Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: CxGRCgI9YlsJM+1xoUNGJoTnE5JSjBhTvkRWiYrqGEg=
Subject key identifier: DD:4C:9F:59:46:2F:13:0C:13:B4:9F:4C:D7:C3:B0:B1:DA:14:26:5F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 46BEE83EB98E89436F6ED1EFD33AECE870D87685
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
Signing time: Fri 27 Jun 2025 11:35:34 +0000
ROA not before: Fri 27 Jun 2025 11:30:34 +0000
ROA not after: Fri 26 Jun 2026 11:35:34 +0000
asID: 396356
IP address blocks: 145.223.40.0/24 maxlen: 24
146.103.46.0/24 maxlen: 24
150.241.135.0/24 maxlen: 24
155.117.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:be:e8:3e:b9:8e:89:43:6f:6e:d1:ef:d3:3a:ec:e8:70:d8:76:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 27 11:30:34 2025 GMT
Not After : Jun 26 11:35:34 2026 GMT
Subject: CN=DD4C9F59462F130C13B49F4CD7C3B0B1DA14265F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:71:16:fd:9a:14:d6:a6:f6:e9:79:43:22:03:
2f:e4:d2:ad:d4:fb:56:7a:3e:d4:77:bf:29:46:09:
34:50:9a:ff:67:98:6e:6c:77:c2:5e:4b:dc:0f:3a:
80:7a:82:b8:e3:ad:85:8f:8d:0b:f9:e9:16:77:4b:
84:c6:5c:37:c2:7e:ac:5e:bb:bf:7b:aa:87:85:59:
e8:72:39:18:33:53:8a:23:4b:1c:39:e0:a4:40:db:
51:a8:be:91:bb:2e:b3:db:94:5b:22:08:0f:81:ba:
c4:7a:74:65:d7:fa:9e:9f:83:2a:67:71:e6:a9:d6:
c2:f6:b8:13:27:82:37:94:68:db:92:b7:af:2d:95:
ee:22:81:36:8c:05:01:f2:9c:87:37:bc:1d:a0:d8:
67:c1:8d:cc:e7:fd:c1:80:69:fa:8b:31:7a:3c:c6:
a7:47:f0:0e:28:92:4d:db:c6:c5:fa:f1:a2:38:12:
bf:15:05:67:f7:a3:9e:64:2f:9b:67:f4:7b:6e:30:
e4:f1:bd:bb:17:37:ed:02:5d:ce:50:7e:e6:6c:09:
a1:40:63:fc:16:aa:de:65:bc:41:7e:c2:6f:96:9f:
70:9b:f8:db:e3:b0:d6:14:c5:7b:70:92:39:ac:ae:
db:1d:a9:f2:2c:af:59:0c:d4:e4:ba:2c:2a:40:e6:
c2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4C:9F:59:46:2F:13:0C:13:B4:9F:4C:D7:C3:B0:B1:DA:14:26:5F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.40.0/24
146.103.46.0/24
150.241.135.0/24
155.117.248.0/22
Signature Algorithm: sha256WithRSAEncryption
44:da:4a:dc:68:31:c1:1b:eb:84:ee:f7:e3:a9:bf:b2:1e:0e:
73:1c:a6:99:31:c2:f4:ba:8b:d7:bb:9d:8b:d9:c9:44:29:56:
04:d1:49:3b:e2:56:fe:30:ee:fd:58:ee:ef:5b:95:b0:c8:9f:
19:bc:b0:1d:88:f3:1f:66:b3:04:d1:fa:42:4f:bb:03:64:be:
55:13:be:e7:8b:8d:88:57:41:40:b9:54:7d:c7:68:05:d2:44:
d5:93:cd:a8:f4:55:1c:99:09:40:29:c6:d3:8c:85:4f:0b:ec:
80:2f:ae:18:5e:01:4e:09:a2:56:d4:18:47:08:b3:78:3f:cd:
fb:ec:fe:af:aa:df:0c:54:73:67:e0:d4:69:1c:8b:eb:51:61:
39:f6:53:f6:07:eb:66:27:16:57:68:26:b6:c4:d6:4c:74:27:
0d:eb:eb:ec:2f:e9:ba:17:c8:a1:38:e7:ce:54:f4:0a:ae:92:
34:58:db:4f:a0:4a:0f:ee:63:94:97:4f:c9:5b:fb:95:05:60:
1c:2e:23:a8:0e:33:19:d3:eb:60:fb:10:53:21:88:0e:f0:e4:
0a:d9:99:c7:37:18:64:15:c7:9d:d9:41:e4:7c:e5:b3:d3:b0:
76:13:ef:1a:1e:30:f9:f5:e1:03:1f:77:c1:31:4f:6e:9a:73:
c3:15:81:6d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIURr7oPrmOiUNvbtHv0zrs6HDYdoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjcxMTMwMzRaFw0yNjA2MjYxMTM1MzRaMDMxMTAvBgNV
BAMTKERENEM5RjU5NDYyRjEzMEMxM0I0OUY0Q0Q3QzNCMEIxREExNDI2NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCscRb9mhTWpvbpeUMiAy/k0q3U
+1Z6PtR3vylGCTRQmv9nmG5sd8JeS9wPOoB6grjjrYWPjQv56RZ3S4TGXDfCfqxe
u797qoeFWehyORgzU4ojSxw54KRA21GovpG7LrPblFsiCA+BusR6dGXX+p6fgypn
ceap1sL2uBMngjeUaNuSt68tle4igTaMBQHynIc3vB2g2GfBjczn/cGAafqLMXo8
xqdH8A4okk3bxsX68aI4Er8VBWf3o55kL5tn9HtuMOTxvbsXN+0CXc5QfuZsCaFA
Y/wWqt5lvEF+wm+Wn3Cb+NvjsNYUxXtwkjmsrtsdqfIsr1kM1OS6LCpA5sLBAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU3UyfWUYvEwwTtJ9M18OwsdoUJl8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkd8o
AwQAkmcuAwQAlvGHAwQCm3X4MA0GCSqGSIb3DQEBCwUAA4IBAQBE2krcaDHBG+uE
7vfjqb+yHg5zHKaZMcL0uovXu52L2clEKVYE0Uk74lb+MO79WO7vW5WwyJ8ZvLAd
iPMfZrME0fpCT7sDZL5VE77ni42IV0FAuVR9x2gF0kTVk82o9FUcmQlAKcbTjIVP
C+yAL64YXgFOCaJW1BhHCLN4P8377P6vqt8MVHNn4NRpHIvrUWE59lP2B+tmJxZX
aCa2xNZMdCcN6+vsL+m6F8ihOOfOVPQKrpI0WNtPoEoP7mOUl0/JW/uVBWAcLiOo
DjMZ0+tg+xBTIYgO8OQK2ZnHNxhkFced2UHkfOWz07B2E+8aHjD59eEDH3fBMU9u
mnPDFYFt
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:38:19 2025 by rpki-client