Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135392.roa
File: AS135392.roa (raw, json)
Hash identifier: qGcaZosYMzKZsK2gsr/Udaqv7Ob5OdNns7oyM5boCJs=
Subject key identifier: 93:B6:F0:91:A2:46:35:44:3D:1E:BD:34:B3:BB:70:5F:82:DC:58:C4
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 29EA7687E250C1EB383F23B97277D7814BA556DD
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135392.roa
Signing time: Wed 11 Feb 2026 21:36:47 +0000
ROA not before: Wed 11 Feb 2026 21:31:47 +0000
ROA not after: Wed 10 Feb 2027 21:36:47 +0000
asID: 135392
IP address blocks: 167.148.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:ea:76:87:e2:50:c1:eb:38:3f:23:b9:72:77:d7:81:4b:a5:56:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 11 21:31:47 2026 GMT
Not After : Feb 10 21:36:47 2027 GMT
Subject: CN=93B6F091A24635443D1EBD34B3BB705F82DC58C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2f:e1:0b:95:d4:d0:00:6e:aa:e5:6c:b0:35:
9d:35:8a:77:ef:40:07:49:69:b5:0e:e7:75:f9:f6:
29:55:53:10:7c:dc:38:a8:fb:37:a1:df:c9:84:ed:
d1:c7:69:47:f4:9e:c5:5f:86:9e:da:0c:b3:3d:00:
82:35:d8:f6:68:69:22:f1:02:05:c6:12:a5:4f:13:
76:d3:b8:ec:2b:da:e5:ba:cf:da:d4:5c:d3:19:56:
dd:fe:44:81:1b:dc:74:7f:51:c9:45:a5:ee:d6:ad:
44:c8:c1:3d:63:98:37:01:07:70:60:87:c7:8d:7e:
4a:d6:d2:f3:63:9d:d2:f4:53:43:31:43:ec:99:c6:
88:25:ff:b7:0c:b3:95:73:ee:87:19:f9:14:f6:34:
75:16:19:54:c4:a8:6c:bd:18:dd:a4:db:37:25:33:
35:a7:09:13:93:97:78:0e:ff:fd:7e:b9:ec:e3:06:
2d:f1:97:a2:2a:30:77:2f:7e:2b:d5:00:33:47:07:
dc:c2:f0:09:5d:e0:b4:43:b0:34:14:8b:6e:0f:84:
9e:ef:0c:1a:bc:09:5e:3f:a8:9c:f0:55:37:77:09:
59:c6:c4:2f:61:e8:b0:78:5d:ec:17:dc:6c:f7:6a:
8f:88:28:44:ea:dd:9c:89:8d:9e:01:fd:50:75:2c:
10:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B6:F0:91:A2:46:35:44:3D:1E:BD:34:B3:BB:70:5F:82:DC:58:C4
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135392.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.148.201.0/24
Signature Algorithm: sha256WithRSAEncryption
38:74:49:86:aa:14:03:e9:85:b6:89:d8:c7:b2:66:ba:88:d3:
d1:2d:44:a7:be:1f:8b:7d:1d:21:da:1b:79:47:bd:3f:08:06:
74:90:4a:cd:00:2d:51:af:4d:a1:10:2f:3b:7d:9c:bf:e2:de:
90:65:a3:e9:b6:0d:bf:b6:ac:cf:86:b5:e4:25:ee:c3:17:a3:
bc:61:14:50:42:92:b0:0d:0e:9b:7c:67:b4:8f:12:aa:71:1a:
a3:13:74:a4:1b:7a:38:76:cc:a2:39:89:91:06:b9:00:26:8a:
54:db:f0:95:52:69:e7:0b:9a:a7:50:b7:75:c5:40:2b:e7:7c:
07:ce:8d:6f:ca:7b:ee:30:e6:61:30:78:3c:bd:af:80:56:9d:
57:95:e7:ca:b8:65:ba:28:14:c0:ff:f6:84:ce:7c:06:c1:17:
ef:87:9e:9c:3a:f2:d1:7d:4c:75:ba:82:54:4d:de:50:d8:9d:
90:51:c8:69:56:75:cb:5b:77:dc:1f:ad:4a:2e:37:c7:ad:89:
af:b4:2f:44:e9:8a:e8:54:c4:cc:4f:f3:de:ee:75:04:8a:72:
12:71:3d:5b:c2:6d:bb:5f:1a:7e:d6:c9:42:e2:a3:7c:71:9b:
20:46:e1:d5:d2:2d:68:f2:5f:87:da:8d:da:44:6e:36:0c:f4:
6d:91:2f:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUKep2h+JQwes4PyO5cnfXgUulVt0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTEyMTMxNDdaFw0yNzAyMTAyMTM2NDdaMDMxMTAvBgNV
BAMTKDkzQjZGMDkxQTI0NjM1NDQzRDFFQkQzNEIzQkI3MDVGODJEQzU4QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCL+ELldTQAG6q5WywNZ01infv
QAdJabUO53X59ilVUxB83Dio+zeh38mE7dHHaUf0nsVfhp7aDLM9AII12PZoaSLx
AgXGEqVPE3bTuOwr2uW6z9rUXNMZVt3+RIEb3HR/UclFpe7WrUTIwT1jmDcBB3Bg
h8eNfkrW0vNjndL0U0MxQ+yZxogl/7cMs5Vz7ocZ+RT2NHUWGVTEqGy9GN2k2zcl
MzWnCROTl3gO//1+uezjBi3xl6IqMHcvfivVADNHB9zC8Ald4LRDsDQUi24PhJ7v
DBq8CV4/qJzwVTd3CVnGxC9h6LB4XewX3Gz3ao+IKETq3ZyJjZ4B/VB1LBCjAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUk7bwkaJGNUQ9Hr00s7twX4LcWMQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1MzkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAp5TJ
MA0GCSqGSIb3DQEBCwUAA4IBAQA4dEmGqhQD6YW2idjHsma6iNPRLUSnvh+LfR0h
2ht5R70/CAZ0kErNAC1Rr02hEC87fZy/4t6QZaPptg2/tqzPhrXkJe7DF6O8YRRQ
QpKwDQ6bfGe0jxKqcRqjE3SkG3o4dsyiOYmRBrkAJopU2/CVUmnnC5qnULd1xUAr
53wHzo1vynvuMOZhMHg8va+AVp1XlefKuGW6KBTA//aEznwGwRfvh56cOvLRfUx1
uoJUTd5Q2J2QUchpVnXLW3fcH61KLjfHrYmvtC9E6YroVMTMT/Pe7nUEinIScT1b
wm27Xxp+1slC4qN8cZsgRuHV0i1o8l+H2o3aRG42DPRtkS9l
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:57:59 2026 by rpki-client