Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
File: AS53356.roa (raw, json)
Hash identifier: ajAyBoglYkqm9KkWAEm0F3IZ4E7jUnqkXGi7AjSeQls=
Subject key identifier: 8A:39:03:CB:DB:D3:15:0B:38:9E:D5:5A:30:E7:38:9B:32:14:EA:22
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 19EFD5D92DC962F91392B405A4B01A21A4815784
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
Signing time: Thu 04 Jun 2026 22:25:47 +0000
ROA not before: Thu 04 Jun 2026 22:20:47 +0000
ROA not after: Thu 03 Jun 2027 22:25:47 +0000
asID: 53356
IP address blocks: 143.14.17.0/24 maxlen: 24
143.14.19.0/24 maxlen: 24
143.14.21.0/24 maxlen: 24
143.14.38.0/24 maxlen: 24
143.14.39.0/24 maxlen: 24
148.135.163.0/24 maxlen: 24
162.141.14.0/24 maxlen: 24
162.141.160.0/24 maxlen: 24
167.148.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:ef:d5:d9:2d:c9:62:f9:13:92:b4:05:a4:b0:1a:21:a4:81:57:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 4 22:20:47 2026 GMT
Not After : Jun 3 22:25:47 2027 GMT
Subject: CN=8A3903CBDBD3150B389ED55A30E7389B3214EA22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5b:e3:d6:c5:3b:36:a7:b5:db:05:ed:3f:32:
37:d9:35:6b:84:08:d9:98:9c:23:3a:d8:30:32:80:
28:e5:6c:cc:f1:b4:3d:2f:f6:c5:1c:1e:ec:54:a0:
b0:d2:e2:50:5f:da:49:3a:86:20:5e:a1:3c:be:5b:
88:07:31:d1:9e:2e:9e:fd:d0:fa:d2:23:15:6a:a5:
c9:57:95:73:5f:3e:8a:35:f1:a2:73:cd:ae:40:9d:
ea:b8:e7:16:21:27:65:27:42:52:62:8a:42:ed:b5:
56:b8:31:00:80:33:df:a2:f9:81:e8:dd:49:2c:3a:
99:b5:37:eb:85:ea:5d:b5:19:a3:4d:aa:1b:dd:20:
68:d1:2c:6f:da:02:e9:26:e2:3d:c5:07:c9:c2:dd:
d0:5e:a8:50:a5:fa:bf:1a:3f:e1:8b:6b:3d:6a:0e:
93:dd:84:c8:1f:7b:fd:7e:27:14:a2:1e:a4:df:db:
4b:be:82:07:4f:56:76:5c:bb:95:c1:ae:f2:0f:a2:
7a:c5:3e:06:5a:a2:c9:16:95:27:f6:0f:8a:44:27:
c2:39:78:98:7b:84:ce:65:6a:be:6c:db:56:fb:88:
f7:e0:46:bf:52:65:55:65:3c:a0:07:fc:3f:b8:90:
97:92:38:13:32:c8:34:6d:3a:d5:5f:ef:f2:64:a3:
a3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:39:03:CB:DB:D3:15:0B:38:9E:D5:5A:30:E7:38:9B:32:14:EA:22
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.17.0/24
143.14.19.0/24
143.14.21.0/24
143.14.38.0/23
148.135.163.0/24
162.141.14.0/24
162.141.160.0/24
167.148.182.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:80:fa:f2:24:a0:54:ef:76:79:74:9f:52:d6:07:93:e1:e8:
88:85:01:69:47:42:96:da:8c:d3:5c:46:fb:88:56:17:07:a7:
b3:5c:39:9b:19:76:ed:f2:0e:59:a4:1b:56:80:66:af:48:5d:
b6:a6:a7:9c:eb:96:57:29:6f:37:69:24:35:d1:bc:61:09:77:
90:95:2f:d1:0e:89:3c:3a:ed:13:f6:da:f7:a6:1e:a0:fc:da:
4e:e3:27:cb:8e:3e:bb:b0:d5:0f:01:45:f0:b0:77:7a:8e:92:
eb:7c:80:24:fe:8b:d4:59:da:c0:e8:2a:16:7e:12:bf:db:97:
f2:94:5b:9e:f4:b8:b3:d8:38:dc:20:24:2a:8b:32:b4:3d:bb:
ce:15:3e:82:b7:e0:4e:19:50:a1:a6:03:bb:3f:ad:0c:0c:f0:
c1:86:a0:93:d3:99:8b:b9:f1:7f:0e:01:04:16:ee:b3:c3:f1:
03:e9:fe:7b:65:cf:4f:31:0c:07:0a:c2:ad:a7:84:d2:2f:3f:
23:53:16:6c:9e:30:d8:ca:80:c0:91:01:0b:be:0e:82:77:ec:
99:7c:15:4e:d7:80:d4:b2:18:57:34:9d:82:a0:b5:66:9a:6d:
ac:61:fd:d9:93:ed:65:b7:54:9d:c0:6f:27:ac:04:d3:92:7e:
71:04:0b:ec
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUGe/V2S3JYvkTkrQFpLAaIaSBV4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDQyMjIwNDdaFw0yNzA2MDMyMjI1NDdaMDMxMTAvBgNV
BAMTKDhBMzkwM0NCREJEMzE1MEIzODlFRDU1QTMwRTczODlCMzIxNEVBMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPW+PWxTs2p7XbBe0/MjfZNWuE
CNmYnCM62DAygCjlbMzxtD0v9sUcHuxUoLDS4lBf2kk6hiBeoTy+W4gHMdGeLp79
0PrSIxVqpclXlXNfPoo18aJzza5Aneq45xYhJ2UnQlJiikLttVa4MQCAM9+i+YHo
3UksOpm1N+uF6l21GaNNqhvdIGjRLG/aAukm4j3FB8nC3dBeqFCl+r8aP+GLaz1q
DpPdhMgfe/1+JxSiHqTf20u+ggdPVnZcu5XBrvIPonrFPgZaoskWlSf2D4pEJ8I5
eJh7hM5lar5s21b7iPfgRr9SZVVlPKAH/D+4kJeSOBMyyDRtOtVf7/Jko6NtAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUijkDy9vTFQs4ntVaMOc4mzIU6iIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTMzNTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBACPDhED
BACPDhMDBACPDhUDBAGPDiYDBACUh6MDBACijQ4DBACijaADBACnlLYwDQYJKoZI
hvcNAQELBQADggEBAD6A+vIkoFTvdnl0n1LWB5Ph6IiFAWlHQpbajNNcRvuIVhcH
p7NcOZsZdu3yDlmkG1aAZq9IXbamp5zrllcpbzdpJDXRvGEJd5CVL9EOiTw67RP2
2vemHqD82k7jJ8uOPruw1Q8BRfCwd3qOkut8gCT+i9RZ2sDoKhZ+Er/bl/KUW570
uLPYONwgJCqLMrQ9u84VPoK34E4ZUKGmA7s/rQwM8MGGoJPTmYu58X8OAQQW7rPD
8QPp/ntlz08xDAcKwq2nhNIvPyNTFmyeMNjKgMCRAQu+DoJ37Jl8FU7XgNSyGFc0
nYKgtWaabaxh/dmT7WW3VJ3AbyesBNOSfnEEC+w=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:41:59 2026 by rpki-client