Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
File: AS53356.roa (raw, json)
Hash identifier: Np1pNLPfQ8sVilJuB1nBItgji178uOQmdX0KrVWrnyE=
Subject key identifier: 78:67:A0:91:41:B8:C3:CA:F3:E7:B0:AA:E4:E9:EA:53:4E:18:1D:C6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0DA399699D164080FB5B4FAC6873D7A8B7FC9897
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
Signing time: Wed 01 Apr 2026 21:50:35 +0000
ROA not before: Wed 01 Apr 2026 21:45:35 +0000
ROA not after: Wed 31 Mar 2027 21:50:35 +0000
asID: 53356
IP address blocks: 143.14.17.0/24 maxlen: 24
143.14.19.0/24 maxlen: 24
143.14.21.0/24 maxlen: 24
143.14.38.0/24 maxlen: 24
143.14.39.0/24 maxlen: 24
148.135.163.0/24 maxlen: 24
162.141.14.0/24 maxlen: 24
167.148.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:a3:99:69:9d:16:40:80:fb:5b:4f:ac:68:73:d7:a8:b7:fc:98:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 1 21:45:35 2026 GMT
Not After : Mar 31 21:50:35 2027 GMT
Subject: CN=7867A09141B8C3CAF3E7B0AAE4E9EA534E181DC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7d:04:ed:48:5f:da:21:6a:13:f6:62:25:a8:
37:2e:3d:27:7f:b7:7c:53:06:dd:cf:53:a0:3b:92:
18:8e:07:cf:f6:cc:c0:e3:e3:4e:53:e5:b0:4b:c5:
f0:89:ea:7a:67:cf:25:dc:24:92:ab:f5:d9:a9:8e:
8e:26:42:8b:25:06:19:72:7b:ed:83:6e:10:94:33:
1f:04:6a:a8:23:52:b4:ea:99:06:44:8b:4c:d3:65:
06:1e:eb:ac:24:04:33:fd:c4:e7:a1:85:96:c0:a7:
b8:50:8a:5e:27:fa:83:54:33:5f:af:86:fa:c6:43:
02:a1:24:15:00:ed:fe:b1:b7:e4:5c:14:75:4a:c0:
0d:09:ee:dc:d2:46:f9:9c:1c:0d:96:d4:2a:3d:cb:
82:6b:5d:42:13:1e:07:af:a2:38:d0:f9:54:a5:f3:
75:09:76:a3:a5:74:1f:7a:6e:9d:f8:a4:07:06:e4:
19:a6:c7:e5:65:be:24:d8:26:fb:25:12:f2:e9:37:
ec:69:32:f7:b5:72:69:7b:31:25:27:f7:5a:be:bc:
d4:7b:3c:19:26:c3:f5:64:76:95:40:9b:60:46:e7:
1a:8e:de:ad:e7:b7:eb:4f:ae:cd:6c:bc:23:a0:9d:
7b:76:2c:b9:52:2e:4d:50:70:14:6d:47:6a:9a:a2:
e1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:67:A0:91:41:B8:C3:CA:F3:E7:B0:AA:E4:E9:EA:53:4E:18:1D:C6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.17.0/24
143.14.19.0/24
143.14.21.0/24
143.14.38.0/23
148.135.163.0/24
162.141.14.0/24
167.148.182.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:00:1d:c3:df:6f:45:f7:2a:ac:23:c9:11:8a:4e:89:0b:a4:
8f:08:68:36:9f:fe:b1:08:5d:7e:98:9a:04:70:d7:a8:59:8f:
cf:e6:f0:2d:36:cb:f7:02:87:0e:e7:76:7b:fe:b0:b8:cc:2c:
be:2d:cf:f6:f1:18:87:f8:5f:42:7d:9e:7a:6c:7f:04:94:f7:
ab:41:c9:5c:41:14:40:ea:2b:bb:3b:24:e1:51:54:0e:24:ac:
6c:6b:ef:7b:15:47:e2:15:37:f5:18:09:66:58:31:6d:b6:59:
27:11:e7:b6:3e:0b:c2:0f:19:2e:3b:5d:10:76:f5:ea:c2:70:
a9:9a:33:ca:96:32:b6:f6:73:19:c6:d9:e6:45:83:0f:e5:32:
22:fc:c0:e2:16:0c:3d:90:f4:1d:0a:5a:60:9d:1e:80:8c:04:
9c:89:20:75:6c:70:24:f7:b9:5c:00:3e:e9:d5:40:d4:36:7f:
b0:00:e9:e4:2c:fd:2d:ba:97:81:59:92:e1:87:c1:8f:8d:37:
4b:25:2a:39:66:b5:f3:c6:5c:15:e9:03:39:51:54:fd:76:40:
90:6a:ad:4e:ff:35:da:07:cc:74:1e:31:44:16:12:b9:28:cc:
19:40:75:ef:e3:c9:aa:4f:ec:bd:9b:fe:17:8b:07:82:15:19:
db:5b:45:95
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUDaOZaZ0WQID7W0+saHPXqLf8mJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDEyMTQ1MzVaFw0yNzAzMzEyMTUwMzVaMDMxMTAvBgNV
BAMTKDc4NjdBMDkxNDFCOEMzQ0FGM0U3QjBBQUU0RTlFQTUzNEUxODFEQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQfQTtSF/aIWoT9mIlqDcuPSd/
t3xTBt3PU6A7khiOB8/2zMDj405T5bBLxfCJ6npnzyXcJJKr9dmpjo4mQoslBhly
e+2DbhCUMx8EaqgjUrTqmQZEi0zTZQYe66wkBDP9xOehhZbAp7hQil4n+oNUM1+v
hvrGQwKhJBUA7f6xt+RcFHVKwA0J7tzSRvmcHA2W1Co9y4JrXUITHgevojjQ+VSl
83UJdqOldB96bp34pAcG5Bmmx+VlviTYJvslEvLpN+xpMve1cml7MSUn91q+vNR7
PBkmw/VkdpVAm2BG5xqO3q3nt+tPrs1svCOgnXt2LLlSLk1QcBRtR2qaouGLAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUeGegkUG4w8rz57Cq5OnqU04YHcYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTMzNTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBACPDhED
BACPDhMDBACPDhUDBAGPDiYDBACUh6MDBACijQ4DBACnlLYwDQYJKoZIhvcNAQEL
BQADggEBAKYAHcPfb0X3KqwjyRGKTokLpI8IaDaf/rEIXX6YmgRw16hZj8/m8C02
y/cChw7ndnv+sLjMLL4tz/bxGIf4X0J9nnpsfwSU96tByVxBFEDqK7s7JOFRVA4k
rGxr73sVR+IVN/UYCWZYMW22WScR57Y+C8IPGS47XRB29erCcKmaM8qWMrb2cxnG
2eZFgw/lMiL8wOIWDD2Q9B0KWmCdHoCMBJyJIHVscCT3uVwAPunVQNQ2f7AA6eQs
/S26l4FZkuGHwY+NN0slKjlmtfPGXBXpAzlRVP12QJBqrU7/NdoHzHQeMUQWErko
zBlAde/jyapP7L2b/heLB4IVGdtbRZU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:31:21 2026 by rpki-client