Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153568.roa
File: AS153568.roa (raw, json)
Hash identifier: tiGAqTmFhsGjAKEWNcQW4dGSBs9rze2JS+9OMUt9gHE=
Subject key identifier: 76:8C:E6:72:A4:BA:B3:80:67:FC:0B:7C:C8:65:04:75:DB:AA:A8:F8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4FE0700E75F8335F7158A86E734CDDCE8C9545D4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153568.roa
Signing time: Mon 25 May 2026 07:32:47 +0000
ROA not before: Mon 25 May 2026 07:27:47 +0000
ROA not after: Mon 24 May 2027 07:32:47 +0000
asID: 153568
IP address blocks: 150.241.209.0/24 maxlen: 24
155.117.16.0/24 maxlen: 24
155.117.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:e0:70:0e:75:f8:33:5f:71:58:a8:6e:73:4c:dd:ce:8c:95:45:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 25 07:27:47 2026 GMT
Not After : May 24 07:32:47 2027 GMT
Subject: CN=768CE672A4BAB38067FC0B7CC8650475DBAAA8F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4e:e5:51:cb:fd:f4:5a:28:b1:4f:a3:bb:47:
0e:85:3a:7c:f5:c1:ca:c1:b3:b3:77:6f:da:da:cc:
95:90:3a:9a:34:10:60:2b:3d:2c:5a:dd:2e:12:a1:
3a:85:b0:8e:fd:9a:01:14:12:9d:9d:74:19:bd:a0:
18:80:6a:27:be:89:54:44:4a:bc:61:a2:cf:cd:bd:
a7:a9:b7:2f:16:6b:4c:2d:ff:53:8f:8d:87:80:b1:
4c:c1:5b:b3:b6:8e:3c:11:62:22:69:3f:66:14:ce:
ec:34:f1:b8:80:8a:67:cd:6e:78:d4:50:0d:7f:c5:
25:29:d8:42:51:04:4e:33:9e:19:90:89:11:08:a3:
93:9c:ad:1c:eb:ec:02:2a:08:e4:a9:b9:24:58:00:
12:0e:c5:f0:4c:1a:04:8b:2b:a1:0c:9d:83:75:7b:
ea:81:77:73:af:16:fb:26:f7:53:9d:dd:9f:c1:73:
6a:15:71:48:f2:7c:bc:04:27:29:94:4b:be:b7:da:
55:2f:bd:7a:bf:ae:ff:2b:c6:44:35:3e:dc:7f:f6:
f9:34:16:b9:54:28:08:46:b9:5d:03:79:f0:3f:45:
56:50:98:c8:c1:7e:a2:54:75:be:c7:ae:17:31:e1:
2b:c8:95:44:f2:1f:3d:17:ba:f3:46:a4:94:a5:75:
ec:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8C:E6:72:A4:BA:B3:80:67:FC:0B:7C:C8:65:04:75:DB:AA:A8:F8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153568.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.209.0/24
155.117.16.0/24
155.117.105.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:3e:b2:b9:61:be:8f:6b:b7:c6:95:46:74:f0:f6:a5:76:14:
38:f8:4c:27:d8:7d:12:15:e5:a0:d6:97:27:91:fa:5d:9b:08:
8f:68:f6:20:f4:88:90:44:d0:5b:02:65:09:e6:42:12:72:64:
97:fd:a8:50:b7:07:ac:0e:b9:16:92:6c:eb:00:13:9f:bd:17:
a6:25:90:22:85:1e:ae:fb:d2:a2:d2:30:a6:4a:8d:12:35:82:
52:25:c5:b1:a4:f5:01:4b:d7:9c:48:88:9b:e8:c9:e8:09:f9:
af:eb:70:e6:23:bd:91:87:ea:45:70:be:b8:85:e5:9f:25:ee:
2e:86:54:6f:f7:d1:ea:7f:2e:e4:46:5c:c3:71:c1:9c:48:80:
3a:99:fb:88:99:f7:f6:32:03:9e:d3:5c:7c:dc:54:6c:b2:b0:
b6:8b:a5:48:f7:d2:ab:e3:63:fe:10:78:f3:7c:b7:a7:00:69:
b8:c2:26:61:6a:aa:20:56:02:68:0f:7b:78:6a:91:0e:5d:01:
e4:c6:e9:cc:d1:f0:f6:aa:0c:32:4e:20:ce:04:68:b0:6a:0c:
15:2a:70:fa:d4:16:4b:ce:b4:d9:90:e2:7b:46:0c:91:b5:1c:
fd:54:b5:0c:91:be:1a:ef:e7:c5:32:63:cd:37:79:35:06:12:
00:8a:32:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUT+BwDnX4M19xWKhuc0zdzoyVRdQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MjUwNzI3NDdaFw0yNzA1MjQwNzMyNDdaMDMxMTAvBgNV
BAMTKDc2OENFNjcyQTRCQUIzODA2N0ZDMEI3Q0M4NjUwNDc1REJBQUE4RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrTuVRy/30WiixT6O7Rw6FOnz1
wcrBs7N3b9razJWQOpo0EGArPSxa3S4SoTqFsI79mgEUEp2ddBm9oBiAaie+iVRE
Srxhos/Nvaepty8Wa0wt/1OPjYeAsUzBW7O2jjwRYiJpP2YUzuw08biAimfNbnjU
UA1/xSUp2EJRBE4znhmQiREIo5OcrRzr7AIqCOSpuSRYABIOxfBMGgSLK6EMnYN1
e+qBd3OvFvsm91Od3Z/Bc2oVcUjyfLwEJymUS7632lUvvXq/rv8rxkQ1Ptx/9vk0
FrlUKAhGuV0DefA/RVZQmMjBfqJUdb7Hrhcx4SvIlUTyHz0XuvNGpJSldezrAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUdozmcqS6s4Bn/At8yGUEdduqqPgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUzNTY4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAlvHR
AwQAm3UQAwQAm3VpMA0GCSqGSIb3DQEBCwUAA4IBAQCwPrK5Yb6Pa7fGlUZ08Pal
dhQ4+Ewn2H0SFeWg1pcnkfpdmwiPaPYg9IiQRNBbAmUJ5kIScmSX/ahQtwesDrkW
kmzrABOfvRemJZAihR6u+9Ki0jCmSo0SNYJSJcWxpPUBS9ecSIib6MnoCfmv63Dm
I72Rh+pFcL64heWfJe4uhlRv99Hqfy7kRlzDccGcSIA6mfuImff2MgOe01x83FRs
srC2i6VI99Kr42P+EHjzfLenAGm4wiZhaqogVgJoD3t4apEOXQHkxunM0fD2qgwy
TiDOBGiwagwVKnD61BZLzrTZkOJ7RgyRtRz9VLUMkb4a7+fFMmPNN3k1BhIAijLQ
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:38:01 2026 by rpki-client