Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: c9CQanbuAyl3qhlDmDZ/siEIlr1hMZqke72Mxh3V9T8=
Subject key identifier: E3:B5:E0:E3:9D:3C:C5:E2:DB:4F:A9:5E:15:C7:D0:B5:0B:66:86:16
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 38554DE49CA3B1A00B43257C2B714C7D361547F5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
Signing time: Tue 31 Mar 2026 03:37:39 +0000
ROA not before: Tue 31 Mar 2026 03:32:39 +0000
ROA not after: Tue 30 Mar 2027 03:37:39 +0000
asID: 397423
IP address blocks: 143.14.180.0/24 maxlen: 24
145.223.44.0/24 maxlen: 24
145.223.54.0/24 maxlen: 24
145.223.58.0/24 maxlen: 24
146.103.5.0/24 maxlen: 24
150.241.226.0/23 maxlen: 24
155.117.164.0/24 maxlen: 24
155.117.246.0/24 maxlen: 24
162.141.124.0/24 maxlen: 24
162.141.127.0/24 maxlen: 24
167.148.15.0/24 maxlen: 24
167.148.158.0/24 maxlen: 24
167.148.175.0/24 maxlen: 24
167.148.217.0/24 maxlen: 24
167.148.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:55:4d:e4:9c:a3:b1:a0:0b:43:25:7c:2b:71:4c:7d:36:15:47:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 31 03:32:39 2026 GMT
Not After : Mar 30 03:37:39 2027 GMT
Subject: CN=E3B5E0E39D3CC5E2DB4FA95E15C7D0B50B668616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d2:7b:e6:9a:d2:24:c4:ad:e8:d3:fb:e0:2f:
28:74:d7:37:44:07:04:2b:de:89:ff:b5:2c:e3:4c:
13:b2:ef:7a:c1:7d:44:25:e3:e0:fc:90:e1:d8:a6:
3c:f8:a9:62:ac:ff:bf:ee:0f:55:44:04:a1:a9:3b:
28:90:f6:ae:15:f4:d8:0f:9d:83:57:1d:d7:9e:af:
ec:a1:e8:92:34:76:34:4f:7d:a1:30:c6:de:a9:40:
d8:d1:08:ce:b8:50:e7:dd:41:12:64:1d:c5:e8:07:
47:1c:85:03:00:f9:c0:7a:03:a4:eb:1a:ab:d0:2b:
9b:00:7d:3e:6c:99:27:b2:e9:1f:33:ac:21:71:a5:
96:89:81:df:e5:02:34:25:b5:d4:1b:a2:de:6c:7c:
28:a3:1c:b1:a6:58:0a:cf:7b:0e:7f:ad:81:b3:c2:
61:46:3c:e4:60:c8:0f:b4:11:5b:c8:c5:9d:10:a9:
21:07:de:34:5b:de:7f:a8:6e:b3:71:cf:9b:1e:9e:
36:84:f0:7b:52:76:e6:d4:fd:06:c9:47:95:dd:28:
54:c1:79:1e:4c:a3:25:bb:2f:5f:f0:f3:02:15:40:
27:12:a2:2b:ec:97:b4:03:e7:ea:1b:85:5f:73:54:
bb:52:e5:0e:23:59:02:f7:a3:60:78:12:00:9d:c2:
00:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B5:E0:E3:9D:3C:C5:E2:DB:4F:A9:5E:15:C7:D0:B5:0B:66:86:16
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.180.0/24
145.223.44.0/24
145.223.54.0/24
145.223.58.0/24
146.103.5.0/24
150.241.226.0/23
155.117.164.0/24
