Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398465.roa
File: AS398465.roa (raw, json)
Hash identifier: GGOzbbAZDjKNOVacYW+fjY0wWzFMjXy9o0mGDTs1rTk=
Subject key identifier: D1:2A:23:99:5C:35:37:FD:34:F2:AA:FC:0A:E9:18:A9:B6:69:4A:65
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6518F2AED3B5F3192C5725117EC66B47C092A984
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398465.roa
Signing time: Sat 18 Oct 2025 13:48:44 +0000
ROA not before: Sat 18 Oct 2025 13:43:44 +0000
ROA not after: Sat 17 Oct 2026 13:48:44 +0000
asID: 398465
IP address blocks: 167.148.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:18:f2:ae:d3:b5:f3:19:2c:57:25:11:7e:c6:6b:47:c0:92:a9:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 18 13:43:44 2025 GMT
Not After : Oct 17 13:48:44 2026 GMT
Subject: CN=D12A23995C3537FD34F2AAFC0AE918A9B6694A65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:82:60:26:a4:86:7b:8a:d0:c8:7d:8f:9b:f8:
2a:b7:dd:04:9c:80:c2:1b:a1:3e:f3:b7:cf:29:c4:
da:0a:2d:d7:a9:36:2f:70:83:b7:15:83:ee:f8:e6:
d3:dd:2e:77:9e:bb:f2:b8:e2:2c:51:25:9d:57:d1:
4f:0a:d1:13:eb:cc:0c:c1:f5:01:c4:32:75:58:62:
28:cb:11:0d:18:b0:c5:2a:46:32:4f:af:b2:b2:a6:
81:c9:9e:5c:43:1e:3a:ab:cd:ed:3e:9a:af:d0:f0:
6d:5d:6f:a5:0b:55:23:4c:77:c5:20:fb:6e:0a:f1:
cc:b4:7c:71:e4:88:49:e5:06:3e:e8:52:ee:0a:a1:
40:79:88:e0:6a:94:61:98:37:a0:f8:67:6f:14:e4:
23:d1:33:a0:6e:8f:3e:58:bb:c9:26:d6:ea:b5:fe:
11:2b:9e:4c:09:62:8b:22:60:28:db:da:62:65:b1:
09:0d:dd:e6:b8:1d:4f:02:38:2e:ac:f2:be:b2:dc:
bc:42:d1:1d:bc:89:f4:f0:b6:9c:1e:6a:38:38:64:
94:3b:4b:9b:66:15:08:13:72:d6:d0:13:13:ea:6b:
ee:19:3e:63:0d:c8:8c:69:cb:7b:61:f6:96:17:7d:
47:b9:36:09:c0:e1:c1:d1:d6:f1:bc:8e:29:a2:42:
bc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2A:23:99:5C:35:37:FD:34:F2:AA:FC:0A:E9:18:A9:B6:69:4A:65
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398465.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.148.189.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:bd:58:93:2b:fd:df:87:07:15:f7:25:05:67:cd:36:74:32:
6d:66:d1:ad:12:41:fe:8d:6b:4e:49:79:05:1f:f1:96:55:07:
3f:d9:97:3b:a9:be:43:1f:5e:45:48:3d:87:ad:0d:94:37:b8:
d5:13:e0:fc:ec:b5:f2:52:ac:36:5d:9f:1d:d2:4f:53:d5:bc:
c3:4c:75:c8:cd:1e:9e:fc:dd:af:66:f0:93:21:a9:36:b3:e2:
7c:de:1c:1e:54:47:d5:86:1f:6c:38:69:ba:b8:77:09:7e:69:
2e:98:9e:dc:84:00:3c:97:2c:f8:8f:9e:bb:a4:3a:4b:d8:ef:
a4:4e:46:41:60:ed:01:60:f0:86:10:a3:6d:96:e5:85:8b:2e:
e4:9f:b1:4e:fe:eb:82:24:b2:14:36:36:d6:af:4d:46:15:84:
b0:6b:c2:bc:ab:86:bd:10:53:cc:71:08:17:d6:14:19:17:a5:
95:5f:34:6f:d2:15:a0:c4:39:ca:88:f4:11:7b:cc:48:21:2f:
5a:8a:74:28:c3:2c:87:04:01:13:d1:e7:63:72:c0:06:a4:70:
be:18:73:80:29:15:f9:59:ac:7c:f7:a1:7b:36:d0:35:81:c3:
93:09:bb:d3:9c:aa:0d:be:06:8a:94:08:f3:b6:d7:18:a1:d9:
e3:63:b6:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZRjyrtO18xksVyURfsZrR8CSqYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMTgxMzQzNDRaFw0yNjEwMTcxMzQ4NDRaMDMxMTAvBgNV
BAMTKEQxMkEyMzk5NUMzNTM3RkQzNEYyQUFGQzBBRTkxOEE5QjY2OTRBNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChgmAmpIZ7itDIfY+b+Cq33QSc
gMIboT7zt88pxNoKLdepNi9wg7cVg+745tPdLneeu/K44ixRJZ1X0U8K0RPrzAzB
9QHEMnVYYijLEQ0YsMUqRjJPr7KypoHJnlxDHjqrze0+mq/Q8G1db6ULVSNMd8Ug
+24K8cy0fHHkiEnlBj7oUu4KoUB5iOBqlGGYN6D4Z28U5CPRM6Bujz5Yu8km1uq1
/hErnkwJYosiYCjb2mJlsQkN3ea4HU8COC6s8r6y3LxC0R28ifTwtpweajg4ZJQ7
S5tmFQgTctbQExPqa+4ZPmMNyIxpy3th9pYXfUe5NgnA4cHR1vG8jimiQrw3AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU0SojmVw1N/008qr8CukYqbZpSmUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk4NDY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAp5S9
MA0GCSqGSIb3DQEBCwUAA4IBAQANvViTK/3fhwcV9yUFZ802dDJtZtGtEkH+jWtO
SXkFH/GWVQc/2Zc7qb5DH15FSD2HrQ2UN7jVE+D87LXyUqw2XZ8d0k9T1bzDTHXI
zR6e/N2vZvCTIak2s+J83hweVEfVhh9sOGm6uHcJfmkumJ7chAA8lyz4j567pDpL
2O+kTkZBYO0BYPCGEKNtluWFiy7kn7FO/uuCJLIUNjbWr01GFYSwa8K8q4a9EFPM
cQgX1hQZF6WVXzRv0hWgxDnKiPQRe8xIIS9ainQowyyHBAET0edjcsAGpHC+GHOA
KRX5Wax896F7NtA1gcOTCbvTnKoNvgaKlAjzttcYodnjY7Yp
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:26:39 2025 by rpki-client