Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS23532.roa
File: AS23532.roa (raw, json)
Hash identifier: rrcz5Jz/OCNwtGgjiOS+vc8fhM6n1fvgfTeV5zjn2IU=
Subject key identifier: 6B:A5:07:43:9A:48:25:CC:86:88:0A:CB:33:63:F1:D0:31:5B:67:40
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4C4F8689EE54207332AE05907663F99D9332D372
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS23532.roa
Signing time: Sun 15 Feb 2026 05:58:08 +0000
ROA not before: Sun 15 Feb 2026 05:53:08 +0000
ROA not after: Sun 14 Feb 2027 05:58:08 +0000
asID: 23532
IP address blocks: 96.62.0.0/19 maxlen: 24
96.62.45.0/24 maxlen: 24
96.62.79.0/24 maxlen: 24
96.62.85.0/24 maxlen: 24
143.14.254.0/24 maxlen: 24
148.135.234.0/23 maxlen: 24
148.135.240.0/23 maxlen: 24
150.241.162.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:4f:86:89:ee:54:20:73:32:ae:05:90:76:63:f9:9d:93:32:d3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 15 05:53:08 2026 GMT
Not After : Feb 14 05:58:08 2027 GMT
Subject: CN=6BA507439A4825CC86880ACB3363F1D0315B6740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3a:69:b8:95:d5:59:2c:1f:fc:a9:ef:59:71:
8b:16:e1:e2:ab:10:20:93:70:ac:96:3a:45:3c:9d:
07:d8:42:2a:36:c7:d3:04:46:1a:6f:48:63:db:d8:
16:56:54:67:d9:f8:12:b8:78:0b:3f:92:f4:48:43:
b9:a2:7e:c8:66:28:d9:95:ce:8a:74:a0:1a:12:75:
ea:57:0c:b7:2d:12:62:aa:82:8f:8a:15:8a:d8:26:
13:30:99:ac:14:be:b5:7c:47:eb:ec:95:08:d0:92:
01:fb:e9:f9:38:ae:00:4b:f7:78:01:8b:36:19:24:
38:00:5d:f6:73:83:99:6f:2a:33:d0:52:c8:d0:2f:
09:15:b4:0d:a3:3d:69:1d:dd:48:24:be:80:74:66:
6d:1d:5f:32:01:15:80:86:c6:fe:4a:8b:1c:08:6a:
84:ee:a7:f8:c0:8d:c0:59:b5:76:d7:ff:f4:7e:a3:
eb:7e:c1:fd:e1:d4:07:3b:dd:65:37:5d:a9:c0:5f:
5a:3d:64:09:6d:4a:90:0d:c3:98:8d:b6:20:bb:a9:
55:94:fc:40:b8:ad:41:bf:eb:ba:cd:26:c7:0a:2f:
7b:e1:0c:4a:16:bc:96:5e:4d:2f:17:24:18:45:02:
c1:dd:1f:77:e0:85:bc:59:5e:78:52:c6:c5:6f:ff:
6d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A5:07:43:9A:48:25:CC:86:88:0A:CB:33:63:F1:D0:31:5B:67:40
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS23532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.0.0/19
96.62.45.0/24
96.62.79.0/24
96.62.85.0/24
143.14.254.0/24
148.135.234.0/23
148.135.240.0/23
150.241.162.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:c7:be:5f:be:55:70:77:24:94:2a:c4:b9:0c:5f:3e:db:5f:
a1:53:ec:15:d0:13:45:7e:06:e0:4f:6f:4a:e7:18:00:52:82:
93:c2:19:02:e4:e6:eb:e5:88:3c:0c:9b:9c:a0:98:9f:2f:61:
c8:63:fe:48:bd:63:85:20:b1:45:67:b3:6d:24:9b:d1:1c:11:
11:39:e3:5c:ef:e0:34:c9:a1:d5:f1:ab:dd:53:c9:ad:a8:2a:
f6:ee:19:31:03:ea:38:f1:48:c1:c2:ab:ce:0d:81:83:4f:01:
07:44:54:94:aa:02:03:c7:bf:5a:be:bb:b2:d8:7d:48:c1:c9:
1a:77:cb:89:7a:71:e6:0f:0a:90:06:a1:d5:6f:15:b3:22:8f:
33:52:ab:a6:c2:8e:7b:15:e0:36:9f:50:2b:a5:40:40:06:60:
46:0a:18:d1:98:00:28:f5:6d:aa:6f:87:67:bf:89:dc:d1:43:
81:b7:5d:8f:eb:59:80:eb:d6:01:70:7d:a2:d9:88:f0:25:a3:
88:05:8c:9a:ed:5d:de:46:b3:43:56:03:81:e2:89:28:41:91:
90:15:08:ea:b4:8c:46:cd:e4:04:8c:61:24:13:8d:d7:30:40:
4f:cf:ed:ec:3c:58:46:68:11:f8:7d:5e:dd:fa:5a:b3:5b:eb:
e7:ef:b2:6e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUTE+Gie5UIHMyrgWQdmP5nZMy03IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTUwNTUzMDhaFw0yNzAyMTQwNTU4MDhaMDMxMTAvBgNV
BAMTKDZCQTUwNzQzOUE0ODI1Q0M4Njg4MEFDQjMzNjNGMUQwMzE1QjY3NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCOmm4ldVZLB/8qe9ZcYsW4eKr
ECCTcKyWOkU8nQfYQio2x9MERhpvSGPb2BZWVGfZ+BK4eAs/kvRIQ7mifshmKNmV
zop0oBoSdepXDLctEmKqgo+KFYrYJhMwmawUvrV8R+vslQjQkgH76fk4rgBL93gB
izYZJDgAXfZzg5lvKjPQUsjQLwkVtA2jPWkd3UgkvoB0Zm0dXzIBFYCGxv5KixwI
aoTup/jAjcBZtXbX//R+o+t+wf3h1Ac73WU3XanAX1o9ZAltSpANw5iNtiC7qVWU
/EC4rUG/67rNJscKL3vhDEoWvJZeTS8XJBhFAsHdH3fghbxZXnhSxsVv/21DAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUa6UHQ5pIJcyGiArLM2Px0DFbZ0AwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjM1MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAVgPgAD
BABgPi0DBABgPk8DBABgPlUDBACPDv4DBAGUh+oDBAGUh/ADBAGW8aIwDQYJKoZI
hvcNAQELBQADggEBAIzHvl++VXB3JJQqxLkMXz7bX6FT7BXQE0V+BuBPb0rnGABS
gpPCGQLk5uvliDwMm5ygmJ8vYchj/ki9Y4UgsUVns20km9EcERE541zv4DTJodXx
q91Tya2oKvbuGTED6jjxSMHCq84NgYNPAQdEVJSqAgPHv1q+u7LYfUjByRp3y4l6
ceYPCpAGodVvFbMijzNSq6bCjnsV4DafUCulQEAGYEYKGNGYACj1bapvh2e/idzR
Q4G3XY/rWYDr1gFwfaLZiPAlo4gFjJrtXd5Gs0NWA4HiiShBkZAVCOq0jEbN5ASM
YSQTjdcwQE/P7ew8WEZoEfh9Xt36WrNb6+fvsm4=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:32:54 2026 by rpki-client