Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS153383.roa
File: AS153383.roa (raw, json)
Hash identifier: vCi6FQYQWKC0ggluWhyMgm6QAvKbEiJEf7VAiTXWA9c=
Subject key identifier: B3:6F:0D:6E:46:4F:17:2E:DC:E5:B4:7E:E7:22:A3:70:BB:18:24:FF
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 1B5C05D80FB9633721DF1302F2941BCA04559DC5
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS153383.roa
Signing time: Thu 12 Mar 2026 08:34:43 +0000
ROA not before: Thu 12 Mar 2026 08:29:43 +0000
ROA not after: Thu 11 Mar 2027 08:34:43 +0000
asID: 153383
IP address blocks: 82.139.208.0/24 maxlen: 24
82.139.209.0/24 maxlen: 24
82.139.210.0/24 maxlen: 24
82.139.211.0/24 maxlen: 24
82.139.212.0/24 maxlen: 24
82.139.213.0/24 maxlen: 24
82.139.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:5c:05:d8:0f:b9:63:37:21:df:13:02:f2:94:1b:ca:04:55:9d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Mar 12 08:29:43 2026 GMT
Not After : Mar 11 08:34:43 2027 GMT
Subject: CN=B36F0D6E464F172EDCE5B47EE722A370BB1824FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cb:6a:00:94:2d:49:57:8a:76:b2:8f:44:19:
ca:ae:a2:ff:51:6c:15:5b:46:69:2f:89:07:a2:4e:
87:74:c5:56:0d:5e:5e:bf:74:05:88:bc:d3:cf:5c:
f5:2a:93:60:8c:8f:9e:e5:56:1e:7c:00:59:0b:55:
e0:bd:35:cc:c7:07:69:02:85:e9:7b:4d:da:dd:a6:
5b:ce:3a:8b:4b:40:87:22:9c:14:e2:99:6d:c9:38:
c3:18:ca:35:22:e4:e6:a9:0c:b3:4a:0e:72:f7:8e:
85:53:b3:51:6d:72:b1:f7:6d:d0:c6:7f:d4:20:e1:
53:25:e9:fa:5c:ce:1b:e6:8a:c1:cd:66:bd:16:bf:
91:f4:59:ec:2b:7e:de:f3:99:ae:ae:ce:b4:c0:2f:
c3:8f:d1:c4:96:3b:a4:56:96:28:00:db:a7:6a:f6:
73:a2:ea:2f:e9:e7:24:83:22:84:04:07:05:60:cd:
f4:34:e5:e6:c0:43:64:0f:f6:67:c1:d1:17:ed:dd:
73:30:d7:17:18:2e:c9:f7:79:17:6c:9d:fc:37:6d:
9d:cc:1c:8e:8b:34:5d:5d:35:c3:53:7c:bc:c3:2a:
17:4c:29:33:c5:df:b7:4f:3f:62:e8:f3:d9:3d:e3:
76:76:af:64:19:08:de:d0:27:02:a9:53:83:91:60:
b4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6F:0D:6E:46:4F:17:2E:DC:E5:B4:7E:E7:22:A3:70:BB:18:24:FF
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS153383.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.208.0-82.139.213.255
82.139.240.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7f:06:8d:31:5e:19:6f:03:d2:d6:b4:d5:4d:8e:04:b7:b3:
12:04:42:4a:b6:14:c1:27:b1:6a:08:ad:d5:1c:22:f4:3a:4f:
ac:a8:45:13:21:29:db:de:dd:82:8c:0c:5e:a4:dc:df:00:d5:
89:06:49:11:d4:5e:97:fa:9c:81:96:1d:3c:06:bb:2e:51:6d:
78:25:05:93:a4:54:58:54:b5:b5:74:cc:40:2d:a3:93:9d:53:
f9:dc:34:92:48:51:dd:da:d0:ac:20:86:b4:b4:7c:4d:d2:c6:
0a:4b:ab:ab:d6:5c:6d:0d:02:53:8c:b1:b2:72:77:a7:05:7b:
98:d4:df:e9:1d:53:d9:98:96:e9:82:ad:2a:76:24:b4:5a:5a:
ea:d7:5b:eb:05:72:86:cc:0f:4f:09:6b:26:3f:ce:1d:cb:5e:
70:18:17:c7:f1:87:96:89:71:23:ed:14:a4:88:ab:73:b7:69:
a8:8f:cd:0a:17:b8:79:56:4a:ef:6a:fc:47:76:5f:30:4c:14:
a9:20:7e:86:8b:53:4f:66:5a:24:67:80:ca:05:b5:34:0f:ce:
42:e3:db:e6:13:a7:93:66:66:46:e2:39:9e:06:71:f3:b5:9f:
56:39:41:0a:07:ce:73:96:72:74:8d:41:b4:49:be:e1:f4:9d:
1f:41:11:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUG1wF2A+5Yzch3xMC8pQbygRVncUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNjAzMTIwODI5NDNaFw0yNzAzMTEwODM0NDNaMDMxMTAvBgNV
BAMTKEIzNkYwRDZFNDY0RjE3MkVEQ0U1QjQ3RUU3MjJBMzcwQkIxODI0RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1y2oAlC1JV4p2so9EGcquov9R
bBVbRmkviQeiTod0xVYNXl6/dAWIvNPPXPUqk2CMj57lVh58AFkLVeC9NczHB2kC
hel7TdrdplvOOotLQIcinBTimW3JOMMYyjUi5OapDLNKDnL3joVTs1FtcrH3bdDG
f9Qg4VMl6fpczhvmisHNZr0Wv5H0Wewrft7zma6uzrTAL8OP0cSWO6RWligA26dq
9nOi6i/p5ySDIoQEBwVgzfQ05ebAQ2QP9mfB0Rft3XMw1xcYLsn3eRdsnfw3bZ3M
HI6LNF1dNcNTfLzDKhdMKTPF37dPP2Lo89k943Z2r2QZCN7QJwKpU4ORYLR5AgMB
AAGjggIYMIICFDAdBgNVHQ4EFgQUs28NbkZPFy7c5bR+5yKjcLsYJP8wHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTMTUzMzgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARS
i9ADBAFSi9QDBABSi/AwDQYJKoZIhvcNAQELBQADggEBAGN/Bo0xXhlvA9LWtNVN
jgS3sxIEQkq2FMEnsWoIrdUcIvQ6T6yoRRMhKdve3YKMDF6k3N8A1YkGSRHUXpf6
nIGWHTwGuy5RbXglBZOkVFhUtbV0zEAto5OdU/ncNJJIUd3a0KwghrS0fE3SxgpL
q6vWXG0NAlOMsbJyd6cFe5jU3+kdU9mYlumCrSp2JLRaWurXW+sFcobMD08JayY/
zh3LXnAYF8fxh5aJcSPtFKSIq3O3aaiPzQoXuHlWSu9q/Ed2XzBMFKkgfoaLU09m
WiRngMoFtTQPzkLj2+YTp5NmZkbiOZ4GcfO1n1Y5QQoHznOWcnSNQbRJvuH0nR9B
ERg=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:14:20 2026 by rpki-client