Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11404.roa
File: AS11404.roa (raw, json)
Hash identifier: nIsIa+Zf2Ug6KeqdUsd7IxHQ+EOAHkkHVypNTkq981g=
Subject key identifier: 9F:37:1A:CB:F4:B0:88:F8:04:D4:7B:B2:6C:7D:FE:1B:8E:4F:22:AC
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2201837ADA39B5295A6A0FF45577CFD15AB35B2E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11404.roa
Signing time: Wed 11 Feb 2026 22:00:16 +0000
ROA not before: Wed 11 Feb 2026 21:55:16 +0000
ROA not after: Wed 10 Feb 2027 22:00:16 +0000
asID: 11404
IP address blocks: 136.143.244.0/24 maxlen: 24
136.143.251.0/24 maxlen: 24
136.143.253.0/24 maxlen: 24
136.143.255.0/24 maxlen: 24
158.140.195.0/24 maxlen: 24
158.140.198.0/24 maxlen: 24
158.140.201.0/24 maxlen: 24
158.140.204.0/24 maxlen: 24
158.140.206.0/23 maxlen: 23
158.140.212.0/23 maxlen: 23
158.140.215.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
203.100.208.0/23 maxlen: 23
203.100.211.0/24 maxlen: 24
203.160.112.0/23 maxlen: 23
203.160.115.0/24 maxlen: 24
203.160.119.0/24 maxlen: 24
203.160.120.0/23 maxlen: 23
203.160.122.0/24 maxlen: 24
203.160.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:01:83:7a:da:39:b5:29:5a:6a:0f:f4:55:77:cf:d1:5a:b3:5b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 11 21:55:16 2026 GMT
Not After : Feb 10 22:00:16 2027 GMT
Subject: CN=9F371ACBF4B088F804D47BB26C7DFE1B8E4F22AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2d:f0:6b:2f:80:8c:6f:a9:98:68:b7:9e:22:
7a:ac:8a:69:db:52:46:fa:9c:76:2b:8b:17:76:66:
0f:56:33:f6:de:83:2d:5a:24:f6:b0:e3:23:af:60:
a7:bf:24:bd:73:31:12:87:d1:1e:a8:82:3a:88:dd:
eb:84:39:8c:e8:82:6b:d1:bf:cc:87:d9:ca:63:eb:
3b:1c:17:98:a0:8d:f3:c7:2d:10:fd:ab:f1:b7:46:
ee:2a:5d:1c:8f:22:22:ee:92:38:32:db:b1:1a:d7:
1c:bb:93:4d:28:a0:37:44:8f:ef:31:9c:5d:a9:e5:
65:05:00:7b:0b:ff:70:b1:2f:1a:c1:e6:94:2d:49:
64:b7:7b:65:48:eb:0c:12:4a:15:13:e3:d6:30:55:
9f:5d:db:90:1a:44:19:00:8b:6c:c6:1b:b1:99:a1:
68:e9:73:2f:6c:e1:e6:65:b8:75:f8:41:a6:d8:8a:
30:af:bf:c0:ec:2f:ea:01:ae:fa:6e:9c:f4:c1:ae:
66:02:46:38:3e:4a:d0:f5:a6:be:3a:21:a2:a0:9e:
69:1e:cb:38:93:52:f1:36:fb:9a:49:ed:8b:b2:40:
bb:6f:09:a9:dc:6c:3f:61:f8:c8:b6:c3:98:0f:4b:
a1:bd:f3:4c:db:99:d4:02:f3:d4:10:af:ac:0a:e4:
92:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:37:1A:CB:F4:B0:88:F8:04:D4:7B:B2:6C:7D:FE:1B:8E:4F:22:AC
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS11404.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.143.244.0/24
136.143.251.0/24
136.143.253.0/24
136.143.255.0/24
158.140.195.0/24
158.140.198.0/24
158.140.201.0/24
158.140.204.0/24
158.140.206.0/23
158.140.212.0/23
158.140.215.0/24
