Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS150293.roa
File: AS150293.roa (raw, json)
Hash identifier: dOxiI0mDHKwvh3VaJDuC714zfHw92/gKGar5aX1TIfs=
Subject key identifier: 98:83:26:8F:FD:DC:6E:F9:91:60:87:5D:D1:E0:6E:A2:0C:AE:97:52
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 53F76E4FD6E77B4C538430EA34E0F924678DC790
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS150293.roa
Signing time: Wed 25 Mar 2026 09:46:55 +0000
ROA not before: Wed 25 Mar 2026 09:41:55 +0000
ROA not after: Wed 24 Mar 2027 09:46:55 +0000
asID: 150293
IP address blocks: 140.150.239.0/24 maxlen: 24
140.233.187.0/24 maxlen: 24
143.14.7.0/24 maxlen: 24
146.103.22.0/24 maxlen: 24
146.103.35.0/24 maxlen: 24
147.79.7.0/24 maxlen: 24
147.79.19.0/24 maxlen: 24
148.135.199.0/24 maxlen: 24
150.241.208.0/24 maxlen: 24
155.117.4.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
162.141.4.0/24 maxlen: 24
167.148.136.0/24 maxlen: 24
167.148.200.0/24 maxlen: 24
167.148.209.0/24 maxlen: 24
168.222.8.0/24 maxlen: 24
168.222.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:f7:6e:4f:d6:e7:7b:4c:53:84:30:ea:34:e0:f9:24:67:8d:c7:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 25 09:41:55 2026 GMT
Not After : Mar 24 09:46:55 2027 GMT
Subject: CN=9883268FFDDC6EF99160875DD1E06EA20CAE9752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b1:e2:8e:06:e8:b8:55:e5:4b:88:d9:52:3b:
ed:07:48:a9:24:f6:93:0a:20:93:32:5f:5b:9d:75:
ee:f5:a8:0f:51:ee:eb:f7:2c:21:84:32:b2:db:ab:
d4:ad:d8:d3:17:e3:2e:a8:d0:e4:98:f4:da:96:5e:
b6:d5:67:1d:af:97:82:57:49:5f:da:34:f1:e5:95:
f9:dc:00:6e:30:00:a4:c0:3f:53:45:25:a5:f8:81:
ff:e6:97:31:e5:e3:58:3d:c2:dd:c1:11:03:64:1b:
9c:5d:7d:de:af:9a:50:1b:d5:bb:09:3d:69:7e:f0:
b3:04:e7:b1:5e:2b:20:b7:5d:88:8f:7f:ef:26:ac:
c8:6b:77:de:24:6e:e2:62:d8:7f:e2:11:61:36:e5:
bd:a4:3b:d8:ce:a2:f7:58:fa:df:21:d8:90:99:c4:
66:c8:97:84:49:a8:6a:0c:f8:fb:fb:67:dc:71:d9:
86:8f:cc:81:aa:29:eb:aa:da:54:06:e6:53:e9:84:
96:e3:05:48:89:b1:4c:71:57:97:72:24:8b:23:fd:
66:d9:a6:9d:ce:09:f9:18:06:6c:18:4f:8a:c8:a9:
23:f5:bc:a3:94:1e:26:af:86:df:8d:cb:7b:96:ad:
e9:00:91:ca:3f:94:ef:d7:08:ee:92:03:c8:19:a9:
c5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:83:26:8F:FD:DC:6E:F9:91:60:87:5D:D1:E0:6E:A2:0C:AE:97:52
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS150293.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.239.0/24
140.233.187.0/24
143.14.7.0/24
146.103.22.0/24
