Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa
File: AS135391.roa (raw, json)
Hash identifier: 8FjHcg2nf07cycBMD4qblAJj1qZSBIQfuyvd1HyDXVc=
Subject key identifier: 3B:95:FA:8B:D2:36:22:38:EB:9B:4D:06:6A:67:12:6C:9F:17:1A:6A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 62239D0132300C6A1056667BFEEF40E6F7F11F88
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa
Signing time: Thu 19 Mar 2026 01:16:23 +0000
ROA not before: Thu 19 Mar 2026 01:11:23 +0000
ROA not after: Thu 18 Mar 2027 01:16:23 +0000
asID: 135391
IP address blocks: 146.103.31.0/24 maxlen: 24
147.79.56.0/24 maxlen: 24
162.141.39.0/24 maxlen: 24
162.141.65.0/24 maxlen: 24
162.141.140.0/24 maxlen: 24
162.141.179.0/24 maxlen: 24
162.141.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:23:9d:01:32:30:0c:6a:10:56:66:7b:fe:ef:40:e6:f7:f1:1f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 19 01:11:23 2026 GMT
Not After : Mar 18 01:16:23 2027 GMT
Subject: CN=3B95FA8BD2362238EB9B4D066A67126C9F171A6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b7:7a:82:44:87:70:34:cb:ac:e1:d1:f2:86:
aa:51:6c:d3:c5:a5:db:fc:11:e8:66:a3:35:45:66:
91:53:cb:06:ba:9c:56:aa:3c:cc:ab:93:84:8c:e0:
e3:b7:86:18:67:ac:5a:42:82:58:19:40:e7:d5:2a:
10:a5:47:53:25:be:00:7a:48:94:d1:ab:ab:b6:ed:
9f:83:e0:4b:be:6a:fc:21:04:55:8d:e7:95:f0:c2:
64:ac:7b:1b:9d:3b:85:45:02:19:2d:9c:0c:b3:87:
8b:6f:5c:99:5a:e5:e0:f9:b9:17:3c:38:de:2d:68:
38:6a:b6:7d:ac:b4:33:8d:37:95:64:8b:7e:ff:ab:
01:2c:02:d4:49:eb:df:37:b5:50:b7:78:33:4d:b1:
44:ce:cc:72:db:bb:e0:19:e5:67:0d:9e:b8:2a:ec:
78:74:5e:2b:ba:68:de:66:65:14:4f:48:7d:1a:68:
18:34:5c:93:99:c6:ca:cd:54:7d:f6:7c:9b:b8:08:
0e:c1:0d:82:e4:4d:32:b4:36:04:b1:51:01:89:cb:
b8:45:e0:07:f0:68:0e:b7:3f:91:f8:01:6e:7a:99:
22:7f:e9:b2:4b:67:41:da:e1:e4:55:62:dc:d8:ec:
03:b0:a5:2d:7d:8b:04:aa:67:b0:a1:5e:e4:a8:d5:
ff:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:95:FA:8B:D2:36:22:38:EB:9B:4D:06:6A:67:12:6C:9F:17:1A:6A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.31.0/24
147.79.56.0/24
162.141.39.0/24
162.141.65.0/24
162.141.140.0/24
162.141.179.0/24
162.141.183.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:17:fd:4c:21:93:9d:2a:a9:1b:7a:95:38:21:2a:30:3c:ad:
7c:e0:80:84:b5:56:02:33:c6:de:19:99:a8:54:05:7d:f7:b2:
47:c4:ed:a1:3b:62:ca:14:d0:bc:0c:12:51:cd:85:b9:e5:1a:
f9:f4:c3:26:ff:f0:b4:ec:47:e2:d5:fe:a4:4c:81:db:4e:13:
ed:c5:ac:e8:a8:ab:9c:b4:33:4a:fc:b1:c6:07:24:b3:2b:13:
34:9e:e3:d1:d3:aa:46:25:59:ae:b8:39:8d:1d:ac:48:17:9a:
48:ee:22:22:a1:4f:45:3e:e8:5c:17:25:9b:a9:a0:c1:eb:51:
97:06:8a:87:87:dd:72:34:d3:8b:a3:52:8a:a0:c2:0e:c0:3e:
7b:29:91:38:9b:a8:51:1d:8a:cc:6d:4a:87:78:91:38:1a:06:
26:13:92:54:41:d6:76:0e:30:ce:00:ce:d5:83:35:ed:e0:aa:
aa:f9:84:e8:1a:10:fa:8c:92:fe:4e:36:d7:6b:de:81:29:1b:
7d:69:31:e5:60:24:d2:ef:eb:ad:78:3d:20:c1:74:5a:84:8e:
ee:8a:8b:29:54:5e:1d:c8:1a:a0:b6:e3:fd:00:6b:f2:44:36:
12:8f:e6:57:21:72:62:56:32:33:d3:b2:f6:6b:be:8c:d9:44:
75:03:0e:1d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUYiOdATIwDGoQVmZ7/u9A5vfxH4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMTkwMTExMjNaFw0yNzAzMTgwMTE2MjNaMDMxMTAvBgNV
BAMTKDNCOTVGQThCRDIzNjIyMzhFQjlCNEQwNjZBNjcxMjZDOUYxNzFBNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLt3qCRIdwNMus4dHyhqpRbNPF
pdv8EehmozVFZpFTywa6nFaqPMyrk4SM4OO3hhhnrFpCglgZQOfVKhClR1MlvgB6
SJTRq6u27Z+D4Eu+avwhBFWN55XwwmSsexudO4VFAhktnAyzh4tvXJla5eD5uRc8
ON4taDhqtn2stDONN5Vki37/qwEsAtRJ6983tVC3eDNNsUTOzHLbu+AZ5WcNnrgq
7Hh0Xiu6aN5mZRRPSH0aaBg0XJOZxsrNVH32fJu4CA7BDYLkTTK0NgSxUQGJy7hF
4AfwaA63P5H4AW56mSJ/6bJLZ0Ha4eRVYtzY7AOwpS19iwSqZ7ChXuSo1f/FAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUO5X6i9I2Ijjrm00GamcSbJ8XGmowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1MzkxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAkmcf
AwQAk084AwQAoo0nAwQAoo1BAwQAoo2MAwQAoo2zAwQAoo23MA0GCSqGSIb3DQEB
CwUAA4IBAQAqF/1MIZOdKqkbepU4ISowPK184ICEtVYCM8beGZmoVAV997JHxO2h
O2LKFNC8DBJRzYW55Rr59MMm//C07Efi1f6kTIHbThPtxazoqKuctDNK/LHGBySz
KxM0nuPR06pGJVmuuDmNHaxIF5pI7iIioU9FPuhcFyWbqaDB61GXBoqHh91yNNOL
o1KKoMIOwD57KZE4m6hRHYrMbUqHeJE4GgYmE5JUQdZ2DjDOAM7VgzXt4Kqq+YTo
GhD6jJL+TjbXa96BKRt9aTHlYCTS7+uteD0gwXRahI7uiospVF4dyBqgtuP9AGvy
RDYSj+ZXIXJiVjIz07L2a76M2UR1Aw4d
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:48:09 2026 by rpki-client