +0000
asID: 11404
IP address blocks: 136.143.244.0/24 maxlen: 24
136.143.251.0/24 maxlen: 24
136.143.253.0/24 maxlen: 24
136.143.255.0/24 maxlen: 24
158.140.195.0/24 maxlen: 24
158.140.198.0/24 maxlen: 24
158.140.201.0/24 maxlen: 24
158.140.204.0/24 maxlen: 24
158.140.206.0/23 maxlen: 23
158.140.212.0/23 maxlen: 23
158.140.215.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
203.100.208.0/23 maxlen: 23
203.100.211.0/24 maxlen: 24
203.160.112.0/23 maxlen: 23
203.160.115.0/24 maxlen: 24
203.160.119.0/24 maxlen: 24
203.160.120.0/23 maxlen: 23
203.160.122.0/24 maxlen: 24
203.160.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:63:5d:eb:5d:ac:44:23:97:77:d3:7b:13:d2:54:b7:65:c2:5c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 26 00:05:14 2025 GMT
Not After : Oct 25 00:10:14 2026 GMT
Subject: CN=BD4A7284E2E9AB1EC88085DBA291D36360C24D09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a2:f7:d3:3c:32:cf:51:6b:40:32:a2:8f:aa:
c1:5c:24:18:a2:34:79:d5:25:66:41:d3:5d:ab:b9:
3e:26:84:f5:22:e0:67:07:68:67:ac:b3:67:b2:05:
7a:16:de:7e:13:b0:ec:06:cd:b3:0f:cf:1d:ce:ab:
cf:10:1f:7b:9e:f8:9d:ce:76:f4:0f:c8:7e:b5:a6:
be:0b:b5:f2:03:39:2a:05:cb:ae:eb:85:7c:42:a0:
f0:76:ee:9f:ec:28:3f:56:d8:be:69:00:2d:bc:f1:
ab:8a:cd:c4:82:f6:21:59:9a:90:61:fe:51:27:ed:
f6:8a:5c:76:60:01:74:1b:2f:b2:2e:00:df:7d:0d:
54:39:6c:1c:18:39:49:16:a2:53:b2:92:41:1f:df:
70:61:97:16:b6:ff:1f:4e:b6:18:9f:2f:e4:52:0c:
7d:eb:d5:24:07:ca:45:f6:bc:c3:45:ee:f8:16:7f:
d3:20:ab:47:8c:f0:68:63:fc:80:5a:59:0f:d7:bc:
5f:47:14:d4:b6:40:f1:ca:10:9a:e7:fe:c6:cc:85:
ad:64:b6:2b:e7:75:6a:4e:0c:2a:cc:c9:71:60:9b:
fe:e8:2d:0e:e7:bb:2c:0a:40:63:ec:a1:a3:f2:92:
2c:06:94:5e:7e:0e:5d:03:a7:f7:e2:39:19:bc:24:
e0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:4A:72:84:E2:E9:AB:1E:C8:80:85:DB:A2:91:D3:63:60:C2:4D:09
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11404.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.143.244.0/24
136.143.251.0/24
136.143.253.0/24
136.143.255.0/24
158.140.195.0/24
158.140.198.0/24
158.140.201.0/24
158.140.204.0/24
158.140.206.0/23
158.140.212.0/23
158.140.215.0/24
162.141.24.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.168.0/21
162.141.184.0/21
167.148.16.0-167.148.27.255
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
203.100.208.0/23
203.100.211.0/24
203.160.112.0/23
203.160.115.0/24
203.160.119.0-203.160.122.255
203.160.124.0/24
