Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS393942.roa
File: AS393942.roa (raw, json)
Hash identifier: ipOGLgtRyBEt6Sg44tTVX9ZWOJpBp/7+dIwHQRt3fhk=
Subject key identifier: F4:E4:69:63:CC:6B:A0:64:98:7F:43:6C:FE:E0:31:2B:79:AD:AA:A2
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 327F4C61033ED31D23578B25ECA64EFDBF452FD9
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS393942.roa
Signing time: Mon 02 Mar 2026 00:02:13 +0000
ROA not before: Sun 01 Mar 2026 23:57:13 +0000
ROA not after: Mon 01 Mar 2027 00:02:13 +0000
asID: 393942
IP address blocks: 145.223.67.0/24 maxlen: 24
155.117.217.0/24 maxlen: 24
167.148.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:7f:4c:61:03:3e:d3:1d:23:57:8b:25:ec:a6:4e:fd:bf:45:2f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 1 23:57:13 2026 GMT
Not After : Mar 1 00:02:13 2027 GMT
Subject: CN=F4E46963CC6BA064987F436CFEE0312B79ADAAA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9a:7f:89:dc:74:37:65:13:6d:e0:a5:7d:0d:
72:43:66:d6:2f:39:55:46:e7:ba:da:f3:f4:19:28:
91:c6:d1:fd:c2:80:87:c4:a0:48:a6:7d:be:ff:67:
44:6e:e7:6d:87:e0:27:f1:94:6a:a8:b1:c8:54:a1:
db:5c:3a:58:1f:00:bf:03:41:9c:c6:dd:ed:28:a1:
eb:d0:fb:12:dd:7f:a5:d8:a5:89:f1:9a:2b:d2:67:
d2:5b:c7:f9:25:fe:73:84:7f:51:64:c3:8c:53:0c:
47:14:36:94:3c:d0:96:85:32:ef:db:2a:ea:59:70:
7d:70:b4:34:35:45:66:31:bd:e0:e7:34:0c:b9:4b:
ad:9a:19:58:24:25:53:8a:8a:3e:16:d0:31:f4:c4:
1f:6f:56:4b:02:32:0d:e3:f2:fe:bf:74:2e:ac:f0:
0c:cb:79:ad:e5:fa:56:63:42:d3:4d:1d:cb:1e:e1:
02:4a:77:ac:78:6d:83:1e:c7:d9:60:16:29:5d:6f:
28:bb:15:06:56:71:2f:19:d3:55:78:f5:bc:b1:aa:
84:88:04:36:44:f6:89:a9:9a:dd:9e:a4:cc:08:93:
4c:00:19:0a:8b:3a:f2:f7:29:41:02:d4:b4:2e:42:
90:a5:4a:41:f6:5a:c0:9d:42:36:e4:bb:60:73:fa:
d9:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E4:69:63:CC:6B:A0:64:98:7F:43:6C:FE:E0:31:2B:79:AD:AA:A2
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS393942.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.67.0/24
155.117.217.0/24
167.148.163.0/24
Signature Algorithm: sha256WithRSAEncryption
46:4c:0d:fe:24:b8:8f:05:dd:34:62:ce:f5:01:35:49:50:96:
3b:6b:d0:30:6c:4e:87:fa:32:da:81:db:f8:e8:91:40:70:23:
33:d6:63:87:50:ea:33:5e:1f:ef:ba:b1:da:55:2c:0a:71:9a:
31:9e:f8:b0:69:a5:b2:58:af:aa:20:35:02:d6:79:fa:53:67:
df:8d:02:a3:a7:45:7a:2d:4e:93:eb:74:bb:bd:85:3a:b5:c4:
73:96:24:f4:be:f9:1e:f0:ce:14:bc:3a:24:3d:c3:9f:0f:8b:
46:f2:e0:04:09:2a:99:ae:86:e9:65:41:45:c3:ce:2c:3c:9f:
26:c1:ac:74:ac:11:ee:b9:08:7e:79:d2:b4:7e:25:3f:4b:88:
bd:3a:d6:66:c3:23:4a:d5:6f:d1:c2:a7:b9:79:bd:fc:fc:81:
df:f1:e3:06:98:d1:cd:d9:e2:f3:90:39:44:f8:d4:3d:97:6b:
3b:f8:e4:43:6b:8f:8b:d7:47:e7:3a:69:66:59:15:44:b0:74:
b9:d6:c2:d1:15:c1:52:4b:60:e4:3b:50:f4:e9:32:33:13:42:
d9:b1:fc:73:40:7d:94:22:52:21:25:a8:5d:cb:c5:87:bd:fc:
d6:62:7f:6e:2d:27:45:c2:ff:08:e5:33:4b:03:cc:23:76:df:
65:60:24:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUMn9MYQM+0x0jV4sl7KZO/b9FL9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDEyMzU3MTNaFw0yNzAzMDEwMDAyMTNaMDMxMTAvBgNV
BAMTKEY0RTQ2OTYzQ0M2QkEwNjQ5ODdGNDM2Q0ZFRTAzMTJCNzlBREFBQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4mn+J3HQ3ZRNt4KV9DXJDZtYv
OVVG57ra8/QZKJHG0f3CgIfEoEimfb7/Z0Ru522H4CfxlGqoschUodtcOlgfAL8D
QZzG3e0ooevQ+xLdf6XYpYnxmivSZ9Jbx/kl/nOEf1Fkw4xTDEcUNpQ80JaFMu/b
KupZcH1wtDQ1RWYxveDnNAy5S62aGVgkJVOKij4W0DH0xB9vVksCMg3j8v6/dC6s
8AzLea3l+lZjQtNNHcse4QJKd6x4bYMex9lgFildbyi7FQZWcS8Z01V49byxqoSI
BDZE9ompmt2epMwIk0wAGQqLOvL3KUEC1LQuQpClSkH2WsCdQjbku2Bz+tm/AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU9ORpY8xroGSYf0Ns/uAxK3mtqqIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzkzOTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkd9D
AwQAm3XZAwQAp5SjMA0GCSqGSIb3DQEBCwUAA4IBAQBGTA3+JLiPBd00Ys71ATVJ
UJY7a9AwbE6H+jLagdv46JFAcCMz1mOHUOozXh/vurHaVSwKcZoxnviwaaWyWK+q
IDUC1nn6U2ffjQKjp0V6LU6T63S7vYU6tcRzliT0vvke8M4UvDokPcOfD4tG8uAE
CSqZrobpZUFFw84sPJ8mwax0rBHuuQh+edK0fiU/S4i9OtZmwyNK1W/Rwqe5eb38
/IHf8eMGmNHN2eLzkDlE+NQ9l2s7+ORDa4+L10fnOmlmWRVEsHS51sLRFcFSS2Dk
O1D06TIzE0LZsfxzQH2UIlIhJahdy8WHvfzWYn9uLSdFwv8I5TNLA8wjdt9lYCSk
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:07:59 2026 by rpki-client