Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395793.roa
File: AS395793.roa (raw, json)
Hash identifier: mTSIodnzkNExKjVktlvhIxrEZ3hS/CE8gDCpzYo4Lg0=
Subject key identifier: CC:D6:D7:D8:19:B2:5F:70:CD:91:03:9C:89:1B:2A:28:97:79:4D:8D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 21B5191F5CAE31930C3D0FF0897A1FA937F6FBE2
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395793.roa
Signing time: Tue 28 Apr 2026 08:47:06 +0000
ROA not before: Tue 28 Apr 2026 08:42:06 +0000
ROA not after: Tue 27 Apr 2027 08:47:06 +0000
asID: 395793
IP address blocks: 96.62.144.0/23 maxlen: 24
167.148.128.0/24 maxlen: 24
167.148.134.0/24 maxlen: 24
167.148.165.0/24 maxlen: 24
167.148.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b5:19:1f:5c:ae:31:93:0c:3d:0f:f0:89:7a:1f:a9:37:f6:fb:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 28 08:42:06 2026 GMT
Not After : Apr 27 08:47:06 2027 GMT
Subject: CN=CCD6D7D819B25F70CD91039C891B2A2897794D8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:75:e9:d6:82:99:17:e8:e6:10:7a:c6:25:e6:
50:6a:19:50:ea:f9:6e:c8:91:08:89:5f:cc:f2:79:
27:ca:e0:ea:0d:83:c8:69:58:3f:e4:b5:2a:dc:d9:
89:ff:d6:15:93:b1:25:15:98:a7:54:e6:3a:e2:1f:
09:18:ae:87:a3:48:5c:b9:31:5a:a8:a4:33:26:2b:
37:cd:0d:cb:8b:58:8e:f5:58:99:8d:98:61:02:c6:
9c:6c:05:0d:b7:57:dc:71:67:a5:c2:b8:30:2f:69:
6a:15:18:6a:81:73:e5:7f:78:5c:58:d9:ce:08:2b:
af:dd:0e:23:60:e8:76:51:3f:10:04:04:b2:c3:11:
2b:e8:72:9c:09:f2:a7:07:c0:0d:8f:07:32:09:dd:
75:70:ad:62:64:5c:b8:90:55:4c:70:e0:74:a5:88:
b2:29:57:d5:df:25:90:c6:7b:bb:15:f3:bc:56:ad:
ab:f9:d9:db:7b:7d:57:6f:34:b0:2b:70:8b:a7:cc:
a4:9c:af:7c:57:14:4b:1e:ba:ca:67:7f:d1:04:07:
b8:b0:7a:c6:63:47:95:0b:da:13:8b:8e:fd:86:ed:
ca:2e:57:74:5d:4d:99:3b:da:40:ea:8d:24:1e:74:
ea:d9:a2:a0:3a:00:6a:e7:75:9e:88:35:32:26:89:
8d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D6:D7:D8:19:B2:5F:70:CD:91:03:9C:89:1B:2A:28:97:79:4D:8D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395793.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.144.0/23
167.148.128.0/24
167.148.134.0/24
167.148.165.0-167.148.166.255
Signature Algorithm: sha256WithRSAEncryption
a6:db:df:0e:a6:57:42:a3:7e:06:3a:54:0e:fc:9e:d6:37:4a:
9b:84:f3:84:a2:83:4d:2c:0b:0a:bc:aa:65:44:04:39:b5:35:
c7:c0:61:a8:89:6a:cf:cb:ae:c6:98:be:16:36:87:8b:76:ca:
f7:69:d8:15:6a:a1:c2:b1:5c:2a:0c:2f:ba:9d:b6:d6:7f:39:
4f:68:2e:89:3d:ef:c8:22:62:92:fe:07:98:88:4f:d2:b3:0b:
a9:d9:6b:ac:2b:0d:e8:3d:d0:60:cf:6f:55:90:d4:76:22:09:
d0:9c:d1:a8:29:c3:c3:1c:67:65:01:e4:0b:06:66:2a:6a:40:
ba:5f:7b:d4:ea:9f:04:fc:0c:de:93:48:af:93:22:ca:99:9c:
bd:85:83:a2:7f:2f:8e:c5:0b:d5:d5:c1:ec:e9:48:5d:96:d6:
04:eb:2d:11:63:2b:ec:ce:41:c3:e2:f8:49:8b:c1:9b:22:04:
c5:8d:58:a7:4e:38:ed:63:72:ff:da:2f:7a:02:36:5a:b6:0e:
5b:ba:ef:ed:59:02:4a:9a:07:c5:8b:25:c3:67:16:4a:3d:d6:
69:10:18:a8:e6:7d:6b:22:1f:18:e5:d0:77:f5:9a:0d:ae:43:
e8:59:bf:91:b4:83:04:c0:f9:98:ec:80:7e:02:eb:e7:f3:56:
e1:06:c1:3d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUIbUZH1yuMZMMPQ/wiXofqTf2++IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjgwODQyMDZaFw0yNzA0MjcwODQ3MDZaMDMxMTAvBgNV
BAMTKENDRDZEN0Q4MTlCMjVGNzBDRDkxMDM5Qzg5MUIyQTI4OTc3OTREOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkdenWgpkX6OYQesYl5lBqGVDq
+W7IkQiJX8zyeSfK4OoNg8hpWD/ktSrc2Yn/1hWTsSUVmKdU5jriHwkYroejSFy5
MVqopDMmKzfNDcuLWI71WJmNmGECxpxsBQ23V9xxZ6XCuDAvaWoVGGqBc+V/eFxY
2c4IK6/dDiNg6HZRPxAEBLLDESvocpwJ8qcHwA2PBzIJ3XVwrWJkXLiQVUxw4HSl
iLIpV9XfJZDGe7sV87xWrav52dt7fVdvNLArcIunzKScr3xXFEseuspnf9EEB7iw
esZjR5UL2hOLjv2G7couV3RdTZk72kDqjSQedOrZoqA6AGrndZ6INTImiY3VAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUzNbX2BmyX3DNkQOciRsqKJd5TY0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1NzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBYD6Q
AwQAp5SAAwQAp5SGMAwDBACnlKUDBACnlKYwDQYJKoZIhvcNAQELBQADggEBAKbb
3w6mV0KjfgY6VA78ntY3SpuE84Sig00sCwq8qmVEBDm1NcfAYaiJas/LrsaYvhY2
h4t2yvdp2BVqocKxXCoML7qdttZ/OU9oLok978giYpL+B5iIT9KzC6nZa6wrDeg9
0GDPb1WQ1HYiCdCc0agpw8McZ2UB5AsGZipqQLpfe9TqnwT8DN6TSK+TIsqZnL2F
g6J/L47FC9XVwezpSF2W1gTrLRFjK+zOQcPi+EmLwZsiBMWNWKdOOO1jcv/aL3oC
Nlq2Dlu67+1ZAkqaB8WLJcNnFko91mkQGKjmfWsiHxjl0Hf1mg2uQ+hZv5G0gwTA
+ZjsgH4C6+fzVuEGwT0=
-----END CERTIFICATE-----
Generated at Tue May 12 22:24:02 2026 by rpki-client