146.103.35.0/24
147.79.7.0/24
147.79.19.0/24
148.135.199.0/24
150.241.208.0/24
155.117.4.0/24
155.117.6.0/24
162.141.4.0/24
167.148.136.0/24
167.148.200.0/24
167.148.209.0/24
168.222.8.0/23
Signature Algorithm: sha256WithRSAEncryption
07:50:a8:9a:2d:78:e7:64:7b:d4:cb:17:49:cf:ad:43:31:93:
56:36:33:ba:28:6e:86:f0:13:01:c1:dc:fb:fc:d3:7d:54:bb:
57:d4:78:32:24:a0:31:5c:35:d2:42:9e:5a:f8:81:a3:6f:ca:
40:7b:14:b6:96:42:65:38:08:da:29:3f:c4:33:16:6d:27:ca:
58:fa:33:9e:b2:c3:09:59:dc:17:bf:42:d0:b4:5d:e5:fc:97:
5d:25:ae:99:86:17:6f:6a:5b:5e:95:93:6a:83:01:42:fd:dc:
e2:19:3d:72:4d:77:15:bb:47:7c:09:fc:1d:06:b2:03:f7:e6:
63:7c:34:7e:60:cb:16:b7:7b:33:ef:c6:b5:fc:1a:bd:9a:44:
ba:49:fd:20:12:35:bb:dc:ef:09:ee:c2:ea:fb:10:4b:38:e1:
8c:ce:81:9c:60:c6:95:df:17:6e:ee:97:2c:48:fd:f5:8a:a5:
8d:cd:65:36:27:c6:7a:76:d7:fd:00:e2:dd:bd:30:b8:62:79:
94:2d:7d:c2:79:95:f3:8b:c7:7e:81:34:6a:93:28:81:63:5a:
7e:fb:4e:87:57:e3:c6:58:f4:f1:a8:a4:0c:2d:3c:5e:8a:17:
d2:a7:22:69:f6:1e:b2:69:e0:51:35:ee:6b:d2:c9:39:41:05:
78:c4:60:5d
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIUU/duT9bne0xThDDqNOD5JGeNx5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjUwOTQxNTVaFw0yNzAzMjQwOTQ2NTVaMDMxMTAvBgNV
BAMTKDk4ODMyNjhGRkREQzZFRjk5MTYwODc1REQxRTA2RUEyMENBRTk3NTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJseKOBui4VeVLiNlSO+0HSKkk
9pMKIJMyX1udde71qA9R7uv3LCGEMrLbq9St2NMX4y6o0OSY9NqWXrbVZx2vl4JX
SV/aNPHllfncAG4wAKTAP1NFJaX4gf/mlzHl41g9wt3BEQNkG5xdfd6vmlAb1bsJ
PWl+8LME57FeKyC3XYiPf+8mrMhrd94kbuJi2H/iEWE25b2kO9jOovdY+t8h2JCZ
xGbIl4RJqGoM+Pv7Z9xx2YaPzIGqKeuq2lQG5lPphJbjBUiJsUxxV5dyJIsj/WbZ
pp3OCfkYBmwYT4rIqSP1vKOUHiavht+Ny3uWrekAkco/lO/XCO6SA8gZqcWJAgMB
AAGjggJkMIICYDAdBgNVHQ4EFgQUmIMmj/3cbvmRYIdd0eBuogyul1IwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUwMjkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAjJbv
AwQAjOm7AwQAjw4HAwQAkmcWAwQAkmcjAwQAk08HAwQAk08TAwQAlIfHAwQAlvHQ
AwQAm3UEAwQAm3UGAwQAoo0EAwQAp5SIAwQAp5TIAwQAp5TRAwQBqN4IMA0GCSqG
SIb3DQEBCwUAA4IBAQAHUKiaLXjnZHvUyxdJz61DMZNWNjO6KG6G8BMBwdz7/NN9
VLtX1HgyJKAxXDXSQp5a+IGjb8pAexS2lkJlOAjaKT/EMxZtJ8pY+jOessMJWdwX
v0LQtF3l/JddJa6ZhhdvaltelZNqgwFC/dziGT1yTXcVu0d8CfwdBrID9+ZjfDR+
YMsWt3sz78a1/Bq9mkS6Sf0gEjW73O8J7sLq+xBLOOGMzoGcYMaV3xdu7pcsSP31
iqWNzWU2J8Z6dtf9AOLdvTC4YnmULX3CeZXzi8d+gTRqkyiBY1p++06HV+PGWPTx
qKQMLTxeihfSpyJp9h6yaeBRNe5r0sk5QQV4xGBd
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:14:20 2026 by rpki-client