Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13213.roa
File: AS13213.roa (raw, json)
Hash identifier: BGg/hktYTV6famKvDccZpjct9LbKLsAcoEWMDdW94mo=
Subject key identifier: 9B:D8:18:80:5A:D9:0F:7C:2D:92:6A:1E:00:DB:87:CC:17:6E:2D:FC
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3E39BD14D07CC93B0553B9AFFA1162CD0597E3C2
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13213.roa
Signing time: Mon 23 Jun 2025 09:37:27 +0000
ROA not before: Mon 23 Jun 2025 09:32:27 +0000
ROA not after: Mon 22 Jun 2026 09:37:27 +0000
asID: 13213
IP address blocks: 145.223.43.0/24 maxlen: 24
145.223.46.0/24 maxlen: 24
145.223.48.0/24 maxlen: 24
145.223.49.0/24 maxlen: 24
146.103.2.0/24 maxlen: 24
146.103.3.0/24 maxlen: 24
146.103.56.0/24 maxlen: 24
155.117.33.0/24 maxlen: 24
155.117.35.0/24 maxlen: 24
155.117.37.0/24 maxlen: 24
155.117.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:39:bd:14:d0:7c:c9:3b:05:53:b9:af:fa:11:62:cd:05:97:e3:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 23 09:32:27 2025 GMT
Not After : Jun 22 09:37:27 2026 GMT
Subject: CN=9BD818805AD90F7C2D926A1E00DB87CC176E2DFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:35:23:33:46:72:8c:e9:46:ac:83:91:ed:3c:
0e:04:89:c8:a5:96:fc:0a:4d:9c:ab:69:16:3a:e4:
63:f0:1b:11:7b:21:f8:a7:e7:61:97:35:90:ae:0f:
6b:06:d7:fb:e5:2b:39:21:14:30:37:7d:c9:ee:37:
b9:de:09:c3:11:24:cc:7c:ec:63:24:b0:25:a3:27:
bc:eb:50:a7:61:ec:ae:6c:20:8a:c1:59:e9:e0:60:
db:9c:df:15:53:d8:c9:24:ff:25:ec:99:bc:fe:ff:
7c:d1:32:78:29:f0:f3:40:b9:c4:15:35:21:da:66:
1a:a4:c8:05:75:75:cd:7d:11:05:ec:5c:20:5b:ea:
9c:b8:f1:81:71:f4:54:db:05:7e:93:26:0d:68:6e:
7e:60:fd:84:4d:9d:05:c2:6a:e8:14:87:56:d5:c1:
7b:78:9d:4c:76:e3:a5:f9:10:52:86:75:0a:45:5b:
0c:82:d0:a9:59:83:88:44:94:d6:7c:0a:28:62:35:
f6:57:2f:f9:28:b1:1b:d0:ea:2f:68:00:d5:63:81:
33:6d:6f:44:eb:b3:3c:55:9d:29:bf:62:c1:b5:ea:
6b:d5:d6:73:88:68:88:c4:fd:8a:02:ff:dd:8c:cd:
ca:d4:88:26:83:7d:63:37:27:73:12:68:b6:bd:89:
aa:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D8:18:80:5A:D9:0F:7C:2D:92:6A:1E:00:DB:87:CC:17:6E:2D:FC
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13213.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.43.0/24
145.223.46.0/24
145.223.48.0/23
146.103.2.0/23
146.103.56.0/24
155.117.33.0/24
155.117.35.0/24
155.117.37.0/24
155.117.39.0/24
Signature Algorithm: sha256WithRSAEncryption
38:7c:6b:11:4e:06:9d:26:43:61:8f:1c:fb:86:b4:78:30:63:
02:78:7e:61:f1:79:0a:4f:a0:49:e9:13:39:cd:6b:69:9b:9f:
e6:ef:1d:4c:a0:33:73:a4:cd:c1:c2:e2:a5:1a:5c:e9:37:cf:
80:43:0d:df:96:ea:2f:10:50:d1:fb:72:10:3f:02:26:33:e5:
3a:f5:72:8b:cf:5b:83:b8:9c:dc:2e:e7:72:27:7c:24:ad:c1:
ce:2c:ff:97:5e:ad:eb:c4:46:f8:6e:66:61:a5:23:1d:61:fe:
1d:bd:dc:a2:65:98:9e:ff:67:15:10:2f:cd:20:a6:3d:15:38:
68:ac:53:df:8e:c8:f8:f0:89:ba:8a:69:fc:5c:3f:85:91:98:
91:b4:ef:27:ac:ef:21:aa:60:4c:44:f0:44:59:3e:b7:af:80:
7f:9e:5c:02:29:f9:49:1f:f4:a6:47:88:72:d8:92:07:9a:db:
12:18:98:7e:ed:0f:4e:8d:5e:b9:83:f7:ed:16:d3:9a:30:d0:
f7:ef:f4:b8:76:cb:44:95:55:13:0e:62:3e:26:30:81:be:60:
d0:ac:cd:7a:a4:f3:07:91:b7:69:35:d5:d0:b7:ed:5d:98:42:
a5:27:d5:73:bf:f5:df:e7:92:68:91:dc:fb:09:89:e2:6b:3c:
5b:2a:f1:43
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUPjm9FNB8yTsFU7mv+hFizQWX48IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjMwOTMyMjdaFw0yNjA2MjIwOTM3MjdaMDMxMTAvBgNV
BAMTKDlCRDgxODgwNUFEOTBGN0MyRDkyNkExRTAwREI4N0NDMTc2RTJERkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqNSMzRnKM6Uasg5HtPA4Eicil
lvwKTZyraRY65GPwGxF7Ifin52GXNZCuD2sG1/vlKzkhFDA3fcnuN7neCcMRJMx8
7GMksCWjJ7zrUKdh7K5sIIrBWengYNuc3xVT2Mkk/yXsmbz+/3zRMngp8PNAucQV
NSHaZhqkyAV1dc19EQXsXCBb6py48YFx9FTbBX6TJg1obn5g/YRNnQXCaugUh1bV
wXt4nUx246X5EFKGdQpFWwyC0KlZg4hElNZ8CihiNfZXL/kosRvQ6i9oANVjgTNt
b0TrszxVnSm/YsG16mvV1nOIaIjE/YoC/92MzcrUiCaDfWM3J3MSaLa9iaoTAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUm9gYgFrZD3wtkmoeANuHzBduLfwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTMyMTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBACR3ysD
BACR3y4DBAGR3zADBAGSZwIDBACSZzgDBACbdSEDBACbdSMDBACbdSUDBACbdScw
DQYJKoZIhvcNAQELBQADggEBADh8axFOBp0mQ2GPHPuGtHgwYwJ4fmHxeQpPoEnp
EznNa2mbn+bvHUygM3OkzcHC4qUaXOk3z4BDDd+W6i8QUNH7chA/AiYz5Tr1covP
W4O4nNwu53InfCStwc4s/5derevERvhuZmGlIx1h/h293KJlmJ7/ZxUQL80gpj0V
OGisU9+OyPjwibqKafxcP4WRmJG07yes7yGqYExE8ERZPrevgH+eXAIp+Ukf9KZH
iHLYkgea2xIYmH7tD06NXrmD9+0W05ow0Pfv9Lh2y0SVVRMOYj4mMIG+YNCszXqk
8weRt2k11dC37V2YQqUn1XO/9d/nkmiR3PsJieJrPFsq8UM=
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:44:16 2025 by rpki-client