Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: DGMwdh2HlIiwe7l8FVNlY1oPRcE7bulxpqDH6eR9ADk=
Subject key identifier: F4:87:25:9E:26:2B:AE:2F:06:19:E7:3B:E0:9C:26:EF:5B:6D:5B:EF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 54B67CFCCC8DDAEB02F8BBAA1FD8047850E2A598
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
Signing time: Tue 24 Mar 2026 04:17:08 +0000
ROA not before: Tue 24 Mar 2026 04:12:08 +0000
ROA not after: Tue 23 Mar 2027 04:17:08 +0000
asID: 397423
IP address blocks: 143.14.180.0/24 maxlen: 24
145.223.44.0/24 maxlen: 24
145.223.54.0/24 maxlen: 24
145.223.58.0/24 maxlen: 24
146.103.5.0/24 maxlen: 24
150.241.226.0/23 maxlen: 24
155.117.164.0/24 maxlen: 24
155.117.246.0/24 maxlen: 24
167.148.15.0/24 maxlen: 24
167.148.158.0/24 maxlen: 24
167.148.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:b6:7c:fc:cc:8d:da:eb:02:f8:bb:aa:1f:d8:04:78:50:e2:a5:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 24 04:12:08 2026 GMT
Not After : Mar 23 04:17:08 2027 GMT
Subject: CN=F487259E262BAE2F0619E73BE09C26EF5B6D5BEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f0:16:2f:e8:7f:eb:ca:12:e7:74:f6:e3:dc:
00:88:9c:2f:ba:43:21:05:f1:6a:74:ef:c0:7f:ac:
54:f1:fe:51:80:56:ea:39:0c:fa:c1:ac:2e:f4:b8:
e2:95:0e:7e:43:53:62:58:c3:b1:d9:e2:e3:c1:47:
1a:2d:46:51:77:3d:25:66:7d:0f:6f:8e:de:83:57:
93:84:47:10:8c:2f:85:2c:4d:ec:37:5c:da:df:c2:
80:b7:ca:fd:3a:26:40:73:41:ee:bb:6d:33:0f:3c:
aa:92:84:ac:d2:47:01:05:23:61:d0:30:e5:22:16:
ca:b2:6d:19:50:0e:ed:fc:17:5e:08:da:0b:6e:2a:
04:7a:13:ca:d7:e7:b6:9b:e9:c7:f1:36:3a:dc:55:
9d:5e:03:f0:34:05:af:e4:04:88:7e:43:34:7b:9d:
31:75:7d:78:cc:ca:de:5d:3e:fe:c8:ba:3a:99:88:
e1:0b:11:df:bf:82:fe:58:84:7e:36:2b:89:85:50:
6e:78:e0:68:c0:c8:23:c5:c4:4a:f5:34:38:ed:15:
e0:8d:a6:89:c4:86:39:e7:03:1e:3e:fa:ba:d4:9c:
41:af:46:e4:10:37:4e:a2:80:c4:a1:9f:72:26:27:
fd:76:7c:da:1f:f8:35:da:d1:f9:a1:ea:41:f4:dc:
d2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:87:25:9E:26:2B:AE:2F:06:19:E7:3B:E0:9C:26:EF:5B:6D:5B:EF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.180.0/24
145.223.44.0/24
145.223.54.0/24
145.223.58.0/24
146.103.5.0/24
150.241.226.0/23
155.117.164.0/24
155.117.246.0/24
167.148.15.0/24
167.148.158.0/24
167.148.175.0/24
Signature Algorithm: sha256WithRSAEncryption
60:99:5d:5d:bc:f1:29:23:a1:19:dc:b4:ff:40:dc:4d:75:8c:
32:5d:e3:32:ae:fc:09:6b:66:0a:bc:a5:11:38:ca:41:4f:b3:
39:da:93:07:78:26:f3:b3:56:41:86:e6:bc:3a:65:99:68:64:
c6:6d:d2:71:01:24:67:2c:51:be:34:a7:fb:38:38:96:cf:4a:
53:86:26:2a:6d:16:21:da:f6:04:a3:5e:74:6d:f2:e9:fc:aa:
4c:55:ee:a7:87:8c:f6:a4:7f:63:ad:c7:47:8b:f3:a7:f9:44:
f6:d6:6d:58:a1:b9:fa:15:c1:4e:13:2b:e1:d3:a4:aa:38:b0:
31:c2:0b:2a:bc:b9:a2:2d:d5:69:b2:24:92:b6:99:d5:e2:46:
84:05:62:66:ef:79:49:1a:2f:99:95:bb:c3:e2:44:61:0b:22:
c9:c5:3e:87:22:8f:97:c9:62:98:4e:89:5d:7c:99:2e:8a:1a:
8a:78:b0:49:46:2d:ae:a1:62:85:9d:ba:76:f2:67:69:1e:df:
f7:1f:c1:0b:c9:55:97:28:14:1e:9c:50:29:7d:20:a6:2e:cd:
c0:2b:b7:bf:99:85:f5:6a:02:20:95:2d:16:48:02:33:00:8c:
43:fd:a6:7f:ef:7e:d3:42:5d:e3:67:9d:4e:1a:66:19:91:d4:
80:a6:d7:cb
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUVLZ8/MyN2usC+LuqH9gEeFDipZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjQwNDEyMDhaFw0yNzAzMjMwNDE3MDhaMDMxMTAvBgNV
BAMTKEY0ODcyNTlFMjYyQkFFMkYwNjE5RTczQkUwOUMyNkVGNUI2RDVCRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt8BYv6H/ryhLndPbj3ACInC+6
QyEF8Wp078B/rFTx/lGAVuo5DPrBrC70uOKVDn5DU2JYw7HZ4uPBRxotRlF3PSVm
fQ9vjt6DV5OERxCML4UsTew3XNrfwoC3yv06JkBzQe67bTMPPKqShKzSRwEFI2HQ
MOUiFsqybRlQDu38F14I2gtuKgR6E8rX57ab6cfxNjrcVZ1eA/A0Ba/kBIh+QzR7
nTF1fXjMyt5dPv7IujqZiOELEd+/gv5YhH42K4mFUG544GjAyCPFxEr1NDjtFeCN
ponEhjnnAx4++rrUnEGvRuQQN06igMShn3ImJ/12fNof+DXa0fmh6kH03NJJAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU9IclniYrri8GGec74Jwm71ttW+8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAjw60
AwQAkd8sAwQAkd82AwQAkd86AwQAkmcFAwQBlvHiAwQAm3WkAwQAm3X2AwQAp5QP
AwQAp5SeAwQAp5SvMA0GCSqGSIb3DQEBCwUAA4IBAQBgmV1dvPEpI6EZ3LT/QNxN
dYwyXeMyrvwJa2YKvKUROMpBT7M52pMHeCbzs1ZBhua8OmWZaGTGbdJxASRnLFG+
NKf7ODiWz0pThiYqbRYh2vYEo150bfLp/KpMVe6nh4z2pH9jrcdHi/On+UT21m1Y
obn6FcFOEyvh06SqOLAxwgsqvLmiLdVpsiSStpnV4kaEBWJm73lJGi+ZlbvD4kRh
CyLJxT6HIo+XyWKYToldfJkuihqKeLBJRi2uoWKFnbp28mdpHt/3H8ELyVWXKBQe
nFApfSCmLs3AK7e/mYX1agIglS0WSAIzAIxD/aZ/737TQl3jZ51OGmYZkdSAptfL
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:48:25 2026 by rpki-client