Signature Algorithm: sha256WithRSAEncryption
22:91:a4:4e:fe:c1:47:a4:9b:b5:70:8b:29:84:f2:c8:d9:cf:
bf:24:55:7c:1c:10:a9:48:25:39:40:e5:6e:88:7c:c1:54:68:
03:bb:6f:33:0a:2d:5c:36:1f:98:a8:c6:4c:44:39:ee:8c:a7:
2e:1a:1f:82:f0:11:b3:76:be:63:fd:f9:19:85:96:88:8f:70:
d1:6a:59:3d:d9:c8:12:9c:ea:d9:89:18:41:0a:0b:07:64:bc:
ae:51:a7:d3:29:58:d3:72:98:2e:57:0b:4e:49:a0:13:7f:b4:
16:3e:a5:bc:95:d0:6d:91:a1:03:a3:be:91:92:93:a4:01:45:
e1:51:b5:04:5f:0c:79:af:7e:a9:a8:fe:5c:7c:7e:01:f3:7e:
f9:c0:17:21:d3:f0:b1:d3:0f:ae:03:8e:c6:e2:31:72:20:3a:
4f:2e:62:7c:b7:c8:27:44:8a:ed:3f:3d:c3:4e:d5:11:70:88:
88:07:db:03:57:74:29:a4:ed:6c:f3:3d:91:c7:a2:c2:8c:51:
1c:fe:c5:97:11:66:7f:80:64:fe:d8:02:c5:09:2b:dc:59:ad:
12:b9:ff:3d:c7:b2:41:e7:00:e5:80:27:23:f3:29:ce:d3:32:
38:0f:1d:c2:26:02:d1:4d:e5:c2:cc:e5:91:da:42:82:bd:c8:
e8:5f:6f:9c
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIUfmNd612sRCOXd9N7E9JUt2XCXE4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMjYwMDA1MTRaFw0yNjEwMjUwMDEwMTRaMDMxMTAvBgNV
BAMTKEJENEE3Mjg0RTJFOUFCMUVDODgwODVEQkEyOTFEMzYzNjBDMjREMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMovfTPDLPUWtAMqKPqsFcJBii
NHnVJWZB012ruT4mhPUi4GcHaGess2eyBXoW3n4TsOwGzbMPzx3Oq88QH3ue+J3O
dvQPyH61pr4LtfIDOSoFy67rhXxCoPB27p/sKD9W2L5pAC288auKzcSC9iFZmpBh
/lEn7faKXHZgAXQbL7IuAN99DVQ5bBwYOUkWolOykkEf33Bhlxa2/x9OthifL+RS
DH3r1SQHykX2vMNF7vgWf9Mgq0eM8Ghj/IBaWQ/XvF9HFNS2QPHKEJrn/sbMha1k
tivndWpODCrMyXFgm/7oLQ7nuywKQGPsoaPykiwGlF5+Dl0Dp/fiORm8JOC/AgMB
AAGjggLcMIIC2DAdBgNVHQ4EFgQUvUpyhOLpqx7IgIXbopHTY2DCTQkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTE0MDQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgfEGCCsGAQUFBwEHAQH/BIHhMIHeMIHbBAIAATCB1AME
AIiP9AMEAIiP+wMEAIiP/QMEAIiP/wMEAJ6MwwMEAJ6MxgMEAJ6MyQMEAJ6MzAME
AZ6MzgMEAZ6M1AMEAJ6M1zAMAwQDoo0YAwQCoo0gAwQCoo0oAwQDoo04AwQCoo1I
AwQDoo2QAwQDoo2oAwQDoo24MAwDBASnlBADBAKnlBgwDAMEBKeUMAMEAqeUOAME
AqeUQAMEAqeUTAMEA6eUWAMEAqeUbAMEActk0AMEAMtk0wMEAcugcAMEAMugczAM
AwQAy6B3AwQAy6B6AwQAy6B8MA0GCSqGSIb3DQEBCwUAA4IBAQAikaRO/sFHpJu1
cIsphPLI2c+/JFV8HBCpSCU5QOVuiHzBVGgDu28zCi1cNh+YqMZMRDnujKcuGh+C
8BGzdr5j/fkZhZaIj3DRalk92cgSnOrZiRhBCgsHZLyuUafTKVjTcpguVwtOSaAT
f7QWPqW8ldBtkaEDo76RkpOkAUXhUbUEXwx5r36pqP5cfH4B8375wBch0/Cx0w+u
A47G4jFyIDpPLmJ8t8gnRIrtPz3DTtURcIiIB9sDV3QppO1s8z2Rx6LCjFEc/sWX
EWZ/gGT+2ALFCSvcWa0Suf89x7JB5wDlgCcj8ynO0zI4Dx3CJgLRTeXCzOWR2kKC
vcjoX2+c
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:15:31 2025 by rpki-client