Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS146996.roa
File: AS146996.roa (raw, json)
Hash identifier: /wWdIX66CC271aOagNiUI5NVk+Eeq+0lJVj6QzWEg4g=
Subject key identifier: 37:6E:7E:6D:9F:BC:21:50:71:9C:B5:2C:24:AC:01:82:EB:EC:CA:51
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5CA39120084ECD128A7B956E29B422294EC4079A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS146996.roa
Signing time: Sat 07 Mar 2026 14:48:45 +0000
ROA not before: Sat 07 Mar 2026 14:43:45 +0000
ROA not after: Sat 06 Mar 2027 14:48:45 +0000
asID: 146996
IP address blocks: 143.14.4.0/24 maxlen: 24
143.14.5.0/24 maxlen: 24
143.14.77.0/24 maxlen: 24
168.222.2.0/24 maxlen: 24
168.222.16.0/24 maxlen: 24
168.222.20.0/24 maxlen: 24
168.222.21.0/24 maxlen: 24
168.222.22.0/24 maxlen: 24
168.222.27.0/24 maxlen: 24
168.222.28.0/24 maxlen: 24
168.222.29.0/24 maxlen: 24
168.222.55.0/24 maxlen: 24
168.222.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:a3:91:20:08:4e:cd:12:8a:7b:95:6e:29:b4:22:29:4e:c4:07:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 7 14:43:45 2026 GMT
Not After : Mar 6 14:48:45 2027 GMT
Subject: CN=376E7E6D9FBC2150719CB52C24AC0182EBECCA51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ea:d3:8e:d5:42:7b:c8:76:0f:f8:82:90:31:
53:20:39:cf:dd:11:ed:fe:03:fd:47:f4:81:0e:ac:
00:86:40:21:df:d1:0d:d3:bf:fb:29:a7:7e:41:43:
40:88:86:7c:04:c8:f0:24:75:85:bb:2c:38:ed:d8:
db:ef:8c:a2:65:3a:a6:f8:25:99:5a:47:93:3b:54:
f4:0a:4c:32:6c:86:78:9c:18:69:35:5d:fb:14:a5:
d4:90:19:fd:42:40:d0:4d:93:0b:e8:eb:97:43:08:
33:e9:bd:19:29:f1:87:fc:2f:0a:b2:52:6e:8c:79:
2a:af:07:ec:37:ea:ff:2b:03:59:a8:a7:50:f7:79:
72:18:a0:3a:1d:f6:2b:88:ef:91:99:19:61:18:16:
5b:fc:84:ba:1a:a0:45:e2:cc:ed:76:b1:06:31:89:
3d:e6:c7:78:df:b1:6f:89:dd:c1:c8:a9:40:83:bc:
82:42:37:69:50:05:a5:3d:0d:c1:4c:5a:9c:13:e1:
58:e6:5d:a0:67:e6:33:87:ef:3f:86:1b:65:f0:9b:
60:c0:76:2e:a4:92:0f:de:00:b0:5f:8f:a9:a5:ff:
5f:15:47:08:3b:69:fb:05:76:fe:3e:49:78:fa:3b:
74:48:de:68:3a:2f:b4:79:89:0b:08:20:13:86:ed:
5f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6E:7E:6D:9F:BC:21:50:71:9C:B5:2C:24:AC:01:82:EB:EC:CA:51
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS146996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.4.0/23
143.14.77.0/24
168.222.2.0/24
168.222.16.0/24
168.222.20.0-168.222.22.255
168.222.27.0-168.222.29.255
168.222.55.0/24
168.222.60.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:96:15:d8:00:78:80:21:de:43:b9:4f:d3:a2:6c:ef:96:f7:
ec:99:0d:4a:dc:e9:7d:70:6c:e9:44:15:53:8e:4d:3b:f5:99:
65:10:34:f3:d6:6f:2d:22:5b:09:71:f0:bd:1d:c6:f7:63:de:
de:48:77:46:09:d3:63:89:7b:c6:b0:86:04:ad:69:5b:7e:ca:
0a:90:37:92:83:96:8a:b1:04:a4:80:d4:ea:0e:27:ac:ba:a4:
a2:5f:b0:87:b2:23:27:5b:65:34:32:fe:52:81:9c:b9:8e:73:
a5:64:2f:4b:42:a1:a4:b9:17:17:fd:fb:67:fb:a6:65:d8:a6:
8f:2d:67:8a:f9:57:a5:4f:b5:07:45:fb:85:fc:55:64:58:3d:
6d:1b:27:db:57:3c:a2:65:14:be:4f:27:3e:12:4a:3f:0c:86:
4d:ad:3f:34:3b:ec:d0:43:64:6c:e3:2a:2b:0a:f8:02:2d:a5:
1d:2a:46:70:14:4b:cf:9f:9a:d7:c2:2e:30:cc:7e:74:7b:f9:
91:9d:89:72:9f:6a:d2:08:1b:68:26:30:9a:4b:1d:5c:51:ce:
79:65:02:5c:e1:1b:3c:25:94:06:78:bc:9e:2b:84:d3:af:1b:
24:59:42:bf:3b:c7:4f:4e:67:30:c4:32:64:89:43:1b:89:15:
8c:be:c7:74
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUXKORIAhOzRKKe5VuKbQiKU7EB5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDcxNDQzNDVaFw0yNzAzMDYxNDQ4NDVaMDMxMTAvBgNV
BAMTKDM3NkU3RTZEOUZCQzIxNTA3MTlDQjUyQzI0QUMwMTgyRUJFQ0NBNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv6tOO1UJ7yHYP+IKQMVMgOc/d
Ee3+A/1H9IEOrACGQCHf0Q3Tv/spp35BQ0CIhnwEyPAkdYW7LDjt2NvvjKJlOqb4
JZlaR5M7VPQKTDJshnicGGk1XfsUpdSQGf1CQNBNkwvo65dDCDPpvRkp8Yf8Lwqy
Um6MeSqvB+w36v8rA1mop1D3eXIYoDod9iuI75GZGWEYFlv8hLoaoEXizO12sQYx
iT3mx3jfsW+J3cHIqUCDvIJCN2lQBaU9DcFMWpwT4VjmXaBn5jOH7z+GG2Xwm2DA
di6kkg/eALBfj6ml/18VRwg7afsFdv4+SXj6O3RI3mg6L7R5iQsIIBOG7V+fAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUN25+bZ+8IVBxnLUsJKwBguvsylEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2OTk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBjw4E
AwQAjw5NAwQAqN4CAwQAqN4QMAwDBAKo3hQDBACo3hYwDAMEAKjeGwMEAajeHAME
AKjeNwMEAKjePDANBgkqhkiG9w0BAQsFAAOCAQEAG5YV2AB4gCHeQ7lP06Js75b3
7JkNStzpfXBs6UQVU45NO/WZZRA089ZvLSJbCXHwvR3G92Pe3kh3RgnTY4l7xrCG
BK1pW37KCpA3koOWirEEpIDU6g4nrLqkol+wh7IjJ1tlNDL+UoGcuY5zpWQvS0Kh
pLkXF/37Z/umZdimjy1nivlXpU+1B0X7hfxVZFg9bRsn21c8omUUvk8nPhJKPwyG
Ta0/NDvs0ENkbOMqKwr4Ai2lHSpGcBRLz5+a18IuMMx+dHv5kZ2Jcp9q0ggbaCYw
mksdXFHOeWUCXOEbPCWUBni8niuE068bJFlCvzvHT05nMMQyZIlDG4kVjL7HdA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:48:37 2026 by rpki-client