Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154132.roa
File: AS154132.roa (raw, json)
Hash identifier: Bcl2g5e4IdFHYrNZb/A6xRMBh9GYmlIF3RwSV6REtpg=
Subject key identifier: C7:5B:CB:64:D3:48:B4:9C:4A:18:46:F7:D3:96:82:78:70:06:CB:6B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5D36BBD4D59A4B06C631F598638856C61CFF3B14
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154132.roa
Signing time: Fri 12 Jun 2026 15:56:28 +0000
ROA not before: Fri 12 Jun 2026 15:51:28 +0000
ROA not after: Fri 11 Jun 2027 15:56:28 +0000
asID: 154132
IP address blocks: 140.233.181.0/24 maxlen: 24
140.233.182.0/24 maxlen: 24
143.14.182.0/24 maxlen: 24
146.103.48.0/24 maxlen: 24
147.79.56.0/24 maxlen: 24
155.117.207.0/24 maxlen: 24
162.141.97.0/24 maxlen: 24
162.141.107.0/24 maxlen: 24
162.141.120.0/24 maxlen: 24
168.222.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:36:bb:d4:d5:9a:4b:06:c6:31:f5:98:63:88:56:c6:1c:ff:3b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 12 15:51:28 2026 GMT
Not After : Jun 11 15:56:28 2027 GMT
Subject: CN=C75BCB64D348B49C4A1846F7D39682787006CB6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:87:92:c9:6c:18:ed:d1:d5:4f:13:7f:c0:5a:
b7:9d:bd:46:2c:d8:f6:67:ec:a0:ac:59:8d:2a:02:
aa:69:85:3f:fd:49:c4:85:c4:86:cb:8d:c4:fc:b4:
1d:45:91:c7:4f:24:ce:11:dc:57:38:cc:1f:cc:5c:
b8:73:11:b6:59:67:65:f2:9b:13:d7:b7:a9:f7:86:
11:60:eb:dd:af:b1:ca:03:16:03:98:75:25:8d:9e:
09:64:23:c1:55:75:16:de:22:7a:3e:53:6b:e6:0e:
1d:f0:77:37:24:64:fc:64:63:98:9d:3d:ab:dd:e0:
37:c7:ba:d7:f1:1b:c4:55:b2:b6:6f:7f:6b:e5:17:
48:eb:6e:dd:bd:5c:9a:89:d9:c0:41:c0:40:d0:8e:
a8:90:ee:4d:29:d7:a2:03:74:b3:0a:21:46:8c:b1:
d7:67:0d:12:4a:2b:da:39:8d:79:0f:18:52:05:3c:
73:ef:ce:f5:b0:81:b8:fe:8b:90:9d:3d:fa:2e:d8:
09:84:7d:1b:55:7d:95:48:d7:62:be:dd:ab:c0:c8:
6b:2f:5f:96:3e:81:98:ba:91:be:32:a8:73:e3:98:
62:0d:6a:1c:46:10:14:28:af:06:3b:f1:f1:11:29:
00:29:03:7c:a7:da:81:4e:af:97:0e:90:86:f0:68:
96:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5B:CB:64:D3:48:B4:9C:4A:18:46:F7:D3:96:82:78:70:06:CB:6B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.181.0-140.233.182.255
143.14.182.0/24
146.103.48.0/24
147.79.56.0/24
155.117.207.0/24
162.141.97.0/24
162.141.107.0/24
162.141.120.0/24
168.222.51.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:f3:c4:08:98:e8:9d:d1:6d:73:c2:0c:11:cb:07:9e:c6:ca:
ee:cf:ae:fd:56:7b:5b:3f:07:1e:06:b3:6c:9a:da:9c:2e:14:
96:ac:0e:2e:f8:be:c6:04:29:da:5f:0a:89:3f:f2:24:45:4b:
52:b5:ed:d8:d6:81:4d:b2:a9:d4:f0:02:18:5f:6f:47:93:2e:
92:46:1f:1f:7c:b2:88:51:af:88:58:79:f4:f5:3f:66:99:20:
68:c7:a0:a8:fa:2c:44:1f:e4:57:43:bb:48:f3:41:54:30:43:
0c:2a:9e:ae:6b:12:e6:aa:a3:65:6e:0e:ae:92:c7:56:a5:35:
ae:25:18:36:60:34:f7:2e:34:fc:c4:8d:9d:c3:80:1f:c2:4e:
f5:48:79:38:97:77:d2:99:4b:be:ad:60:65:60:02:8f:9f:3d:
03:63:bf:8d:94:62:c2:db:c0:da:b7:e4:0c:c6:c7:73:c8:28:
bf:3a:fa:07:6b:5b:eb:05:16:b7:2c:9a:83:7b:32:4a:5b:02:
d3:06:eb:a7:54:be:6c:d4:5b:77:8b:5c:5a:11:dc:7c:26:73:
38:d7:7f:2c:3e:9d:66:b6:e4:b5:59:c5:0e:08:58:c1:8f:fe:
24:dd:c2:c9:37:4f:60:ee:a9:38:27:50:0c:06:29:1f:49:89:
98:53:ca:97
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUXTa71NWaSwbGMfWYY4hWxhz/OxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MTIxNTUxMjhaFw0yNzA2MTExNTU2MjhaMDMxMTAvBgNV
BAMTKEM3NUJDQjY0RDM0OEI0OUM0QTE4NDZGN0QzOTY4Mjc4NzAwNkNCNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIh5LJbBjt0dVPE3/AWredvUYs
2PZn7KCsWY0qAqpphT/9ScSFxIbLjcT8tB1FkcdPJM4R3Fc4zB/MXLhzEbZZZ2Xy
mxPXt6n3hhFg692vscoDFgOYdSWNnglkI8FVdRbeIno+U2vmDh3wdzckZPxkY5id
Pavd4DfHutfxG8RVsrZvf2vlF0jrbt29XJqJ2cBBwEDQjqiQ7k0p16IDdLMKIUaM
sddnDRJKK9o5jXkPGFIFPHPvzvWwgbj+i5CdPfou2AmEfRtVfZVI12K+3avAyGsv
X5Y+gZi6kb4yqHPjmGINahxGEBQorwY78fERKQApA3yn2oFOr5cOkIbwaJbbAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUx1vLZNNItJxKGEb305aCeHAGy2swHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTU0MTMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBACM
6bUDBACM6bYDBACPDrYDBACSZzADBACTTzgDBACbdc8DBACijWEDBACijWsDBACi
jXgDBACo3jMwDQYJKoZIhvcNAQELBQADggEBAKDzxAiY6J3RbXPCDBHLB57Gyu7P
rv1We1s/Bx4Gs2ya2pwuFJasDi74vsYEKdpfCok/8iRFS1K17djWgU2yqdTwAhhf
b0eTLpJGHx98sohRr4hYefT1P2aZIGjHoKj6LEQf5FdDu0jzQVQwQwwqnq5rEuaq
o2VuDq6Sx1alNa4lGDZgNPcuNPzEjZ3DgB/CTvVIeTiXd9KZS76tYGVgAo+fPQNj
v42UYsLbwNq35AzGx3PIKL86+gdrW+sFFrcsmoN7MkpbAtMG66dUvmzUW3eLXFoR
3HwmczjXfyw+nWa25LVZxQ4IWMGP/iTdwsk3T2DuqTgnUAwGKR9JiZhTypc=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:35:03 2026 by rpki-client