Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: tXTnlWO3vikpV3MLy6QOtPsZ4uGTunC0SydPD9pYtGo=
Subject key identifier: 97:1B:85:51:D7:22:85:92:A0:FA:7B:FE:2D:20:A8:62:C3:0B:9C:4D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7DA39A64D6360808D5BD0F9AFB7453C360C4CB37
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa
Signing time: Tue 21 Apr 2026 11:56:38 +0000
ROA not before: Tue 21 Apr 2026 11:51:38 +0000
ROA not after: Tue 20 Apr 2027 11:56:38 +0000
asID: 395374
IP address blocks: 140.233.184.0/24 maxlen: 24
143.14.255.0/24 maxlen: 24
162.141.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:a3:9a:64:d6:36:08:08:d5:bd:0f:9a:fb:74:53:c3:60:c4:cb:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 21 11:51:38 2026 GMT
Not After : Apr 20 11:56:38 2027 GMT
Subject: CN=971B8551D7228592A0FA7BFE2D20A862C30B9C4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e9:51:d5:ac:09:25:af:cb:11:71:f9:32:ea:
c6:eb:0b:df:90:d9:cd:37:cb:30:2f:5e:f2:0b:5a:
97:54:37:b8:60:e0:31:9d:43:93:a5:b7:a6:09:c8:
d4:b1:fa:16:b0:91:2f:f6:fd:94:7e:09:b8:93:fa:
42:89:18:d2:d1:88:41:ff:70:3b:90:ef:d5:58:4f:
75:50:5e:d2:31:25:d2:bf:45:07:71:5c:10:06:79:
9e:52:1f:91:f2:0e:37:2e:64:b4:8b:65:84:af:db:
f7:fb:b8:3d:aa:77:57:34:90:aa:f9:f8:11:fc:60:
0c:6a:2a:b3:3e:46:24:61:45:02:48:43:1e:c0:44:
52:72:1a:dd:ec:5c:06:f7:7b:a4:c0:99:22:f4:1e:
5c:dc:54:3c:cf:d4:09:85:5e:0a:7d:66:c7:a2:f4:
a5:4f:36:55:fc:36:4b:a4:31:5e:83:fb:41:fd:84:
85:4a:95:7c:d4:85:9e:7d:f7:ae:d9:bb:cd:60:be:
be:69:37:cb:7e:b6:7b:d7:0e:55:5e:9e:26:56:36:
3f:7e:06:56:ca:2a:d2:4c:eb:d7:5e:6a:b5:1d:d6:
9c:3c:58:93:64:9a:fd:f8:23:34:6a:6e:5f:b5:3a:
69:bc:bd:3e:9a:19:cd:8f:a0:b0:7f:8c:39:ea:34:
36:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1B:85:51:D7:22:85:92:A0:FA:7B:FE:2D:20:A8:62:C3:0B:9C:4D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.184.0/24
143.14.255.0/24
162.141.119.0/24
Signature Algorithm: sha256WithRSAEncryption
82:0f:9f:2d:1c:b4:23:73:77:23:53:f5:11:87:90:0a:b2:e7:
29:b1:1e:43:85:32:48:15:1e:aa:27:72:37:fa:5e:56:54:35:
70:0a:30:89:ba:a9:29:de:e7:3a:3c:39:e8:0b:0b:3a:25:55:
d1:0d:a0:63:cc:05:19:4f:0f:ec:e8:7d:17:1a:75:2f:ef:69:
dd:b2:66:19:e4:c4:2a:98:6a:d1:27:99:ba:ee:8b:20:9f:7b:
8f:ab:9b:b3:11:68:7f:57:35:8d:91:a1:34:e8:27:eb:0d:3c:
b2:9f:eb:fe:51:93:4c:27:c7:8c:57:2f:05:8e:3d:8c:7f:84:
51:9a:01:24:33:78:73:7b:99:75:af:3c:91:65:8e:f0:1e:02:
06:8a:11:08:6c:e7:ea:6c:e4:da:86:b0:01:44:f7:ab:5b:67:
63:44:7f:39:e4:85:8e:c7:f2:62:07:b1:5e:69:60:97:cc:6b:
7d:d3:a1:fd:31:ed:4e:fc:97:8c:e8:96:10:22:8c:e4:cb:3e:
69:45:de:b2:82:e4:d4:c2:58:ad:e2:a6:eb:c7:24:f3:e5:93:
09:01:b3:8c:75:49:71:10:89:41:1b:e6:6b:17:25:a3:40:43:
66:c3:8d:74:30:9e:25:f4:8a:a9:ef:48:65:73:71:91:41:1c:
86:3e:03:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUfaOaZNY2CAjVvQ+a+3RTw2DEyzcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjExMTUxMzhaFw0yNzA0MjAxMTU2MzhaMDMxMTAvBgNV
BAMTKDk3MUI4NTUxRDcyMjg1OTJBMEZBN0JGRTJEMjBBODYyQzMwQjlDNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq6VHVrAklr8sRcfky6sbrC9+Q
2c03yzAvXvILWpdUN7hg4DGdQ5Olt6YJyNSx+hawkS/2/ZR+CbiT+kKJGNLRiEH/
cDuQ79VYT3VQXtIxJdK/RQdxXBAGeZ5SH5HyDjcuZLSLZYSv2/f7uD2qd1c0kKr5
+BH8YAxqKrM+RiRhRQJIQx7ARFJyGt3sXAb3e6TAmSL0HlzcVDzP1AmFXgp9Zsei
9KVPNlX8NkukMV6D+0H9hIVKlXzUhZ59967Zu81gvr5pN8t+tnvXDlVeniZWNj9+
BlbKKtJM69dearUd1pw8WJNkmv34IzRqbl+1Omm8vT6aGc2PoLB/jDnqNDaBAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUlxuFUdcihZKg+nv+LSCoYsMLnE0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjOm4
AwQAjw7/AwQAoo13MA0GCSqGSIb3DQEBCwUAA4IBAQCCD58tHLQjc3cjU/URh5AK
sucpsR5DhTJIFR6qJ3I3+l5WVDVwCjCJuqkp3uc6PDnoCws6JVXRDaBjzAUZTw/s
6H0XGnUv72ndsmYZ5MQqmGrRJ5m67osgn3uPq5uzEWh/VzWNkaE06CfrDTyyn+v+
UZNMJ8eMVy8Fjj2Mf4RRmgEkM3hze5l1rzyRZY7wHgIGihEIbOfqbOTahrABRPer
W2djRH855IWOx/JiB7FeaWCXzGt906H9Me1O/JeM6JYQIozkyz5pRd6yguTUwlit
4qbrxyTz5ZMJAbOMdUlxEIlBG+ZrFyWjQENmw410MJ4l9Iqp70hlc3GRQRyGPgNW
-----END CERTIFICATE-----
Generated at Wed May 13 02:42:43 2026 by rpki-client