Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS152586.roa
File: AS152586.roa (raw, json)
Hash identifier: jGHC/cgHfWmkFhGIMsy6KvJhuXeP+MeSux6sJgWoBmw=
Subject key identifier: 53:7B:F9:AB:47:DA:81:93:02:18:64:99:2F:09:C1:9C:65:E7:D3:29
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 30B4D0F09EF4591F233C46D7D34D286C984F14C2
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS152586.roa
Signing time: Thu 09 Apr 2026 09:44:14 +0000
ROA not before: Thu 09 Apr 2026 09:39:14 +0000
ROA not after: Thu 08 Apr 2027 09:44:14 +0000
asID: 152586
IP address blocks: 167.148.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:b4:d0:f0:9e:f4:59:1f:23:3c:46:d7:d3:4d:28:6c:98:4f:14:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 9 09:39:14 2026 GMT
Not After : Apr 8 09:44:14 2027 GMT
Subject: CN=537BF9AB47DA8193021864992F09C19C65E7D329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a9:b2:00:20:9a:c8:5c:c7:66:85:a4:b0:00:
55:ea:f2:e3:10:a2:a3:4e:cb:81:e5:fd:92:7e:71:
38:28:f3:dd:12:1d:3d:49:82:95:a4:77:f8:32:be:
31:6f:7a:28:f9:b2:be:cb:9d:47:df:8c:33:be:97:
a0:f8:d3:e5:0d:ce:73:62:39:ad:f6:5e:7d:50:51:
e6:59:06:db:a6:83:29:ce:26:e1:73:a4:9a:5c:a4:
9f:dc:d8:8d:b7:d3:9a:1c:9c:e1:12:7f:c5:3a:42:
1b:2d:e0:11:e9:57:b3:da:89:ba:e0:c7:11:f6:0a:
c4:49:d1:f9:e7:de:c4:20:34:05:0b:ab:f7:84:9a:
3b:9f:c3:e6:d2:2a:41:3f:71:98:71:bc:64:7f:dd:
e9:e3:af:9e:87:10:7f:e5:51:4a:b7:b3:4e:24:aa:
88:c7:b0:90:a3:df:79:6c:26:e1:28:76:30:4c:91:
de:43:d3:70:9e:64:b7:4a:ee:87:62:6d:32:46:89:
b3:3d:22:eb:96:7a:41:8d:09:80:0e:1b:f6:0c:34:
d5:42:4f:11:43:3f:7c:e6:65:c7:65:f2:03:18:86:
5f:b1:96:69:a0:37:47:7d:69:c2:5f:54:19:7b:1e:
26:1c:10:b7:9b:55:c3:cf:ca:ab:74:f8:ea:9c:3b:
ab:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7B:F9:AB:47:DA:81:93:02:18:64:99:2F:09:C1:9C:65:E7:D3:29
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS152586.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.148.167.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:53:fd:c3:4a:4d:ed:db:fd:b2:d3:a1:b1:f5:aa:31:e9:1e:
64:d6:32:2c:29:2b:c5:8c:45:72:9d:8e:93:50:29:b2:d4:04:
97:3e:53:a5:6f:f8:8a:66:da:74:b9:ee:10:01:14:8c:89:45:
3a:cc:2f:11:a4:93:50:8c:8b:eb:a9:a1:ce:09:bd:02:c8:bd:
87:a9:e8:b5:97:51:49:f8:fe:5e:71:48:f2:bd:09:e3:7f:9d:
1e:89:26:bf:f0:5d:36:52:d4:16:e6:49:f0:ab:b0:cf:38:af:
a3:f5:8f:8c:9d:67:19:92:c6:71:ee:f3:20:11:ff:b1:f8:cb:
9a:70:00:81:05:51:62:bf:e5:04:cc:9b:26:bb:cb:0a:22:4f:
43:cd:31:10:fb:8b:f9:1f:db:09:c1:0b:ac:9d:ca:68:c1:1d:
a0:ac:51:f0:31:53:61:17:eb:cc:2f:96:40:8c:51:5d:3a:1f:
81:be:3d:87:7d:27:58:24:ef:ac:2b:ab:20:c9:c2:a2:ee:aa:
2f:b1:49:f9:39:45:c8:41:c3:1b:ae:2f:35:ef:7d:7d:de:3b:
09:7a:2a:f2:ba:3f:6d:f6:23:44:51:bf:5e:52:8c:00:7b:07:
4f:af:90:ae:48:c6:b8:29:cf:f7:e9:47:4c:ed:5a:75:14:af:
de:9e:d2:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUMLTQ8J70WR8jPEbX000obJhPFMIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDkwOTM5MTRaFw0yNzA0MDgwOTQ0MTRaMDMxMTAvBgNV
BAMTKDUzN0JGOUFCNDdEQTgxOTMwMjE4NjQ5OTJGMDlDMTlDNjVFN0QzMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdqbIAIJrIXMdmhaSwAFXq8uMQ
oqNOy4Hl/ZJ+cTgo890SHT1JgpWkd/gyvjFveij5sr7LnUffjDO+l6D40+UNznNi
Oa32Xn1QUeZZBtumgynOJuFzpJpcpJ/c2I2305ocnOESf8U6Qhst4BHpV7Paibrg
xxH2CsRJ0fnn3sQgNAULq/eEmjufw+bSKkE/cZhxvGR/3enjr56HEH/lUUq3s04k
qojHsJCj33lsJuEodjBMkd5D03CeZLdK7odibTJGibM9IuuWekGNCYAOG/YMNNVC
TxFDP3zmZcdl8gMYhl+xlmmgN0d9acJfVBl7HiYcELebVcPPyqt0+OqcO6sdAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUU3v5q0fagZMCGGSZLwnBnGXn0ykwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUyNTg2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAp5Sn
MA0GCSqGSIb3DQEBCwUAA4IBAQCwU/3DSk3t2/2y06Gx9aox6R5k1jIsKSvFjEVy
nY6TUCmy1ASXPlOlb/iKZtp0ue4QARSMiUU6zC8RpJNQjIvrqaHOCb0CyL2Hqei1
l1FJ+P5ecUjyvQnjf50eiSa/8F02UtQW5knwq7DPOK+j9Y+MnWcZksZx7vMgEf+x
+MuacACBBVFiv+UEzJsmu8sKIk9DzTEQ+4v5H9sJwQusncpowR2grFHwMVNhF+vM
L5ZAjFFdOh+Bvj2HfSdYJO+sK6sgycKi7qovsUn5OUXIQcMbri8173193jsJeiry
uj9t9iNEUb9eUowAewdPr5CuSMa4Kc/36UdM7Vp1FK/entI2
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:55:14 2026 by rpki-client