162.141.24.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.168.0/21
162.141.184.0/21
167.148.16.0/21
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
203.100.208.0/23
203.100.211.0/24
203.160.112.0/23
203.160.115.0/24
203.160.119.0-203.160.122.255
203.160.124.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:e2:65:8d:6a:50:09:fe:f5:19:80:ef:e6:db:aa:6c:41:ab:
7d:85:ce:ad:32:ac:d6:6c:e8:fd:de:f1:a9:4b:a8:5a:ea:7e:
62:29:55:1f:a5:62:57:5a:a1:a1:94:ca:a8:8d:1d:3f:90:c2:
2b:81:b3:6d:47:ea:73:5a:85:a0:2e:64:9f:ca:1a:ec:6c:fe:
81:2d:93:22:10:dd:e9:cf:de:75:8f:f0:90:78:69:b4:b9:11:
a5:08:ea:d2:e0:e2:ce:82:9f:8e:0d:e5:68:2e:0a:f5:87:58:
b3:d5:d1:84:62:aa:ad:2f:f8:62:1d:7c:4e:e7:ba:99:7b:0d:
c1:56:00:67:9a:bf:6f:0b:9d:73:c4:51:fd:e7:5f:68:b8:89:
fd:3f:27:0a:e4:08:3c:51:a1:24:39:01:b9:16:01:83:9e:15:
07:2f:83:e0:f4:56:7f:3f:b2:4d:5d:59:34:60:2a:ec:60:20:
cc:91:55:56:c7:64:b3:6c:2a:5c:76:c5:e9:9a:17:62:ce:5e:
d8:c5:62:26:d4:e1:75:b3:b0:c5:83:1b:bc:54:27:d2:b5:2e:
84:78:ea:ca:df:06:a2:ca:2e:28:8f:f7:68:15:2a:28:44:52:
c7:fe:c1:d6:19:3e:d5:d0:e6:c8:e0:0b:ec:0a:48:be:39:19:
05:48:17:bb
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIUIgGDeto5tSlaag/0VXfP0VqzWy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTEyMTU1MTZaFw0yNzAyMTAyMjAwMTZaMDMxMTAvBgNV
BAMTKDlGMzcxQUNCRjRCMDg4RjgwNEQ0N0JCMjZDN0RGRTFCOEU0RjIyQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZLfBrL4CMb6mYaLeeInqsimnb
Ukb6nHYrixd2Zg9WM/begy1aJPaw4yOvYKe/JL1zMRKH0R6ogjqI3euEOYzogmvR
v8yH2cpj6zscF5igjfPHLRD9q/G3Ru4qXRyPIiLukjgy27Ea1xy7k00ooDdEj+8x
nF2p5WUFAHsL/3CxLxrB5pQtSWS3e2VI6wwSShUT49YwVZ9d25AaRBkAi2zGG7GZ
oWjpcy9s4eZluHX4QabYijCvv8DsL+oBrvpunPTBrmYCRjg+StD1pr46IaKgnmke
yziTUvE2+5pJ7YuyQLtvCancbD9h+Mi2w5gPS6G980zbmdQC89QQr6wK5JK7AgMB
AAGjggLUMIIC0DAdBgNVHQ4EFgQUnzcay/SwiPgE1HuybH3+G45PIqwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTE0MDQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgekGCCsGAQUFBwEHAQH/BIHZMIHWMIHTBAIAATCBzAME
AIiP9AMEAIiP+wMEAIiP/QMEAIiP/wMEAJ6MwwMEAJ6MxgMEAJ6MyQMEAJ6MzAME
AZ6MzgMEAZ6M1AMEAJ6M1zAMAwQDoo0YAwQCoo0gAwQCoo0oAwQDoo04AwQCoo1I
AwQDoo2QAwQDoo2oAwQDoo24AwQDp5QQMAwDBASnlDADBAKnlDgDBAKnlEADBAKn
lEwDBAOnlFgDBAKnlGwDBAHLZNADBADLZNMDBAHLoHADBADLoHMwDAMEAMugdwME
AMugegMEAMugfDANBgkqhkiG9w0BAQsFAAOCAQEAe+JljWpQCf71GYDv5tuqbEGr
fYXOrTKs1mzo/d7xqUuoWup+YilVH6ViV1qhoZTKqI0dP5DCK4GzbUfqc1qFoC5k
n8oa7Gz+gS2TIhDd6c/edY/wkHhptLkRpQjq0uDizoKfjg3laC4K9YdYs9XRhGKq
rS/4Yh18Tue6mXsNwVYAZ5q/bwudc8RR/edfaLiJ/T8nCuQIPFGhJDkBuRYBg54V
By+D4PRWfz+yTV1ZNGAq7GAgzJFVVsdks2wqXHbF6ZoXYs5e2MViJtThdbOwxYMb
vFQn0rUuhHjqyt8GosouKI/3aBUqKERSx/7B1hk+1dDmyOAL7ApIvjkZBUgXuw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:32:30 2026 by rpki-client