Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153996.roa
File: AS153996.roa (raw, json)
Hash identifier: d023zsw2RCqgl/cvZXcYwY1hwX1xk3Gqe6i0YUsRipc=
Subject key identifier: C5:47:C0:30:8C:D2:0E:9E:33:90:3B:0E:53:06:51:A3:02:6F:4A:DC
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4307F63B5C46801F689BFE1D0EC8B63602E20549
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153996.roa
Signing time: Thu 04 Jun 2026 17:47:07 +0000
ROA not before: Thu 04 Jun 2026 17:42:07 +0000
ROA not after: Thu 03 Jun 2027 17:47:07 +0000
asID: 153996
IP address blocks: 143.14.9.0/24 maxlen: 24
143.14.11.0/24 maxlen: 24
143.14.16.0/24 maxlen: 24
143.14.200.0/24 maxlen: 24
162.141.142.0/24 maxlen: 24
168.222.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:07:f6:3b:5c:46:80:1f:68:9b:fe:1d:0e:c8:b6:36:02:e2:05:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 4 17:42:07 2026 GMT
Not After : Jun 3 17:47:07 2027 GMT
Subject: CN=C547C0308CD20E9E33903B0E530651A3026F4ADC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:83:6c:50:bd:58:c5:e7:eb:3d:0b:59:ec:5e:
9a:47:53:e7:a7:09:5f:75:47:e0:e9:8a:df:98:76:
46:ae:9b:40:e3:16:f3:c6:fd:15:eb:d9:e1:72:7c:
c2:2a:f7:aa:7c:3c:05:70:ac:99:f1:92:6a:3b:d1:
f8:b4:59:c7:a4:40:c1:58:6c:6a:66:3a:fa:ef:0e:
f7:c5:b9:29:24:86:d2:87:79:cf:fa:03:df:25:2e:
2f:70:71:20:9c:d2:5f:8a:e2:8d:c1:18:af:ee:28:
5a:02:62:7a:08:01:5f:40:95:3c:1e:a0:9d:b2:5c:
68:98:2b:b0:2a:1d:8c:0a:2a:8b:00:6c:f6:78:36:
3c:20:54:c2:ed:c2:86:43:b4:d0:9b:4f:b3:38:e3:
80:74:ae:ce:53:d6:03:16:ac:ff:91:67:d6:e5:1b:
17:2d:eb:55:64:2b:17:18:71:ec:3c:fb:1e:d8:96:
69:d3:9e:15:7d:11:4d:5f:0f:6e:ef:6a:a5:aa:d1:
e2:07:e7:90:4a:9b:3a:a8:e6:c0:4b:29:d7:75:81:
80:67:f9:dc:33:68:58:cc:ce:c4:84:23:af:04:1f:
99:97:ba:a3:17:d2:6d:cd:73:f5:a6:78:3c:41:af:
14:d8:38:e3:79:bb:6f:ce:ab:db:9d:51:ac:ef:75:
28:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:47:C0:30:8C:D2:0E:9E:33:90:3B:0E:53:06:51:A3:02:6F:4A:DC
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS153996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.9.0/24
143.14.11.0/24
143.14.16.0/24
143.14.200.0/24
162.141.142.0/24
168.222.8.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:86:24:22:4d:7b:0d:a3:78:3d:2f:2f:29:5a:cd:24:1f:0a:
e8:14:58:f8:fe:40:7f:34:3f:43:86:18:dc:c2:0c:9d:19:49:
3d:2e:36:78:af:d2:47:c5:09:2b:50:25:84:27:c4:d4:51:e8:
54:4c:6f:59:0d:8d:a0:53:6f:eb:11:7b:88:c0:b1:ee:d3:c2:
7b:1c:d3:f9:50:55:9e:39:99:ee:c0:55:03:fe:c5:aa:3a:47:
78:17:76:64:f8:b4:4e:0f:e6:18:4a:7d:77:76:dc:10:1c:d4:
9a:63:3d:68:00:a2:7d:cc:c6:31:d9:a4:9c:a9:20:54:ed:40:
62:4b:e1:5b:f4:58:c9:00:41:40:59:99:33:03:ff:e7:33:df:
3d:8d:b3:dc:25:5e:a7:61:27:25:a3:99:b5:fa:e7:ab:6b:bf:
01:ad:07:1a:a4:a0:82:e5:9a:0d:0e:cc:d1:f1:a4:17:eb:b7:
a8:d4:36:df:04:00:e4:77:96:14:63:59:e0:01:4f:23:69:e4:
38:b6:99:0c:72:08:67:28:42:1a:5d:1a:2d:34:e9:cb:58:28:
96:97:c3:4e:7f:f4:eb:dc:eb:a9:1d:3a:84:7e:8b:4b:f9:5f:
bf:a5:fe:40:ce:4c:9d:72:4a:54:7a:8f:9b:69:6c:a9:7f:57:
33:84:00:76
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUQwf2O1xGgB9om/4dDsi2NgLiBUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDQxNzQyMDdaFw0yNzA2MDMxNzQ3MDdaMDMxMTAvBgNV
BAMTKEM1NDdDMDMwOENEMjBFOUUzMzkwM0IwRTUzMDY1MUEzMDI2RjRBREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClg2xQvVjF5+s9C1nsXppHU+en
CV91R+Dpit+Ydkaum0DjFvPG/RXr2eFyfMIq96p8PAVwrJnxkmo70fi0WcekQMFY
bGpmOvrvDvfFuSkkhtKHec/6A98lLi9wcSCc0l+K4o3BGK/uKFoCYnoIAV9AlTwe
oJ2yXGiYK7AqHYwKKosAbPZ4NjwgVMLtwoZDtNCbT7M444B0rs5T1gMWrP+RZ9bl
Gxct61VkKxcYcew8+x7YlmnTnhV9EU1fD27vaqWq0eIH55BKmzqo5sBLKdd1gYBn
+dwzaFjMzsSEI68EH5mXuqMX0m3Nc/WmeDxBrxTYOON5u2/Oq9udUazvdSgzAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUxUfAMIzSDp4zkDsOUwZRowJvStwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUzOTk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjw4J
AwQAjw4LAwQAjw4QAwQAjw7IAwQAoo2OAwQAqN4IMA0GCSqGSIb3DQEBCwUAA4IB
AQA8hiQiTXsNo3g9Ly8pWs0kHwroFFj4/kB/ND9DhhjcwgydGUk9LjZ4r9JHxQkr
UCWEJ8TUUehUTG9ZDY2gU2/rEXuIwLHu08J7HNP5UFWeOZnuwFUD/sWqOkd4F3Zk
+LROD+YYSn13dtwQHNSaYz1oAKJ9zMYx2aScqSBU7UBiS+Fb9FjJAEFAWZkzA//n
M989jbPcJV6nYSclo5m1+uera78BrQcapKCC5ZoNDszR8aQX67eo1DbfBADkd5YU
Y1ngAU8jaeQ4tpkMcghnKEIaXRotNOnLWCiWl8NOf/Tr3OupHTqEfotL+V+/pf5A
zkydckpUeo+baWypf1czhAB2
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:41:51 2026 by rpki-client