155.117.246.0/24
162.141.124.0/24
162.141.127.0/24
167.148.15.0/24
167.148.158.0/24
167.148.175.0/24
167.148.217.0/24
167.148.219.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:bc:82:4e:dc:e5:fd:3f:f5:ac:32:2b:7c:15:ae:2d:9b:81:
41:94:ac:91:18:39:8a:21:a9:8c:25:b3:4f:aa:50:8c:e3:51:
bf:b7:a0:ec:65:7f:e3:2e:7e:48:18:fd:3a:45:f3:12:11:b6:
d3:4e:cb:04:5b:2e:08:86:95:52:b5:c4:35:f9:ac:9a:a7:90:
12:2f:94:c3:91:4a:86:70:f9:47:9e:e9:95:2a:cd:e3:7c:58:
5a:4b:0b:4e:91:59:f8:a5:9a:ee:52:b7:69:56:a5:bd:3d:56:
b2:a3:80:eb:34:f9:32:b7:f5:ad:30:38:be:ed:dc:4e:03:c4:
fe:95:3a:b0:8c:f8:8e:6e:19:88:72:f4:25:12:a5:e3:e3:80:
f3:8c:dc:d1:a1:1c:5d:cb:d5:75:c7:59:f1:04:9c:07:1d:6c:
5a:a3:55:06:a8:0f:ff:50:50:62:7f:5a:49:f0:06:a5:93:ce:
45:de:02:12:7c:e5:66:0b:d8:d5:96:b8:20:29:37:a2:72:03:
42:a9:50:87:c1:ef:38:d4:1a:1a:1e:97:26:8e:33:52:d1:93:
af:c7:c7:e3:4c:0d:61:b1:df:5c:63:f3:29:8c:b3:83:f5:22:
ae:c8:fc:e1:6b:49:ce:30:a0:37:d8:29:91:5d:29:e4:ae:62:
1a:23:8e:c8
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUOFVN5JyjsaALQyV8K3FMfTYVR/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMzEwMzMyMzlaFw0yNzAzMzAwMzM3MzlaMDMxMTAvBgNV
BAMTKEUzQjVFMEUzOUQzQ0M1RTJEQjRGQTk1RTE1QzdEMEI1MEI2Njg2MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0nvmmtIkxK3o0/vgLyh01zdE
BwQr3on/tSzjTBOy73rBfUQl4+D8kOHYpjz4qWKs/7/uD1VEBKGpOyiQ9q4V9NgP
nYNXHdeer+yh6JI0djRPfaEwxt6pQNjRCM64UOfdQRJkHcXoB0cchQMA+cB6A6Tr
GqvQK5sAfT5smSey6R8zrCFxpZaJgd/lAjQltdQbot5sfCijHLGmWArPew5/rYGz
wmFGPORgyA+0EVvIxZ0QqSEH3jRb3n+obrNxz5senjaE8HtSdubU/QbJR5XdKFTB
eR5MoyW7L1/w8wIVQCcSoivsl7QD5+obhV9zVLtS5Q4jWQL3o2B4EgCdwgCTAgMB
AAGjggJeMIICWjAdBgNVHQ4EFgQU47Xg4508xeLbT6leFcfQtQtmhhYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAjw60
AwQAkd8sAwQAkd82AwQAkd86AwQAkmcFAwQBlvHiAwQAm3WkAwQAm3X2AwQAoo18
AwQAoo1/AwQAp5QPAwQAp5SeAwQAp5SvAwQAp5TZAwQAp5TbMA0GCSqGSIb3DQEB
CwUAA4IBAQA9vIJO3OX9P/WsMit8Fa4tm4FBlKyRGDmKIamMJbNPqlCM41G/t6Ds
ZX/jLn5IGP06RfMSEbbTTssEWy4IhpVStcQ1+ayap5ASL5TDkUqGcPlHnumVKs3j
fFhaSwtOkVn4pZruUrdpVqW9PVayo4DrNPkyt/WtMDi+7dxOA8T+lTqwjPiObhmI
cvQlEqXj44DzjNzRoRxdy9V1x1nxBJwHHWxao1UGqA//UFBif1pJ8Aalk85F3gIS
fOVmC9jVlrggKTeicgNCqVCHwe841BoaHpcmjjNS0ZOvx8fjTA1hsd9cY/MpjLOD
9SKuyPzha0nOMKA32CmRXSnkrmIaI47I
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:06:54 2026 by rpki-client