Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: 0N5xh53nmPzutwIt2QX+55ieQ4RkKMe50plDf/V5jyA=
Subject key identifier: FC:03:50:A7:10:CA:28:AC:87:18:17:8B:F4:72:18:0C:42:16:C5:13
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 79F5A6DF5BF0C0B20F466D486DD3809970A3C380
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
Signing time: Tue 29 Jul 2025 09:12:41 +0000
ROA not before: Tue 29 Jul 2025 09:07:41 +0000
ROA not after: Tue 28 Jul 2026 09:12:41 +0000
asID: 396356
IP address blocks: 145.223.40.0/24 maxlen: 24
146.103.46.0/24 maxlen: 24
150.241.135.0/24 maxlen: 24
155.117.180.0/22 maxlen: 22
155.117.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:f5:a6:df:5b:f0:c0:b2:0f:46:6d:48:6d:d3:80:99:70:a3:c3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 29 09:07:41 2025 GMT
Not After : Jul 28 09:12:41 2026 GMT
Subject: CN=FC0350A710CA28AC8718178BF472180C4216C513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d4:86:cb:74:ec:4e:a3:41:c6:9b:61:1c:01:
78:c2:b5:52:2b:4c:24:34:fb:d3:f4:66:c8:08:09:
d7:5a:37:06:96:83:79:08:1b:10:55:78:7b:d8:44:
f7:c6:4e:cd:fb:d9:75:aa:ca:3f:67:91:f8:9a:40:
84:ff:a7:d7:79:98:6a:8b:46:4d:52:69:e6:03:c3:
48:f7:d8:d5:b7:f3:1d:3b:32:81:91:05:ad:9c:0a:
a9:ff:9a:41:43:8b:a4:4a:1a:b0:8e:59:51:b1:78:
83:04:42:1b:e1:cd:ad:77:6d:93:c4:5a:9f:55:19:
87:d1:ed:f7:eb:11:ad:a9:6a:bd:da:44:f9:78:1e:
8d:29:95:07:0b:70:71:50:67:f5:54:6e:21:84:fc:
ec:a1:2c:76:70:f9:e5:fd:4c:01:ee:e7:df:a1:a8:
4a:98:b7:96:99:88:03:38:15:3e:55:1b:ec:49:ab:
8e:d3:52:7a:ea:c9:5e:a7:ef:8c:0a:46:76:9c:3e:
51:d4:0f:85:1e:84:97:07:c4:b3:e5:a0:d0:86:c0:
42:f9:ce:0a:b3:72:5e:90:75:1e:1d:05:25:07:0f:
8b:04:da:ef:d7:d1:4f:63:60:6b:45:d1:5e:52:73:
e4:c9:91:7e:f2:03:31:c0:98:6d:6b:22:a9:b8:83:
a3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:03:50:A7:10:CA:28:AC:87:18:17:8B:F4:72:18:0C:42:16:C5:13
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.40.0/24
146.103.46.0/24
150.241.135.0/24
155.117.180.0/22
155.117.248.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:e9:89:2f:01:22:bb:f3:9b:b1:04:75:90:38:e7:e7:60:e4:
f6:6e:67:ea:5c:dd:2b:65:0f:6c:40:eb:f7:33:38:9e:09:db:
83:4e:1a:c5:49:07:15:67:71:14:58:56:c1:61:d2:09:21:63:
b9:2c:82:ea:9b:2e:c1:ac:63:7b:f2:2e:d3:fd:64:56:c8:46:
1d:0a:ad:9e:d7:a3:5d:f5:da:fd:0a:97:d2:16:d9:c0:81:49:
5b:e2:31:73:b9:88:9e:da:42:32:41:c7:02:31:fb:11:28:a6:
05:3e:c0:67:b4:26:81:0e:1e:55:95:7b:fc:03:f6:f3:10:1d:
07:ec:f3:91:4e:cd:0d:85:1c:a4:e0:2b:11:bf:3b:1f:06:eb:
38:f4:3c:42:b6:60:80:f7:e9:d7:86:34:6b:6e:ce:fc:96:f6:
7b:06:c0:e5:82:3b:11:6a:b1:4b:16:31:a6:4c:08:8a:51:a7:
14:e7:5a:54:39:21:b0:70:2c:80:2c:cf:6a:4a:b2:60:45:9b:
69:8e:32:bf:90:c3:88:6b:1a:be:3f:e0:fa:d3:17:5a:e9:54:
37:c7:75:c5:ba:ca:c7:15:de:e9:35:75:2a:03:64:37:81:ae:
ea:9a:2b:32:96:68:f2:39:2b:c4:47:2a:0c:d2:3e:58:c1:6e:
0b:b0:ef:28
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUefWm31vwwLIPRm1IbdOAmXCjw4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MjkwOTA3NDFaFw0yNjA3MjgwOTEyNDFaMDMxMTAvBgNV
BAMTKEZDMDM1MEE3MTBDQTI4QUM4NzE4MTc4QkY0NzIxODBDNDIxNkM1MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe1IbLdOxOo0HGm2EcAXjCtVIr
TCQ0+9P0ZsgICddaNwaWg3kIGxBVeHvYRPfGTs372XWqyj9nkfiaQIT/p9d5mGqL
Rk1SaeYDw0j32NW38x07MoGRBa2cCqn/mkFDi6RKGrCOWVGxeIMEQhvhza13bZPE
Wp9VGYfR7ffrEa2par3aRPl4Ho0plQcLcHFQZ/VUbiGE/OyhLHZw+eX9TAHu59+h
qEqYt5aZiAM4FT5VG+xJq47TUnrqyV6n74wKRnacPlHUD4UehJcHxLPloNCGwEL5
zgqzcl6QdR4dBSUHD4sE2u/X0U9jYGtF0V5Sc+TJkX7yAzHAmG1rIqm4g6NpAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQU/ANQpxDKKKyHGBeL9HIYDEIWxRMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkd8o
AwQAkmcuAwQAlvGHAwQCm3W0AwQCm3X4MA0GCSqGSIb3DQEBCwUAA4IBAQBd6Ykv
ASK785uxBHWQOOfnYOT2bmfqXN0rZQ9sQOv3MzieCduDThrFSQcVZ3EUWFbBYdIJ
IWO5LILqmy7BrGN78i7T/WRWyEYdCq2e16Nd9dr9CpfSFtnAgUlb4jFzuYie2kIy
QccCMfsRKKYFPsBntCaBDh5VlXv8A/bzEB0H7PORTs0NhRyk4CsRvzsfBus49DxC
tmCA9+nXhjRrbs78lvZ7BsDlgjsRarFLFjGmTAiKUacU51pUOSGwcCyALM9qSrJg
RZtpjjK/kMOIaxq+P+D60xda6VQ3x3XFusrHFd7pNXUqA2Q3ga7qmisylmjyOSvE
RyoM0j5YwW4LsO8o
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:41:22 2025 by rpki-client