Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS394380.roa
File: AS394380.roa (raw, json)
Hash identifier: dVE6caTrpJWazOcLCYm4cpCFjKsi0y14WkFHpnkFhTc=
Subject key identifier: A1:56:08:3C:5E:AA:CA:BE:72:E3:54:B3:4A:D7:0C:58:03:54:45:4F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2CEB894D78CE45D461748AF27F85CD3E06F4C7E1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS394380.roa
Signing time: Tue 10 Feb 2026 10:56:04 +0000
ROA not before: Tue 10 Feb 2026 10:51:04 +0000
ROA not after: Tue 09 Feb 2027 10:56:04 +0000
asID: 394380
IP address blocks: 148.135.146.0/24 maxlen: 24
148.135.149.0/24 maxlen: 24
148.135.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:eb:89:4d:78:ce:45:d4:61:74:8a:f2:7f:85:cd:3e:06:f4:c7:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 10 10:51:04 2026 GMT
Not After : Feb 9 10:56:04 2027 GMT
Subject: CN=A156083C5EAACABE72E354B34AD70C580354454F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7c:9e:02:1e:88:6b:97:1a:6c:87:df:56:22:
7c:9d:a0:a6:26:43:bd:77:01:3c:d3:af:27:8d:c5:
c7:53:a5:6f:fa:63:51:c0:a4:dc:50:34:51:50:4e:
d3:92:89:ff:2a:d8:bd:92:e1:e4:e9:73:18:bb:1e:
83:aa:67:a0:4e:5e:a2:a7:96:15:b3:bd:5f:5e:5e:
b4:06:a5:05:22:76:83:dd:ba:98:ee:16:6a:f0:f3:
9a:42:a1:07:5b:57:a6:71:9c:d0:fc:f0:0c:0f:2f:
f9:62:2b:b9:e7:48:57:4d:da:16:0c:f0:d3:ee:db:
05:86:10:19:15:96:1c:7f:e0:92:4d:e0:99:1e:65:
b0:2d:bf:34:1a:81:01:a8:f6:ed:1c:a9:12:80:ac:
08:01:7a:fc:f3:a4:e6:57:45:15:d5:69:92:3e:ea:
fc:d9:92:9a:80:db:6b:ce:b1:eb:8e:ca:0f:8c:b5:
82:a7:e6:e9:2c:91:2d:d6:47:51:2b:25:7a:0a:f4:
6f:38:f9:4b:f4:f4:0f:62:0b:20:3b:20:b1:59:83:
20:19:2d:d6:24:01:8b:8e:8a:74:45:68:80:5a:df:
b7:83:6d:24:a3:19:14:7f:b4:ad:fb:00:65:d5:38:
e1:f8:f4:6e:3f:c6:b3:94:80:c4:5b:05:68:6a:9d:
21:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:56:08:3C:5E:AA:CA:BE:72:E3:54:B3:4A:D7:0C:58:03:54:45:4F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS394380.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.146.0/24
148.135.149.0/24
148.135.157.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:b5:ad:65:e2:b1:c6:4f:a0:c7:85:e2:2a:9f:2e:17:f5:56:
3b:0e:69:3f:f1:a4:6e:c8:fb:08:79:8e:0a:b4:d6:07:17:8a:
12:78:af:2f:69:c4:55:66:e6:cf:d5:0b:b3:a6:cf:66:e9:f7:
b0:b6:fb:3c:c5:01:cd:9b:1c:a1:47:5b:19:72:c7:fb:28:4f:
f4:94:40:60:23:4c:8f:9c:ba:80:d4:25:18:03:15:ca:60:a3:
79:7a:80:85:d8:45:79:42:8a:86:59:06:8c:18:0d:3a:52:a6:
cd:c7:ab:22:1e:11:f4:d4:b2:26:69:14:a3:30:da:8e:1a:2f:
98:c4:e5:c5:a5:40:27:f3:da:a2:52:5b:d4:6c:98:c9:72:b6:
22:4a:81:85:9c:bb:c6:ab:e9:c9:83:78:21:8d:c7:b5:16:b2:
59:09:b3:b0:16:60:82:4b:1d:e5:94:58:8a:3f:32:40:d4:39:
ee:a1:96:13:58:c2:05:a7:ad:e7:13:3d:94:62:1c:d6:5b:c0:
22:33:fc:66:b3:2f:13:4f:07:57:12:6b:40:14:84:6d:09:f4:
e2:fe:41:60:e9:22:ab:90:aa:1d:f9:a9:2e:32:dc:9f:aa:3b:
e7:95:21:c8:4e:25:5e:f5:dc:7d:b4:97:ee:c0:3e:4c:30:16:
69:b4:11:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIULOuJTXjORdRhdIryf4XNPgb0x+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTAxMDUxMDRaFw0yNzAyMDkxMDU2MDRaMDMxMTAvBgNV
BAMTKEExNTYwODNDNUVBQUNBQkU3MkUzNTRCMzRBRDcwQzU4MDM1NDQ1NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZfJ4CHohrlxpsh99WInydoKYm
Q713ATzTryeNxcdTpW/6Y1HApNxQNFFQTtOSif8q2L2S4eTpcxi7HoOqZ6BOXqKn
lhWzvV9eXrQGpQUidoPdupjuFmrw85pCoQdbV6ZxnND88AwPL/liK7nnSFdN2hYM
8NPu2wWGEBkVlhx/4JJN4JkeZbAtvzQagQGo9u0cqRKArAgBevzzpOZXRRXVaZI+
6vzZkpqA22vOseuOyg+MtYKn5ukskS3WR1ErJXoK9G84+Uv09A9iCyA7ILFZgyAZ
LdYkAYuOinRFaIBa37eDbSSjGRR/tK37AGXVOOH49G4/xrOUgMRbBWhqnSFXAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUoVYIPF6qyr5y41SzStcMWANURU8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk0MzgwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAlIeS
AwQAlIeVAwQAlIedMA0GCSqGSIb3DQEBCwUAA4IBAQAPta1l4rHGT6DHheIqny4X
9VY7Dmk/8aRuyPsIeY4KtNYHF4oSeK8vacRVZubP1Quzps9m6fewtvs8xQHNmxyh
R1sZcsf7KE/0lEBgI0yPnLqA1CUYAxXKYKN5eoCF2EV5QoqGWQaMGA06UqbNx6si
HhH01LImaRSjMNqOGi+YxOXFpUAn89qiUlvUbJjJcrYiSoGFnLvGq+nJg3ghjce1
FrJZCbOwFmCCSx3llFiKPzJA1DnuoZYTWMIFp63nEz2UYhzWW8AiM/xmsy8TTwdX
EmtAFIRtCfTi/kFg6SKrkKod+akuMtyfqjvnlSHITiVe9dx9tJfuwD5MMBZptBFd
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:34:45 2026 by rpki-client