Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402252.roa
File: AS402252.roa (raw, json)
Hash identifier: 5FGNWlnmC4K3SRY15A+Zx2OOIVTp79paYWMrYx2sKxE=
Subject key identifier: D3:9E:CE:43:2D:73:90:4B:FE:3D:76:79:27:66:0A:40:DA:C7:11:A3
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 23749C1E20847F04BF8F3D45B47E740B2F42E025
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402252.roa
Signing time: Sat 04 Apr 2026 12:12:24 +0000
ROA not before: Sat 04 Apr 2026 12:07:24 +0000
ROA not after: Sat 03 Apr 2027 12:12:24 +0000
asID: 402252
IP address blocks: 143.14.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:74:9c:1e:20:84:7f:04:bf:8f:3d:45:b4:7e:74:0b:2f:42:e0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 4 12:07:24 2026 GMT
Not After : Apr 3 12:12:24 2027 GMT
Subject: CN=D39ECE432D73904BFE3D767927660A40DAC711A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e8:b5:d2:58:0c:43:29:bd:11:74:32:11:03:
9e:b5:d2:5d:d1:5a:85:07:8c:a8:2c:98:5e:78:6e:
c1:ee:58:d1:b6:72:47:64:d5:d8:a6:61:d1:58:a3:
b1:e1:eb:64:ef:c5:0f:c1:f9:24:a0:f3:ca:97:24:
e1:96:0d:92:7a:57:c0:8d:49:7f:53:2a:28:46:a4:
dc:d8:72:c6:f5:9e:2a:74:d4:31:ef:c7:5d:37:43:
e0:b7:5f:f1:bd:47:29:24:c0:83:e2:8f:39:a1:14:
d9:51:ec:91:36:e0:3c:ab:5c:a1:eb:76:3f:30:44:
97:8e:44:0d:3f:34:c9:9b:91:63:a4:b0:de:e3:77:
8a:ea:a4:11:ef:24:f9:64:1d:9d:18:43:1c:e5:27:
4c:38:3a:cd:e7:0d:ff:6e:30:73:e7:2c:3e:1c:ed:
52:aa:d3:68:37:0d:99:53:a2:86:8d:ab:92:fa:13:
07:a0:e2:01:a8:e4:a0:c5:01:80:77:8a:65:b6:94:
f7:2b:11:da:d5:c3:ec:38:2f:ba:23:42:aa:90:1c:
78:e7:bd:c5:4d:21:8b:7e:20:7a:0a:f1:13:63:17:
be:4b:7a:52:a4:d9:f7:62:eb:20:2c:75:ba:17:21:
d2:b7:69:61:7e:21:60:73:7d:6f:6b:e6:46:75:86:
9e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:9E:CE:43:2D:73:90:4B:FE:3D:76:79:27:66:0A:40:DA:C7:11:A3
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402252.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.147.0/24
Signature Algorithm: sha256WithRSAEncryption
97:fd:7b:32:20:b1:b6:8d:55:fa:cf:5c:57:67:03:1a:d3:fc:
fb:5e:ac:4c:cb:11:b8:5c:01:03:8a:2e:1f:f8:5c:c0:a8:89:
3a:98:65:b2:04:45:ec:de:8c:7e:3c:2d:eb:0a:ff:05:16:be:
9b:6f:07:70:8d:fe:98:99:62:df:c9:52:ff:2b:e2:29:ca:71:
ff:3d:80:aa:ae:20:7b:b8:07:07:45:7a:78:14:e6:f1:23:93:
ca:7f:9f:55:b4:75:45:32:3f:81:9e:a0:35:12:96:ed:1c:83:
dc:bc:c9:56:ad:ba:17:12:10:8c:72:ec:3e:6d:3e:12:00:c2:
6c:ae:10:c4:33:1b:9a:2e:df:0f:90:85:21:a6:8c:ae:d2:dc:
0e:3d:b5:05:c0:fe:91:38:0b:23:5d:3f:cb:10:05:72:ba:c1:
0c:29:14:76:17:6e:08:ba:94:08:89:9b:cb:cd:35:61:cd:6d:
2c:1f:89:7c:ea:61:ce:f2:19:29:da:09:e9:0a:a8:d3:f1:01:
dc:54:61:9f:9c:45:a3:1b:96:4f:50:a6:b5:56:56:c4:3d:6c:
53:b4:ea:c0:e9:d0:18:fa:e6:f9:9d:80:a0:8b:de:1a:a6:ef:
fd:3d:9a:b4:d8:eb:11:4c:2b:9f:7f:2a:10:cc:1b:fd:2f:3b:
98:1c:f9:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUI3ScHiCEfwS/jz1FtH50Cy9C4CUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDQxMjA3MjRaFw0yNzA0MDMxMjEyMjRaMDMxMTAvBgNV
BAMTKEQzOUVDRTQzMkQ3MzkwNEJGRTNENzY3OTI3NjYwQTQwREFDNzExQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw6LXSWAxDKb0RdDIRA5610l3R
WoUHjKgsmF54bsHuWNG2ckdk1dimYdFYo7Hh62TvxQ/B+SSg88qXJOGWDZJ6V8CN
SX9TKihGpNzYcsb1nip01DHvx103Q+C3X/G9RykkwIPijzmhFNlR7JE24DyrXKHr
dj8wRJeORA0/NMmbkWOksN7jd4rqpBHvJPlkHZ0YQxzlJ0w4Os3nDf9uMHPnLD4c
7VKq02g3DZlTooaNq5L6Eweg4gGo5KDFAYB3imW2lPcrEdrVw+w4L7ojQqqQHHjn
vcVNIYt+IHoK8RNjF75LelKk2fdi6yAsdboXIdK3aWF+IWBzfW9r5kZ1hp7lAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU057OQy1zkEv+PXZ5J2YKQNrHEaMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDAyMjUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjw6T
MA0GCSqGSIb3DQEBCwUAA4IBAQCX/XsyILG2jVX6z1xXZwMa0/z7XqxMyxG4XAED
ii4f+FzAqIk6mGWyBEXs3ox+PC3rCv8FFr6bbwdwjf6YmWLfyVL/K+IpynH/PYCq
riB7uAcHRXp4FObxI5PKf59VtHVFMj+BnqA1EpbtHIPcvMlWrboXEhCMcuw+bT4S
AMJsrhDEMxuaLt8PkIUhpoyu0twOPbUFwP6ROAsjXT/LEAVyusEMKRR2F24IupQI
iZvLzTVhzW0sH4l86mHO8hkp2gnpCqjT8QHcVGGfnEWjG5ZPUKa1VlbEPWxTtOrA
6dAY+ub5nYCgi94apu/9PZq02OsRTCuffyoQzBv9LzuYHPna
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:04 2026 by rpki-client