Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
File: AS53356.roa (raw, json)
Hash identifier: HslMSFHUg5AO4mwMRg/14Ss3wT3lDtpxiBunhlI9H5k=
Subject key identifier: 73:8D:DA:7F:C1:41:72:79:EF:AA:01:B0:87:55:B5:25:1F:7E:41:B6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 26058C37908F78F18A1E1F113558DA5C9970CABD
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
Signing time: Fri 31 Oct 2025 15:07:27 +0000
ROA not before: Fri 31 Oct 2025 15:02:27 +0000
ROA not after: Fri 30 Oct 2026 15:07:27 +0000
asID: 53356
IP address blocks: 143.14.17.0/24 maxlen: 24
143.14.19.0/24 maxlen: 24
143.14.21.0/24 maxlen: 24
143.14.38.0/24 maxlen: 24
143.14.39.0/24 maxlen: 24
143.14.150.0/24 maxlen: 24
148.135.163.0/24 maxlen: 24
155.117.16.0/24 maxlen: 24
155.117.207.0/24 maxlen: 24
162.141.14.0/24 maxlen: 24
167.148.15.0/24 maxlen: 24
167.148.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 02:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:05:8c:37:90:8f:78:f1:8a:1e:1f:11:35:58:da:5c:99:70:ca:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 31 15:02:27 2025 GMT
Not After : Oct 30 15:07:27 2026 GMT
Subject: CN=738DDA7FC1417279EFAA01B08755B5251F7E41B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0c:2c:44:c5:bb:26:f4:21:ef:6d:b2:dc:bb:
7c:6b:ba:60:11:bf:84:c5:af:af:16:a9:c8:12:17:
bb:21:73:04:39:f7:43:a1:71:5a:c5:55:cb:cd:bb:
a4:c0:92:1c:35:f5:59:bc:01:25:37:0a:52:f2:fc:
9c:07:95:cc:2e:ba:49:f7:9a:12:28:59:71:ac:f8:
ec:b8:7f:b4:3b:46:04:79:bf:a5:12:70:80:e6:4d:
b8:20:d1:a1:35:2a:8c:83:50:8e:76:46:37:6e:8e:
ba:4a:19:d1:b8:65:30:8a:31:4a:43:d1:24:ac:60:
41:05:c9:0b:e3:2d:2d:fe:0e:33:86:fd:54:be:6e:
52:e5:2e:47:e8:7c:72:16:37:74:1d:1b:ce:3f:69:
35:fd:67:e3:8b:53:d3:3e:85:71:a0:38:76:60:b5:
51:cd:a4:4d:4e:59:20:77:aa:e5:0d:e7:f3:9d:7f:
41:c4:9c:4a:b9:85:39:2e:31:fb:80:14:ad:06:92:
3e:a2:c0:fd:c1:26:22:1e:ea:6e:d9:f2:e2:b3:21:
78:d2:3b:ec:1d:e0:89:2c:1c:0f:92:07:50:ff:84:
72:26:3f:fe:dd:a1:c1:23:b6:6e:f4:f7:17:f4:79:
67:4a:27:e4:ef:2d:9f:5e:8c:26:ec:6a:01:a2:a1:
4f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8D:DA:7F:C1:41:72:79:EF:AA:01:B0:87:55:B5:25:1F:7E:41:B6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS53356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.17.0/24
143.14.19.0/24
143.14.21.0/24
143.14.38.0/23
143.14.150.0/24
148.135.163.0/24
155.117.16.0/24
155.117.207.0/24
162.141.14.0/24
167.148.15.0/24
167.148.182.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:38:be:ef:4b:84:ea:1d:ec:cb:a5:d0:13:3b:c9:bd:bb:a5:
6d:94:2a:0a:67:91:43:a0:91:dc:9f:d1:10:16:fe:86:b2:bf:
bc:8f:f3:30:d2:af:2d:b6:97:38:40:c7:51:d6:be:17:df:aa:
4e:61:e9:98:6f:20:91:9d:a8:4d:4a:29:a1:14:e6:48:66:be:
90:57:5f:12:ba:6f:4d:1d:24:c7:45:0d:fb:48:0d:64:00:35:
90:3d:53:2c:62:2d:8a:fb:70:ad:92:43:f5:7f:d2:63:bb:cb:
a8:f5:85:e1:eb:28:e8:9c:0f:c8:29:ec:1a:74:64:09:37:1b:
c3:9b:49:32:6e:dd:c9:24:ef:da:91:34:c2:f0:64:0f:42:01:
fa:ec:10:8b:7c:5b:84:1d:1b:29:ce:03:79:8f:70:e5:c6:3b:
0b:34:52:42:11:a1:7b:69:9f:77:70:66:e3:62:7d:f8:aa:30:
cd:4c:57:5a:e9:a8:13:0f:06:bf:fa:46:73:79:65:18:39:67:
5c:d8:74:3a:07:b2:01:c6:91:1e:af:7a:7f:42:07:5c:03:00:
f5:ee:5f:f0:f7:49:93:57:73:40:79:28:cb:fc:2b:9b:eb:31:
7d:2e:67:41:21:43:4a:28:08:a2:35:27:5f:02:10:05:59:22:
7b:bf:59:65
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUJgWMN5CPePGKHh8RNVjaXJlwyr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMzExNTAyMjdaFw0yNjEwMzAxNTA3MjdaMDMxMTAvBgNV
BAMTKDczOEREQTdGQzE0MTcyNzlFRkFBMDFCMDg3NTVCNTI1MUY3RTQxQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7DCxExbsm9CHvbbLcu3xrumAR
v4TFr68WqcgSF7shcwQ590OhcVrFVcvNu6TAkhw19Vm8ASU3ClLy/JwHlcwuukn3
mhIoWXGs+Oy4f7Q7RgR5v6UScIDmTbgg0aE1KoyDUI52RjdujrpKGdG4ZTCKMUpD
0SSsYEEFyQvjLS3+DjOG/VS+blLlLkfofHIWN3QdG84/aTX9Z+OLU9M+hXGgOHZg
tVHNpE1OWSB3quUN5/Odf0HEnEq5hTkuMfuAFK0Gkj6iwP3BJiIe6m7Z8uKzIXjS
O+wd4IksHA+SB1D/hHImP/7docEjtm709xf0eWdKJ+TvLZ9ejCbsagGioU8hAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUc43af8FBcnnvqgGwh1W1JR9+QbYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTMzNTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBACPDhED
BACPDhMDBACPDhUDBAGPDiYDBACPDpYDBACUh6MDBACbdRADBACbdc8DBACijQ4D
BACnlA8DBACnlLYwDQYJKoZIhvcNAQELBQADggEBAAs4vu9LhOod7Mul0BM7yb27
pW2UKgpnkUOgkdyf0RAW/oayv7yP8zDSry22lzhAx1HWvhffqk5h6ZhvIJGdqE1K
KaEU5khmvpBXXxK6b00dJMdFDftIDWQANZA9UyxiLYr7cK2SQ/V/0mO7y6j1heHr
KOicD8gp7Bp0ZAk3G8ObSTJu3ckk79qRNMLwZA9CAfrsEIt8W4QdGynOA3mPcOXG
Ows0UkIRoXtpn3dwZuNiffiqMM1MV1rpqBMPBr/6RnN5ZRg5Z1zYdDoHsgHGkR6v
en9CB1wDAPXuX/D3SZNXc0B5KMv8K5vrMX0uZ0EhQ0ooCKI1J18CEAVZInu/WWU=
-----END CERTIFICATE-----
Generated at Tue Nov 4 12:56:26 2025 by rpki-client