Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS146996.roa
File: AS146996.roa (raw, json)
Hash identifier: xinyOuBK7FV/bEYWj9Ioq8gxF+mdWU3mK/aXI1QASHg=
Subject key identifier: D6:1B:75:CC:1E:73:F8:96:B7:7B:5D:5C:00:9C:B1:79:3D:3C:14:A3
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4794A9AF3DB4914A2CC8080C5FB6DCDFCD86BB5E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS146996.roa
Signing time: Wed 11 Feb 2026 16:07:34 +0000
ROA not before: Wed 11 Feb 2026 16:02:34 +0000
ROA not after: Wed 10 Feb 2027 16:07:34 +0000
asID: 146996
IP address blocks: 143.14.4.0/24 maxlen: 24
143.14.5.0/24 maxlen: 24
143.14.77.0/24 maxlen: 24
168.222.2.0/24 maxlen: 24
168.222.16.0/24 maxlen: 24
168.222.20.0/24 maxlen: 24
168.222.21.0/24 maxlen: 24
168.222.27.0/24 maxlen: 24
168.222.28.0/24 maxlen: 24
168.222.29.0/24 maxlen: 24
168.222.55.0/24 maxlen: 24
168.222.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:94:a9:af:3d:b4:91:4a:2c:c8:08:0c:5f:b6:dc:df:cd:86:bb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 11 16:02:34 2026 GMT
Not After : Feb 10 16:07:34 2027 GMT
Subject: CN=D61B75CC1E73F896B77B5D5C009CB1793D3C14A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:bc:03:8c:e9:18:2a:e8:23:c1:90:e6:67:d2:
c3:f2:a8:1e:a6:3f:4a:67:b5:ae:d2:1e:91:cb:77:
eb:82:47:be:f7:52:94:36:b8:0a:8d:8c:b9:87:17:
b3:46:42:fd:4b:d4:be:9f:01:3f:39:f2:68:f6:10:
5d:cc:3e:d2:a8:04:0e:3d:08:eb:cb:1d:20:52:55:
d4:00:b8:33:8a:06:e4:89:95:a6:21:9e:3e:97:4b:
f7:b4:59:ff:30:35:6c:73:8c:bf:c7:e0:7e:1d:50:
61:4d:c0:28:30:87:10:55:0e:cd:36:7c:0d:f8:23:
9c:f0:48:5d:08:c8:87:81:fa:60:e7:ed:de:94:52:
20:1c:1b:17:9d:05:f1:31:62:ce:e7:42:b2:29:01:
20:2e:bf:40:c4:3e:89:9f:1e:c6:d6:80:9c:5a:18:
37:d0:1b:b8:bf:4f:e1:7d:fa:77:ae:93:dd:d8:52:
b1:09:e4:9d:01:4b:58:94:49:46:b5:2e:83:1a:78:
a0:72:51:bd:83:dd:60:8e:d6:88:86:b5:7b:32:02:
61:b6:89:34:53:3e:cb:12:06:be:4f:66:6f:c9:7f:
38:38:75:a5:d2:e6:da:ae:56:9d:29:e4:44:55:fe:
8f:cb:8a:eb:17:b1:d3:15:91:23:80:41:e2:aa:a2:
1a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1B:75:CC:1E:73:F8:96:B7:7B:5D:5C:00:9C:B1:79:3D:3C:14:A3
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS146996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.4.0/23
143.14.77.0/24
168.222.2.0/24
168.222.16.0/24
168.222.20.0/23
168.222.27.0-168.222.29.255
168.222.55.0/24
168.222.60.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f7:2f:7e:e9:2e:f1:a1:39:d1:c9:2b:d7:1a:74:46:34:c6:
3e:b0:03:cb:6f:d3:d8:09:7a:81:9a:c4:18:c1:90:b3:ff:d4:
b2:1a:df:51:92:86:3e:16:fc:9f:38:7c:87:e7:57:a5:0f:3f:
14:79:25:44:c0:4e:21:73:7f:27:1c:d1:c7:e1:3e:86:52:11:
89:5d:a4:4c:1c:4e:95:b2:24:b7:29:f6:7b:2f:bc:d1:e0:3a:
d6:30:0e:68:f6:d2:64:42:90:9a:03:72:8f:40:6f:05:bf:3a:
54:04:b4:d8:0f:6f:52:d6:d2:af:ad:62:f9:dd:2b:ca:6e:0b:
64:7b:ed:07:77:63:9c:95:ea:c3:a2:10:e0:d1:5c:47:20:71:
4c:11:a0:35:4c:c8:ba:a3:30:58:71:95:73:66:75:6d:1c:22:
93:e6:59:b7:bc:a5:de:68:72:15:a5:65:70:81:85:26:a5:c2:
71:d3:8c:19:d0:d9:39:20:4d:6d:c9:80:e9:cf:7c:44:e9:86:
60:d2:67:d5:d7:ac:24:10:43:17:d0:37:12:3e:ee:f2:c8:bd:
b9:e7:de:00:29:46:85:a9:3a:39:22:fc:c6:4e:73:93:48:3a:
fa:ca:73:15:50:65:54:56:3c:aa:bc:83:4c:51:9f:20:bb:ad:
df:b9:4a:91
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUR5Sprz20kUosyAgMX7bc382Gu14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTExNjAyMzRaFw0yNzAyMTAxNjA3MzRaMDMxMTAvBgNV
BAMTKEQ2MUI3NUNDMUU3M0Y4OTZCNzdCNUQ1QzAwOUNCMTc5M0QzQzE0QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxvAOM6Rgq6CPBkOZn0sPyqB6m
P0pnta7SHpHLd+uCR773UpQ2uAqNjLmHF7NGQv1L1L6fAT858mj2EF3MPtKoBA49
COvLHSBSVdQAuDOKBuSJlaYhnj6XS/e0Wf8wNWxzjL/H4H4dUGFNwCgwhxBVDs02
fA34I5zwSF0IyIeB+mDn7d6UUiAcGxedBfExYs7nQrIpASAuv0DEPomfHsbWgJxa
GDfQG7i/T+F9+neuk93YUrEJ5J0BS1iUSUa1LoMaeKByUb2D3WCO1oiGtXsyAmG2
iTRTPssSBr5PZm/Jfzg4daXS5tquVp0p5ERV/o/LiusXsdMVkSOAQeKqohr9AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU1ht1zB5z+Ja3e11cAJyxeT08FKMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2OTk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBjw4E
AwQAjw5NAwQAqN4CAwQAqN4QAwQBqN4UMAwDBACo3hsDBAGo3hwDBACo3jcDBACo
3jwwDQYJKoZIhvcNAQELBQADggEBAGv3L37pLvGhOdHJK9cadEY0xj6wA8tv09gJ
eoGaxBjBkLP/1LIa31GShj4W/J84fIfnV6UPPxR5JUTATiFzfycc0cfhPoZSEYld
pEwcTpWyJLcp9nsvvNHgOtYwDmj20mRCkJoDco9AbwW/OlQEtNgPb1LW0q+tYvnd
K8puC2R77Qd3Y5yV6sOiEODRXEcgcUwRoDVMyLqjMFhxlXNmdW0cIpPmWbe8pd5o
chWlZXCBhSalwnHTjBnQ2TkgTW3JgOnPfETphmDSZ9XXrCQQQxfQNxI+7vLIvbnn
3gApRoWpOjki/MZOc5NIOvrKcxVQZVRWPKq8g0xRnyC7rd+5SpE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:06:26 2026 by rpki-client