Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS4766.roa
File: AS4766.roa (raw, json)
Hash identifier: qOGjdYGNeAfEWLio9a/0jDAV+Hln18mCh1V83iYjie8=
Subject key identifier: 4F:31:6F:BE:F7:AF:AA:92:01:F3:02:13:64:8B:DC:33:8B:3A:8A:D1
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 20A166DF86031E95C531366BE4E2E012E1C85D2E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS4766.roa
Signing time: Wed 18 Feb 2026 10:39:41 +0000
ROA not before: Wed 18 Feb 2026 10:34:41 +0000
ROA not after: Wed 17 Feb 2027 10:39:41 +0000
asID: 4766
IP address blocks: 168.222.1.0/24 maxlen: 24
168.222.6.0/24 maxlen: 24
168.222.8.0/23 maxlen: 24
168.222.11.0/24 maxlen: 24
168.222.63.0/24 maxlen: 24
168.222.123.0/24 maxlen: 24
168.222.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:a1:66:df:86:03:1e:95:c5:31:36:6b:e4:e2:e0:12:e1:c8:5d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 18 10:34:41 2026 GMT
Not After : Feb 17 10:39:41 2027 GMT
Subject: CN=4F316FBEF7AFAA9201F30213648BDC338B3A8AD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a9:5a:2d:1e:3b:2f:36:25:da:45:f4:cd:1c:
4d:1e:8f:03:04:71:d8:e7:47:83:e6:f2:5c:1b:6c:
f4:13:79:9a:c3:65:e9:44:1c:40:86:b9:ad:88:16:
99:ad:13:9c:e9:16:7c:f2:fd:4d:c2:a1:ac:b8:9e:
b6:43:c3:94:73:e3:76:38:a7:8a:0e:23:87:0d:f7:
b2:c9:24:43:f8:71:36:c9:7f:c8:f1:e3:03:23:b7:
e0:be:57:91:bb:ba:4d:3c:f1:72:82:3d:e3:ac:d0:
91:26:cd:9a:ea:db:47:16:37:26:ea:87:3d:7b:fc:
ad:a0:bf:4b:bc:52:6e:88:8e:5e:27:76:54:31:17:
6b:7b:e4:8d:93:46:83:ae:34:b0:47:11:7a:42:42:
f1:ec:8f:17:29:ab:44:a5:c1:a5:53:4c:7e:99:5a:
62:10:9d:33:e1:81:b5:9f:0f:4c:a0:b7:08:86:e4:
a4:2d:c9:45:54:ce:a1:9e:0a:1a:09:99:21:63:fb:
a9:ed:b6:89:18:94:ee:98:7e:6d:7f:a7:30:d6:0d:
af:3f:69:9c:2e:fc:3c:6b:14:07:25:48:e3:9d:36:
a7:6f:7d:8e:ab:e5:36:b7:84:04:31:ef:03:b9:c3:
eb:0b:6d:e2:5c:76:e6:de:5b:56:b0:3a:ae:81:c8:
b1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:31:6F:BE:F7:AF:AA:92:01:F3:02:13:64:8B:DC:33:8B:3A:8A:D1
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS4766.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.222.1.0/24
168.222.6.0/24
168.222.8.0/23
168.222.11.0/24
168.222.63.0/24
168.222.123.0-168.222.124.255
Signature Algorithm: sha256WithRSAEncryption
74:eb:e5:16:c3:40:0c:39:ef:f3:d2:17:07:f5:2e:18:13:f2:
95:69:ea:11:f2:6d:1e:27:13:20:97:eb:51:ed:f7:42:a2:10:
a9:37:87:bf:d8:ac:d4:5e:3b:ea:56:33:3c:df:e4:bb:25:cb:
49:60:07:58:f1:3e:0b:a5:7f:8f:03:a2:d2:d4:c6:bd:6f:0c:
14:aa:26:66:bb:16:5b:db:4a:72:5c:1e:82:ac:53:f8:9d:24:
53:96:4f:c7:86:ec:ba:89:5f:4c:1d:e7:b9:66:3f:34:fe:b3:
a0:b0:a0:00:ce:ab:fd:6a:22:d5:26:7c:f9:ee:38:3e:98:d9:
94:68:04:63:0a:81:0b:96:40:42:e2:c4:aa:fe:12:3a:6f:e1:
0f:ee:db:71:44:14:38:15:7e:ed:f0:86:13:b6:56:4a:d5:23:
95:72:2a:09:ce:9a:77:27:23:f0:bf:e0:37:07:ee:99:31:46:
a8:e8:d1:00:53:3f:df:74:07:4d:ed:e0:48:b4:ad:25:41:04:
25:0e:b8:e0:87:e0:45:d8:27:cd:0f:e7:a5:c3:9b:47:f0:6b:
85:17:c1:85:2a:c5:83:bd:6a:fc:fa:53:db:6f:8a:34:25:d8:
f1:ba:bb:aa:c5:4c:50:a8:e3:86:65:4b:5f:c6:53:e1:05:83:
d0:26:09:f4
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUIKFm34YDHpXFMTZr5OLgEuHIXS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTgxMDM0NDFaFw0yNzAyMTcxMDM5NDFaMDMxMTAvBgNV
BAMTKDRGMzE2RkJFRjdBRkFBOTIwMUYzMDIxMzY0OEJEQzMzOEIzQThBRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEqVotHjsvNiXaRfTNHE0ejwME
cdjnR4Pm8lwbbPQTeZrDZelEHECGua2IFpmtE5zpFnzy/U3Coay4nrZDw5Rz43Y4
p4oOI4cN97LJJEP4cTbJf8jx4wMjt+C+V5G7uk088XKCPeOs0JEmzZrq20cWNybq
hz17/K2gv0u8Um6Ijl4ndlQxF2t75I2TRoOuNLBHEXpCQvHsjxcpq0SlwaVTTH6Z
WmIQnTPhgbWfD0ygtwiG5KQtyUVUzqGeChoJmSFj+6nttokYlO6Yfm1/pzDWDa8/
aZwu/DxrFAclSOOdNqdvfY6r5Ta3hAQx7wO5w+sLbeJcdubeW1awOq6ByLHfAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUTzFvvvevqpIB8wITZIvcM4s6itEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDc2Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAKjeAQME
AKjeBgMEAajeCAMEAKjeCwMEAKjePzAMAwQAqN57AwQAqN58MA0GCSqGSIb3DQEB
CwUAA4IBAQB06+UWw0AMOe/z0hcH9S4YE/KVaeoR8m0eJxMgl+tR7fdCohCpN4e/
2KzUXjvqVjM83+S7JctJYAdY8T4LpX+PA6LS1Ma9bwwUqiZmuxZb20pyXB6CrFP4
nSRTlk/Hhuy6iV9MHee5Zj80/rOgsKAAzqv9aiLVJnz57jg+mNmUaARjCoELlkBC
4sSq/hI6b+EP7ttxRBQ4FX7t8IYTtlZK1SOVcioJzpp3JyPwv+A3B+6ZMUao6NEA
Uz/fdAdN7eBItK0lQQQlDrjgh+BF2CfND+elw5tH8GuFF8GFKsWDvWr8+lPbb4o0
JdjxuruqxUxQqOOGZUtfxlPhBYPQJgn0
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:50:29 2026 by rpki-client