Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
File: AS53356.roa (raw, json)
Hash identifier: n15a0AC08EM0BRRXV0stUlSeS7cCL9qQv9eDYx8oI0o=
Subject key identifier: 61:5D:43:13:C8:1B:41:2C:72:97:3D:A5:27:8B:88:3D:C4:FF:D0:CA
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4EA0919EC75E9CBAC34D2F683A182842879B00CE
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
Signing time: Wed 30 Jul 2025 15:19:17 +0000
ROA not before: Wed 30 Jul 2025 15:14:17 +0000
ROA not after: Wed 29 Jul 2026 15:19:17 +0000
asID: 53356
IP address blocks: 148.135.163.0/24 maxlen: 24
155.117.16.0/24 maxlen: 24
162.141.14.0/24 maxlen: 24
167.148.15.0/24 maxlen: 24
167.148.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:a0:91:9e:c7:5e:9c:ba:c3:4d:2f:68:3a:18:28:42:87:9b:00:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 30 15:14:17 2025 GMT
Not After : Jul 29 15:19:17 2026 GMT
Subject: CN=615D4313C81B412C72973DA5278B883DC4FFD0CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:40:1e:4d:db:a9:9d:12:c1:52:67:29:01:fe:
43:21:27:28:31:e5:8d:6c:3f:1d:ff:51:12:02:5d:
dc:8c:13:1f:96:74:bf:8a:f0:9a:0f:2e:44:f7:d3:
18:5d:1d:40:9b:b4:2f:43:e9:2b:4b:e5:ea:d2:d6:
37:24:b7:27:ca:c7:48:42:b7:58:50:24:af:e6:0b:
4d:5e:86:44:2f:2a:06:00:14:9d:6d:0d:26:de:7a:
64:28:e1:49:53:57:66:17:38:a1:a7:f3:f8:7a:a8:
5a:45:ba:48:6f:ab:68:84:5c:4c:0a:27:8a:f0:bb:
4c:90:e2:fc:64:2c:63:99:e4:b5:d4:1d:41:77:c8:
88:bb:b8:5f:29:c5:2d:28:31:0b:28:05:72:5b:6a:
c9:2a:40:83:b7:7b:20:8d:5a:0e:29:69:65:61:a9:
ed:d2:7d:6d:54:57:a2:52:21:d5:9d:98:e0:44:2e:
08:56:4a:48:79:98:2c:b0:b1:a4:56:7a:77:18:5f:
2e:be:f2:ba:7d:ac:e1:46:d1:2e:11:8d:8a:c7:bd:
ce:a7:6a:87:cb:21:93:ac:37:ca:b4:bd:51:75:de:
25:26:86:f8:39:fe:c7:8f:5e:03:75:19:f7:fa:3c:
2c:97:3c:6c:6e:66:c4:bb:d2:ac:c0:4d:a1:24:f6:
9e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5D:43:13:C8:1B:41:2C:72:97:3D:A5:27:8B:88:3D:C4:FF:D0:CA
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.163.0/24
155.117.16.0/24
162.141.14.0/24
167.148.15.0/24
167.148.182.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:b9:83:42:ac:29:34:07:80:dc:1a:72:3d:d4:8b:d1:ce:fb:
9d:a6:eb:93:5a:b4:45:11:ba:cd:38:d7:2f:53:f9:67:5f:81:
86:12:a6:b8:0b:b5:19:1f:3f:46:70:99:47:88:20:20:28:43:
ac:21:4c:6a:0d:84:a4:02:a3:91:0d:6d:ca:ac:52:07:57:26:
bf:80:f4:e3:93:04:00:af:94:f0:2f:93:db:06:1d:27:14:e2:
74:94:fd:7f:2c:6e:c2:2e:23:62:cc:bd:8f:97:8b:23:32:bf:
25:3a:76:c4:43:83:5c:64:7f:4f:53:e1:98:6c:24:b5:e3:10:
23:a2:8f:04:79:2b:b6:0e:98:72:c9:a1:58:a7:72:46:e4:a0:
51:7c:de:76:79:c8:b0:f0:cc:04:17:a4:f7:a0:25:94:a7:91:
59:ed:3a:25:b8:9a:85:f9:92:9c:c6:5a:d2:f9:62:92:54:f1:
22:79:99:5c:1c:33:cb:32:57:e0:3b:5c:dc:74:7a:20:f1:d1:
b8:e8:ab:f4:71:2c:64:06:2a:ff:ed:81:a1:6a:c2:49:3c:0e:
c1:ec:75:7e:87:6e:42:6d:5d:eb:73:a2:47:f6:b2:a9:cf:31:
80:ea:76:46:78:f0:f7:ff:bf:62:d0:cd:0b:92:fc:fd:77:ba:
f1:e0:3d:38
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUTqCRnsdenLrDTS9oOhgoQoebAM4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MzAxNTE0MTdaFw0yNjA3MjkxNTE5MTdaMDMxMTAvBgNV
BAMTKDYxNUQ0MzEzQzgxQjQxMkM3Mjk3M0RBNTI3OEI4ODNEQzRGRkQwQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzQB5N26mdEsFSZykB/kMhJygx
5Y1sPx3/URICXdyMEx+WdL+K8JoPLkT30xhdHUCbtC9D6StL5erS1jcktyfKx0hC
t1hQJK/mC01ehkQvKgYAFJ1tDSbeemQo4UlTV2YXOKGn8/h6qFpFukhvq2iEXEwK
J4rwu0yQ4vxkLGOZ5LXUHUF3yIi7uF8pxS0oMQsoBXJbaskqQIO3eyCNWg4paWVh
qe3SfW1UV6JSIdWdmOBELghWSkh5mCywsaRWencYXy6+8rp9rOFG0S4RjYrHvc6n
aofLIZOsN8q0vVF13iUmhvg5/sePXgN1Gff6PCyXPGxuZsS70qzATaEk9p5ZAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUYV1DE8gbQSxylz2lJ4uIPcT/0MowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTMzNTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACUh6MD
BACbdRADBACijQ4DBACnlA8DBACnlLYwDQYJKoZIhvcNAQELBQADggEBAC+5g0Ks
KTQHgNwacj3Ui9HO+52m65NatEURus041y9T+WdfgYYSprgLtRkfP0ZwmUeIICAo
Q6whTGoNhKQCo5ENbcqsUgdXJr+A9OOTBACvlPAvk9sGHScU4nSU/X8sbsIuI2LM
vY+XiyMyvyU6dsRDg1xkf09T4ZhsJLXjECOijwR5K7YOmHLJoVinckbkoFF83nZ5
yLDwzAQXpPegJZSnkVntOiW4moX5kpzGWtL5YpJU8SJ5mVwcM8syV+A7XNx0eiDx
0bjoq/RxLGQGKv/tgaFqwkk8DsHsdX6HbkJtXetzokf2sqnPMYDqdkZ48Pf/v2LQ
zQuS/P13uvHgPTg=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:29 2025 by rpki-client