Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13335.roa
File: AS13335.roa (raw, json)
Hash identifier: SWrvfG0cmJLjS0c5B74teT2lQTVhX7RMMNEqYjSw57o=
Subject key identifier: 75:52:06:F1:A4:68:27:89:81:A5:85:A9:B6:AC:19:46:D0:E4:50:93
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 661DA2DF59C3CB6D12E94B60EF1806349177FF0C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13335.roa
Signing time: Mon 23 Feb 2026 23:31:59 +0000
ROA not before: Mon 23 Feb 2026 23:26:59 +0000
ROA not after: Mon 22 Feb 2027 23:31:59 +0000
asID: 13335
IP address blocks: 143.14.142.0/24 maxlen: 24
143.14.163.0/24 maxlen: 24
143.14.165.0/24 maxlen: 24
143.14.167.0/24 maxlen: 24
143.14.168.0/24 maxlen: 24
143.14.176.0/22 maxlen: 24
143.14.224.0/24 maxlen: 24
143.14.251.0/24 maxlen: 24
155.117.208.0/23 maxlen: 23
167.148.69.0/24 maxlen: 24
167.148.120.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:1d:a2:df:59:c3:cb:6d:12:e9:4b:60:ef:18:06:34:91:77:ff:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 23 23:26:59 2026 GMT
Not After : Feb 22 23:31:59 2027 GMT
Subject: CN=755206F1A468278981A585A9B6AC1946D0E45093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ca:05:b0:1a:e0:c3:b1:c2:14:9c:0e:ff:88:
63:f7:27:32:dd:56:9b:3f:dc:43:94:d7:c8:98:dd:
90:3d:62:43:24:50:b3:a4:9d:06:2d:16:0a:cd:e6:
a4:00:82:af:80:28:7b:7e:92:87:f9:0d:70:e5:06:
03:f6:57:3f:9c:a8:ec:13:f4:cc:b5:7d:73:97:26:
28:1b:ac:e8:f3:34:5a:06:73:98:37:33:ad:a2:ac:
ca:2c:7b:9b:b6:db:12:72:61:d9:da:d0:3b:a5:14:
09:52:27:60:2a:15:2b:26:1d:94:33:83:cc:ce:8b:
0c:a2:cd:73:eb:1a:72:35:01:9f:0e:f7:7d:c7:8e:
20:f1:02:8b:7f:33:4a:e6:12:78:5e:1e:8e:4e:f9:
6f:83:18:70:31:ee:78:96:49:c4:d5:15:2b:fb:7a:
9f:6f:e6:b1:63:4f:59:dd:44:bf:a7:bf:16:38:15:
d8:a1:2a:b1:91:53:a9:28:a8:f2:ff:06:4e:90:69:
cd:24:b7:65:af:03:cf:b0:39:7a:32:e7:5f:c6:7b:
68:e3:5c:a0:f3:05:7c:c0:09:31:f8:93:02:6b:83:
ea:33:a5:47:06:6b:b2:e0:1a:03:9d:8b:47:5b:1e:
f0:b1:dd:19:01:21:9d:a6:da:60:9b:2f:5e:49:f0:
2b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:52:06:F1:A4:68:27:89:81:A5:85:A9:B6:AC:19:46:D0:E4:50:93
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.142.0/24
143.14.163.0/24
143.14.165.0/24
143.14.167.0-143.14.168.255
143.14.176.0/22
143.14.224.0/24
143.14.251.0/24
155.117.208.0/23
167.148.69.0/24
167.148.120.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:e4:16:91:7b:c2:f0:2c:18:5b:5a:43:6b:f6:df:64:f2:a9:
7c:75:59:3c:5b:ee:f9:ae:46:83:99:67:76:1d:e5:d5:10:b7:
a5:eb:fd:c4:c6:02:ab:af:2f:65:18:d5:2b:73:5b:ce:48:df:
92:22:44:bf:35:f5:b1:14:20:9d:6d:62:ca:a4:60:e1:0a:93:
d5:25:35:ec:06:b0:96:ba:1a:6f:f0:5a:0e:b2:01:32:cc:f3:
fa:e0:26:76:cf:cc:c0:ef:25:03:b4:f6:40:79:08:99:fc:f1:
8e:d5:49:81:3a:33:12:86:d0:a6:2c:2a:d3:df:c4:12:7f:ce:
07:5d:5e:88:9d:e8:16:37:0f:ed:27:50:cc:90:76:6a:7b:5f:
61:20:4a:71:f1:03:89:4f:9d:02:7d:b5:c1:10:37:fc:e1:48:
42:98:ec:a2:8b:83:b3:46:1f:f8:99:1e:d5:32:9a:08:7d:d8:
02:0d:2f:56:3c:60:d5:53:3d:bc:45:d1:02:ec:b8:31:4d:c5:
9b:f3:3a:3c:b9:67:73:ab:19:fb:27:2e:d7:4b:f2:11:53:1e:
a8:83:98:43:0b:b0:ca:30:94:79:63:a9:e2:4b:91:b7:8d:37:
94:60:72:c9:51:4f:51:0c:99:82:17:69:f2:ba:0f:09:9d:0b:
a0:fc:9e:c5
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUZh2i31nDy20S6Utg7xgGNJF3/wwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMjMyMzI2NTlaFw0yNzAyMjIyMzMxNTlaMDMxMTAvBgNV
BAMTKDc1NTIwNkYxQTQ2ODI3ODk4MUE1ODVBOUI2QUMxOTQ2RDBFNDUwOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOygWwGuDDscIUnA7/iGP3JzLd
Vps/3EOU18iY3ZA9YkMkULOknQYtFgrN5qQAgq+AKHt+kof5DXDlBgP2Vz+cqOwT
9My1fXOXJigbrOjzNFoGc5g3M62irMose5u22xJyYdna0DulFAlSJ2AqFSsmHZQz
g8zOiwyizXPrGnI1AZ8O933HjiDxAot/M0rmEnheHo5O+W+DGHAx7niWScTVFSv7
ep9v5rFjT1ndRL+nvxY4FdihKrGRU6koqPL/Bk6Qac0kt2WvA8+wOXoy51/Ge2jj
XKDzBXzACTH4kwJrg+ozpUcGa7LgGgOdi0dbHvCx3RkBIZ2m2mCbL15J8Ct/AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUdVIG8aRoJ4mBpYWptqwZRtDkUJMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMEoEAgABMEQDBACPDo4D
BACPDqMDBACPDqUwDAMEAI8OpwMEAI8OqAMEAo8OsAMEAI8O4AMEAI8O+wMEAZt1
0AMEAKeURQMEAaeUeDANBgkqhkiG9w0BAQsFAAOCAQEAD+QWkXvC8CwYW1pDa/bf
ZPKpfHVZPFvu+a5Gg5lndh3l1RC3pev9xMYCq68vZRjVK3NbzkjfkiJEvzX1sRQg
nW1iyqRg4QqT1SU17Aawlroab/BaDrIBMszz+uAmds/MwO8lA7T2QHkImfzxjtVJ
gTozEobQpiwq09/EEn/OB11eiJ3oFjcP7SdQzJB2antfYSBKcfEDiU+dAn21wRA3
/OFIQpjsoouDs0Yf+Jke1TKaCH3YAg0vVjxg1VM9vEXRAuy4MU3Fm/M6PLlnc6sZ
+ycu10vyEVMeqIOYQwuwyjCUeWOp4kuRt403lGByyVFPUQyZghdp8roPCZ0LoPye
xQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:03:50 2026 by rpki-client