Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS146996.roa
File: AS146996.roa (raw, json)
Hash identifier: QqL9MIRKQ+MLhulQPAgXnrT+Eh4CK4n/kZaQgqWGLH4=
Subject key identifier: F7:CC:06:6B:DA:45:8F:9E:6A:B6:9F:C7:07:BB:B1:A3:9C:89:BC:ED
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1E689FE422411353350E2481C24E259F2B252B47
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS146996.roa
Signing time: Thu 30 Apr 2026 07:52:13 +0000
ROA not before: Thu 30 Apr 2026 07:47:13 +0000
ROA not after: Thu 29 Apr 2027 07:52:13 +0000
asID: 146996
IP address blocks: 2a13:9500:16c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:68:9f:e4:22:41:13:53:35:0e:24:81:c2:4e:25:9f:2b:25:2b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 30 07:47:13 2026 GMT
Not After : Apr 29 07:52:13 2027 GMT
Subject: CN=F7CC066BDA458F9E6AB69FC707BBB1A39C89BCED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0f:65:b2:26:d2:f8:1b:66:c3:54:99:46:4c:
46:08:67:4e:fa:82:37:8b:9f:24:7a:0b:d9:fd:8e:
d3:e1:d4:69:9e:da:c8:9e:bf:16:3b:95:a9:e3:60:
e9:42:82:9d:9f:02:aa:42:b7:5c:77:d8:06:f0:19:
4b:18:9b:42:d3:42:75:95:c5:75:4d:97:a6:c0:0e:
5a:25:bd:a6:58:17:64:b1:da:08:e6:3a:05:b6:0d:
f6:49:5c:7c:c0:6a:6d:5a:6b:11:7e:f0:37:60:b2:
c8:64:82:81:83:fd:f5:ff:3a:95:44:ea:e9:2c:db:
e6:ee:0f:88:73:f9:9d:00:45:28:50:9a:19:e9:82:
9d:96:a0:a8:63:bc:c6:60:0a:cd:80:e2:78:06:a6:
75:38:86:5f:ab:1e:f5:bd:4d:96:6b:bc:8d:93:d1:
47:ec:87:52:34:ef:ad:8d:bc:be:a1:f5:bd:19:d6:
8a:cf:e9:e7:5c:9f:56:e8:d2:04:91:ec:da:32:36:
cf:f8:1e:21:da:19:11:9b:74:3e:6c:7e:f3:96:0c:
0d:ee:03:bd:fe:16:37:e5:b9:fc:33:0c:52:36:4a:
a7:c8:32:e6:e2:6d:46:d1:db:3d:95:18:88:eb:e5:
95:3b:c1:ba:09:6d:77:76:b4:18:2f:f8:70:7a:99:
cb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CC:06:6B:DA:45:8F:9E:6A:B6:9F:C7:07:BB:B1:A3:9C:89:BC:ED
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS146996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:16c::/48
Signature Algorithm: sha256WithRSAEncryption
47:7d:9e:b0:a0:2a:e8:3a:58:25:be:45:e2:fc:53:03:2d:1c:
45:6a:7e:12:75:85:38:dd:52:a8:f2:79:a9:8e:90:b6:c8:c9:
77:d6:3c:be:86:9a:a6:f1:15:2a:b7:f1:3e:61:ab:0b:8f:1a:
0d:7a:4a:18:2e:7d:37:83:f1:85:34:73:3c:04:df:12:2d:b0:
c7:1c:25:4a:86:78:59:b5:fa:97:86:7e:d0:6d:b3:bc:33:73:
aa:dd:18:3c:be:94:2a:6b:c5:e4:1f:b1:16:5f:e5:2c:10:fc:
99:57:d9:79:e0:c5:d1:48:0a:f7:d4:1b:e7:37:32:93:47:24:
fa:ad:15:37:13:99:18:7e:f6:f5:c8:30:12:d1:c2:2c:c5:3d:
b3:98:8d:d3:fc:89:2e:b4:73:02:43:e7:15:77:f0:e5:cf:fa:
1b:c2:ba:ee:1d:19:99:2e:dd:2f:5e:56:6d:27:f5:bb:34:41:
40:99:57:4d:9c:7e:1d:72:7a:cd:d1:b3:53:18:db:b5:d9:27:
8b:7d:10:6f:ae:04:a7:b6:b0:85:5d:22:10:5d:a1:ad:da:ee:
4a:df:29:9b:4a:8f:df:5d:51:b9:81:56:b4:bb:9f:fb:62:1e:
b0:e4:fb:f5:cb:e7:6e:37:d5:eb:3c:80:72:b8:ba:cc:dc:d8:
da:19:82:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUHmif5CJBE1M1DiSBwk4lnyslK0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MzAwNzQ3MTNaFw0yNzA0MjkwNzUyMTNaMDMxMTAvBgNV
BAMTKEY3Q0MwNjZCREE0NThGOUU2QUI2OUZDNzA3QkJCMUEzOUM4OUJDRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkD2WyJtL4G2bDVJlGTEYIZ076
gjeLnyR6C9n9jtPh1Gme2sievxY7lanjYOlCgp2fAqpCt1x32AbwGUsYm0LTQnWV
xXVNl6bADlolvaZYF2Sx2gjmOgW2DfZJXHzAam1aaxF+8DdgsshkgoGD/fX/OpVE
6uks2+buD4hz+Z0ARShQmhnpgp2WoKhjvMZgCs2A4ngGpnU4hl+rHvW9TZZrvI2T
0Ufsh1I0762NvL6h9b0Z1orP6edcn1bo0gSR7NoyNs/4HiHaGRGbdD5sfvOWDA3u
A73+FjflufwzDFI2SqfIMubibUbR2z2VGIjr5ZU7wboJbXd2tBgv+HB6mcvhAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU98wGa9pFj55qtp/HB7uxo5yJvO0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ2OTk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AAFsMA0GCSqGSIb3DQEBCwUAA4IBAQBHfZ6woCroOlglvkXi/FMDLRxFan4SdYU4
3VKo8nmpjpC2yMl31jy+hpqm8RUqt/E+YasLjxoNekoYLn03g/GFNHM8BN8SLbDH
HCVKhnhZtfqXhn7QbbO8M3Oq3Rg8vpQqa8XkH7EWX+UsEPyZV9l54MXRSAr31Bvn
NzKTRyT6rRU3E5kYfvb1yDAS0cIsxT2zmI3T/IkutHMCQ+cVd/Dlz/obwrruHRmZ
Lt0vXlZtJ/W7NEFAmVdNnH4dcnrN0bNTGNu12SeLfRBvrgSntrCFXSIQXaGt2u5K
3ymbSo/fXVG5gVa0u5/7Yh6w5Pv1y+duN9XrPIByuLrM3NjaGYIv
-----END CERTIFICATE-----
Generated at Wed May 13 06:04:55 2026 by rpki-client