Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS134926.roa
File: AS134926.roa (raw, json)
Hash identifier: U7C9VFTqZC8h+Oad8Cp1fgRdChcsR48ocsu4MbQPTIc=
Subject key identifier: 34:71:4A:68:F3:7F:C7:1F:07:85:B1:53:2C:EE:89:11:7D:5F:61:E8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 570CDC718FCCB5546888F998C14DDC130A03379E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS134926.roa
Signing time: Wed 08 Oct 2025 11:57:14 +0000
ROA not before: Wed 08 Oct 2025 11:52:14 +0000
ROA not after: Wed 07 Oct 2026 11:57:14 +0000
asID: 134926
IP address blocks: 150.241.244.0/24 maxlen: 24
150.241.245.0/24 maxlen: 24
150.241.246.0/24 maxlen: 24
150.241.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:0c:dc:71:8f:cc:b5:54:68:88:f9:98:c1:4d:dc:13:0a:03:37:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 8 11:52:14 2025 GMT
Not After : Oct 7 11:57:14 2026 GMT
Subject: CN=34714A68F37FC71F0785B1532CEE89117D5F61E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6d:70:f1:29:7f:90:d8:be:4b:c6:7b:a8:bf:
f6:30:f8:9a:c1:f2:f4:59:2c:c1:0f:98:ea:a9:ef:
72:02:0c:d2:86:af:e0:52:73:30:a2:76:78:94:89:
72:b6:e9:3a:d4:e8:5e:2b:ff:f5:7d:e1:5f:d4:90:
69:33:54:ba:97:d3:bf:34:77:c5:08:31:8f:6c:b9:
92:ba:25:6f:3c:aa:0d:94:92:e3:b8:5a:df:90:0a:
c8:ec:bb:5a:b7:8b:52:ef:24:c5:80:0d:78:bb:84:
df:7c:ce:04:10:f4:4d:e9:bd:67:31:3f:f8:c8:af:
3d:6d:8d:a9:46:07:00:b8:2e:b9:18:09:94:83:1e:
8c:9f:bf:6c:87:ca:3a:9c:94:ae:7d:74:8c:b3:f6:
07:4f:68:a7:d4:01:0c:a5:5d:23:28:72:3a:9b:78:
41:08:d3:c4:fd:fd:c2:4a:1a:8f:67:5e:8d:83:9f:
f5:40:b5:9f:f1:df:b6:e9:56:c5:9a:ae:f9:58:c5:
a5:2b:ec:ef:da:50:2f:78:6f:04:e4:2e:70:39:1c:
30:05:41:51:07:3b:93:45:2e:00:fe:5b:c8:bf:5e:
34:3c:a2:ab:16:15:60:f6:f9:45:e4:ae:00:73:54:
83:b0:6f:4f:df:e7:5c:3d:73:b5:35:b7:95:a3:d2:
83:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:71:4A:68:F3:7F:C7:1F:07:85:B1:53:2C:EE:89:11:7D:5F:61:E8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS134926.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.244.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:ad:ec:04:fb:e5:f5:1f:05:23:bd:0e:72:ab:ca:c6:79:cb:
11:c6:bc:6a:7b:9d:f7:8d:f4:74:5a:81:b0:09:3a:d6:f1:b5:
af:9a:f4:45:36:f6:0f:3e:da:0c:28:50:c8:5d:fb:f5:9d:7e:
a9:38:2a:49:44:3b:67:bd:d9:ce:9a:9b:49:36:e4:35:ef:8c:
94:da:4d:8b:1f:a6:ff:ff:1a:9f:f7:3d:0d:fe:7b:5a:a0:4e:
fd:a3:16:8c:6f:34:53:8e:dc:07:16:65:5d:b1:75:bb:1f:09:
76:44:12:03:45:80:48:50:be:0f:eb:e2:5d:a5:8d:7f:e6:6e:
97:27:5c:55:66:57:fc:0d:aa:47:bb:1c:bf:62:3b:d0:e4:6b:
ec:bc:40:76:87:51:6b:57:3c:4f:a2:38:73:2e:01:7b:c3:dc:
83:51:2a:bf:38:3e:f4:dd:a2:f6:91:0b:6e:98:15:77:34:a9:
99:e2:f7:9c:49:19:d7:e9:69:86:10:a3:2c:cb:42:48:51:86:
3a:8f:53:0e:54:41:55:04:37:88:a1:43:ff:c5:f0:6a:95:cb:
f4:a1:a6:de:16:d2:74:25:19:f7:8e:1f:c8:05:69:b6:65:a2:
21:73:3c:3e:2e:c9:ee:95:1a:b4:49:65:42:86:6d:5e:6d:57:
d8:a9:80:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVwzccY/MtVRoiPmYwU3cEwoDN54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMDgxMTUyMTRaFw0yNjEwMDcxMTU3MTRaMDMxMTAvBgNV
BAMTKDM0NzE0QTY4RjM3RkM3MUYwNzg1QjE1MzJDRUU4OTExN0Q1RjYxRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbbXDxKX+Q2L5Lxnuov/Yw+JrB
8vRZLMEPmOqp73ICDNKGr+BSczCidniUiXK26TrU6F4r//V94V/UkGkzVLqX0780
d8UIMY9suZK6JW88qg2UkuO4Wt+QCsjsu1q3i1LvJMWADXi7hN98zgQQ9E3pvWcx
P/jIrz1tjalGBwC4LrkYCZSDHoyfv2yHyjqclK59dIyz9gdPaKfUAQylXSMocjqb
eEEI08T9/cJKGo9nXo2Dn/VAtZ/x37bpVsWarvlYxaUr7O/aUC94bwTkLnA5HDAF
QVEHO5NFLgD+W8i/XjQ8oqsWFWD2+UXkrgBzVIOwb0/f51w9c7U1t5Wj0oOzAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUNHFKaPN/xx8HhbFTLO6JEX1fYegwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM0OTI2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClvH0
MA0GCSqGSIb3DQEBCwUAA4IBAQC2rewE++X1HwUjvQ5yq8rGecsRxrxqe533jfR0
WoGwCTrW8bWvmvRFNvYPPtoMKFDIXfv1nX6pOCpJRDtnvdnOmptJNuQ174yU2k2L
H6b//xqf9z0N/ntaoE79oxaMbzRTjtwHFmVdsXW7Hwl2RBIDRYBIUL4P6+JdpY1/
5m6XJ1xVZlf8DapHuxy/YjvQ5GvsvEB2h1FrVzxPojhzLgF7w9yDUSq/OD703aL2
kQtumBV3NKmZ4vecSRnX6WmGEKMsy0JIUYY6j1MOVEFVBDeIoUP/xfBqlcv0oabe
FtJ0JRn3jh/IBWm2ZaIhczw+LsnulRq0SWVChm1ebVfYqYCr
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:57:38 2025 by rpki-client