Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154612.roa
File: AS154612.roa (raw, json)
Hash identifier: 2TsDOPUPkEhR1H++GNIzGMLRJRo8PDH1iF8vTJTcFZs=
Subject key identifier: FC:E8:40:90:C9:99:DD:EC:17:E7:98:D0:4C:76:62:8C:6A:4F:BB:B7
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2B29368CCBC793DC633F41BC53157F825CBADFDB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154612.roa
Signing time: Fri 12 Jun 2026 07:21:02 +0000
ROA not before: Fri 12 Jun 2026 07:16:02 +0000
ROA not after: Fri 11 Jun 2027 07:21:02 +0000
asID: 154612
IP address blocks: 143.14.182.0/24 maxlen: 24
147.79.56.0/24 maxlen: 24
148.135.173.0/24 maxlen: 24
155.117.207.0/24 maxlen: 24
162.141.39.0/24 maxlen: 24
168.222.51.0/24 maxlen: 24
168.222.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:29:36:8c:cb:c7:93:dc:63:3f:41:bc:53:15:7f:82:5c:ba:df:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 12 07:16:02 2026 GMT
Not After : Jun 11 07:21:02 2027 GMT
Subject: CN=FCE84090C999DDEC17E798D04C76628C6A4FBBB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:73:55:9d:31:65:a6:65:06:cd:43:6b:e1:d9:
74:d0:a2:07:1d:80:7a:24:36:8b:30:c7:3a:93:81:
50:04:bb:9d:c0:64:32:ec:89:55:e0:7c:de:f3:36:
2e:dd:fa:cd:ff:16:a9:be:fb:54:fa:9c:1f:1a:3f:
a2:e4:be:9b:f4:b3:af:71:a0:8a:78:ed:6a:ed:43:
7b:71:e3:1a:de:e6:38:4f:3c:49:03:fd:31:15:9d:
71:68:7c:19:2b:cb:06:26:62:de:19:ec:f5:78:f0:
00:c0:64:43:44:40:0e:76:3d:63:cc:a0:6d:4b:3f:
82:db:a9:68:31:fd:b7:1e:44:98:0e:c0:72:05:18:
52:9a:b2:73:b5:66:81:5c:dc:f3:6d:97:cb:cd:7f:
ed:10:a3:76:d9:24:53:91:ec:8b:df:9a:d5:b3:b0:
ee:7e:c9:c1:00:16:69:9f:fe:b5:3f:95:78:9e:ab:
67:5b:7e:9c:cc:7e:64:a6:9d:6d:11:38:62:4d:17:
41:91:ee:e3:23:d8:60:2d:43:ac:d2:15:16:72:84:
6f:14:44:17:60:ad:de:bc:b8:bd:14:dd:55:e6:db:
89:bd:47:43:0f:6b:c8:da:9d:ae:ac:4f:77:c8:14:
8c:50:7e:5c:40:94:cf:89:1b:e7:c2:7e:b0:77:56:
d4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E8:40:90:C9:99:DD:EC:17:E7:98:D0:4C:76:62:8C:6A:4F:BB:B7
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154612.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.182.0/24
147.79.56.0/24
148.135.173.0/24
155.117.207.0/24
162.141.39.0/24
168.222.51.0/24
168.222.91.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:56:d0:6a:7b:14:e9:45:de:c6:a3:cd:60:3e:66:00:8b:15:
65:70:e7:b6:cc:4c:0f:69:7b:68:a9:ec:99:ad:73:3d:e0:43:
19:4c:1f:eb:7e:36:57:06:59:b7:68:ea:ee:72:b3:f6:63:12:
c4:0c:f9:d5:83:13:e3:e6:95:af:64:0d:f5:72:f9:3e:1a:d2:
d1:f1:c6:6b:a0:85:06:1b:57:5f:72:0f:33:a6:5c:ad:d6:8a:
24:50:92:47:b4:02:34:a1:4e:28:c9:3c:67:ed:11:73:51:20:
54:c2:57:97:86:55:8e:82:85:b8:68:35:6a:51:ca:b8:14:a8:
21:f4:a1:3c:14:6b:68:de:fd:10:4a:d7:f2:10:fb:0d:f4:1b:
4d:b3:4c:dc:b8:5b:d9:f1:26:29:a4:ad:b5:9a:f1:58:18:f9:
4b:76:8c:80:a1:26:5d:09:4e:ec:65:cb:85:98:5f:8f:7d:ff:
4f:d1:fc:2e:f1:77:b4:7d:c2:59:6c:92:7f:37:98:1a:fb:94:
05:b2:be:59:f9:cd:4a:7d:55:ac:68:37:20:7a:bf:36:33:dd:
d4:b8:f8:3d:10:10:fc:0b:a5:b5:e3:f1:cf:b7:f5:c6:de:02:
f1:cd:45:91:16:a6:9f:50:63:18:74:b1:04:a7:b9:5a:36:6d:
29:45:cf:92
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUKyk2jMvHk9xjP0G8UxV/gly639swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MTIwNzE2MDJaFw0yNzA2MTEwNzIxMDJaMDMxMTAvBgNV
BAMTKEZDRTg0MDkwQzk5OURERUMxN0U3OThEMDRDNzY2MjhDNkE0RkJCQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBc1WdMWWmZQbNQ2vh2XTQogcd
gHokNoswxzqTgVAEu53AZDLsiVXgfN7zNi7d+s3/Fqm++1T6nB8aP6Lkvpv0s69x
oIp47WrtQ3tx4xre5jhPPEkD/TEVnXFofBkrywYmYt4Z7PV48ADAZENEQA52PWPM
oG1LP4LbqWgx/bceRJgOwHIFGFKasnO1ZoFc3PNtl8vNf+0Qo3bZJFOR7IvfmtWz
sO5+ycEAFmmf/rU/lXieq2dbfpzMfmSmnW0ROGJNF0GR7uMj2GAtQ6zSFRZyhG8U
RBdgrd68uL0U3VXm24m9R0MPa8jana6sT3fIFIxQflxAlM+JG+fCfrB3VtTzAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQU/OhAkMmZ3ewX55jQTHZijGpPu7cwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTU0NjEyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAjw62
AwQAk084AwQAlIetAwQAm3XPAwQAoo0nAwQAqN4zAwQAqN5bMA0GCSqGSIb3DQEB
CwUAA4IBAQAaVtBqexTpRd7Go81gPmYAixVlcOe2zEwPaXtoqeyZrXM94EMZTB/r
fjZXBlm3aOrucrP2YxLEDPnVgxPj5pWvZA31cvk+GtLR8cZroIUGG1dfcg8zplyt
1ookUJJHtAI0oU4oyTxn7RFzUSBUwleXhlWOgoW4aDVqUcq4FKgh9KE8FGto3v0Q
StfyEPsN9BtNs0zcuFvZ8SYppK21mvFYGPlLdoyAoSZdCU7sZcuFmF+Pff9P0fwu
8Xe0fcJZbJJ/N5ga+5QFsr5Z+c1KfVWsaDcger82M93UuPg9EBD8C6W14/HPt/XG
3gLxzUWRFqafUGMYdLEEp7laNm0pRc+S
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:37:58 2026 by rpki-client