Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: JQMGneu2IC5/f//KjzCQL7QcYlA8v3oilJHOtuUgXp0=
Subject key identifier: 5A:35:AD:53:33:36:D2:CB:F1:3B:A9:9C:A5:ED:43:1D:8A:76:5E:73
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 30855C0B0FED6DC39DDA3965867812556D13D196
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
Signing time: Fri 08 May 2026 14:49:32 +0000
ROA not before: Fri 08 May 2026 14:44:32 +0000
ROA not after: Fri 07 May 2027 14:49:32 +0000
asID: 396356
IP address blocks: 145.223.40.0/24 maxlen: 24
146.103.46.0/24 maxlen: 24
150.241.135.0/24 maxlen: 24
155.117.33.0/24 maxlen: 24
155.117.35.0/24 maxlen: 24
155.117.37.0/24 maxlen: 24
155.117.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:85:5c:0b:0f:ed:6d:c3:9d:da:39:65:86:78:12:55:6d:13:d1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 8 14:44:32 2026 GMT
Not After : May 7 14:49:32 2027 GMT
Subject: CN=5A35AD533336D2CBF13BA99CA5ED431D8A765E73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e5:07:bf:3c:17:2f:f9:87:54:82:41:f2:92:
1b:6c:54:ad:46:67:ad:3d:78:53:35:28:41:43:c3:
8d:23:e3:89:db:bc:28:06:10:d5:cf:f0:1b:db:6e:
88:4a:7e:ef:6d:7e:45:90:01:a8:3d:1d:11:e0:5a:
56:df:35:c5:8b:f2:ec:de:b0:f8:51:de:26:49:85:
45:75:82:e4:4a:a1:bd:9b:1d:3a:94:c1:90:49:a1:
2f:1b:2d:82:80:5f:49:f9:46:be:70:a5:82:1a:c1:
9c:0e:1a:21:68:28:50:df:43:32:7e:d1:66:a1:02:
cd:fe:39:94:f8:24:9b:ed:a6:f5:af:c4:42:b3:2c:
e7:09:e2:43:79:75:e0:dd:cc:bf:18:dc:c2:26:6b:
35:90:6a:d5:d3:36:0d:39:8f:5b:5e:e8:b3:22:d6:
d8:80:3d:9a:1d:e6:db:31:14:a0:20:a6:c3:a9:ef:
38:56:bf:90:30:42:c0:06:e6:c7:b7:bf:da:3f:2e:
69:2f:a9:07:f8:f5:37:b7:11:c8:cc:6a:37:2f:a9:
e2:a4:48:1a:5a:90:a4:f1:87:9f:2b:46:2b:4b:a8:
8d:fd:2b:7f:c8:a7:e0:db:34:69:6d:83:e8:69:98:
f8:17:cf:2e:0d:db:bd:f7:8c:a1:48:1e:18:84:ce:
31:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:35:AD:53:33:36:D2:CB:F1:3B:A9:9C:A5:ED:43:1D:8A:76:5E:73
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.40.0/24
146.103.46.0/24
150.241.135.0/24
155.117.33.0/24
155.117.35.0/24
155.117.37.0/24
155.117.39.0/24
Signature Algorithm: sha256WithRSAEncryption
85:d9:00:26:ae:f0:69:14:e2:11:1b:5f:20:ce:87:62:f6:22:
97:cf:88:05:08:0b:89:c3:13:0d:06:be:26:58:f5:75:d6:7b:
81:5b:1e:70:20:9d:32:d2:bc:59:bb:ba:5b:c9:b4:fe:00:33:
38:f0:08:0c:f0:e0:30:87:a7:5e:72:fb:06:2f:fc:21:5e:32:
a8:1a:a5:36:ea:a4:76:11:21:e3:34:0e:d1:b6:75:53:13:49:
fb:7a:85:68:60:51:af:38:96:7a:3f:49:0f:e1:60:70:53:6a:
ff:5d:57:18:81:fb:94:06:2d:7f:d4:27:11:db:19:8c:2d:24:
92:78:62:c7:16:01:db:5e:ee:15:30:5c:16:13:f1:47:76:b6:
79:eb:ac:01:71:d8:b9:11:75:e0:27:ae:58:e2:40:52:b8:f0:
3f:d5:08:9e:76:c2:7b:cf:df:20:db:69:11:7b:bb:2b:ac:25:
7f:d7:ef:47:b8:38:f8:b5:73:6a:86:60:9b:ac:a8:1c:8d:eb:
5b:6f:e0:05:01:67:09:84:c8:06:4a:9b:8b:0e:39:02:25:c6:
c4:09:78:47:4d:13:dd:da:a1:4c:cd:7e:0f:37:6a:50:1d:fb:
32:96:11:c3:b5:93:3a:33:48:9c:b5:3a:25:36:a4:80:9e:97:
af:d7:22:7d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUMIVcCw/tbcOd2jllhngSVW0T0ZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDgxNDQ0MzJaFw0yNzA1MDcxNDQ5MzJaMDMxMTAvBgNV
BAMTKDVBMzVBRDUzMzMzNkQyQ0JGMTNCQTk5Q0E1RUQ0MzFEOEE3NjVFNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+5Qe/PBcv+YdUgkHykhtsVK1G
Z609eFM1KEFDw40j44nbvCgGENXP8BvbbohKfu9tfkWQAag9HRHgWlbfNcWL8uze
sPhR3iZJhUV1guRKob2bHTqUwZBJoS8bLYKAX0n5Rr5wpYIawZwOGiFoKFDfQzJ+
0WahAs3+OZT4JJvtpvWvxEKzLOcJ4kN5deDdzL8Y3MImazWQatXTNg05j1te6LMi
1tiAPZod5tsxFKAgpsOp7zhWv5AwQsAG5se3v9o/LmkvqQf49Te3EcjMajcvqeKk
SBpakKTxh58rRitLqI39K3/Ip+DbNGltg+hpmPgXzy4N2733jKFIHhiEzjHrAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUWjWtUzM20svxO6mcpe1DHYp2XnMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAkd8o
AwQAkmcuAwQAlvGHAwQAm3UhAwQAm3UjAwQAm3UlAwQAm3UnMA0GCSqGSIb3DQEB
CwUAA4IBAQCF2QAmrvBpFOIRG18gzodi9iKXz4gFCAuJwxMNBr4mWPV11nuBWx5w
IJ0y0rxZu7pbybT+ADM48AgM8OAwh6decvsGL/whXjKoGqU26qR2ESHjNA7RtnVT
E0n7eoVoYFGvOJZ6P0kP4WBwU2r/XVcYgfuUBi1/1CcR2xmMLSSSeGLHFgHbXu4V
MFwWE/FHdrZ566wBcdi5EXXgJ65Y4kBSuPA/1QiedsJ7z98g22kRe7srrCV/1+9H
uDj4tXNqhmCbrKgcjetbb+AFAWcJhMgGSpuLDjkCJcbECXhHTRPd2qFMzX4PN2pQ
HfsylhHDtZM6M0ictTolNqSAnpev1yJ9
-----END CERTIFICATE-----
Generated at Wed May 13 00:17:31 2026 by rpki-client