Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa
File: AS135391.roa (raw, json)
Hash identifier: bNR6223F/9//QKFo8Z0tWnW9+zIyu+VrReIPcSQ0TwQ=
Subject key identifier: 7F:EF:14:44:28:FF:1D:15:22:DD:11:16:D1:D2:4F:00:38:BD:F5:E3
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4D451EA79523B7E974094182919453F7E1A6D60C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa
Signing time: Tue 06 May 2025 11:25:51 +0000
ROA not before: Tue 06 May 2025 11:20:51 +0000
ROA not after: Tue 05 May 2026 11:25:51 +0000
asID: 135391
IP address blocks: 147.79.56.0/24 maxlen: 24
155.117.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:45:1e:a7:95:23:b7:e9:74:09:41:82:91:94:53:f7:e1:a6:d6:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 6 11:20:51 2025 GMT
Not After : May 5 11:25:51 2026 GMT
Subject: CN=7FEF144428FF1D1522DD1116D1D24F0038BDF5E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8f:95:3e:c2:a8:0f:54:42:61:f0:a4:37:08:
36:0c:ea:99:bc:2d:71:e4:5b:52:bb:05:ce:63:bc:
2b:73:06:1d:4d:85:c6:b6:d1:d4:90:9e:ec:c9:d7:
d5:b1:81:de:45:63:41:f1:7e:f8:c0:6a:2c:c3:1d:
3b:43:c8:c1:f4:4d:bd:b8:c7:06:0e:c8:32:f1:6c:
6c:80:97:81:8b:26:d7:87:78:32:0d:b0:ce:53:51:
ec:62:d6:66:e8:d7:ae:60:6c:14:cc:60:94:a1:9d:
15:30:1f:0b:4d:7e:37:11:22:5f:fc:08:40:12:8c:
8b:50:1f:c8:91:b7:1f:60:49:5f:90:fc:78:75:06:
34:3c:4f:d8:14:4a:0f:3f:40:a2:30:d8:d1:9e:58:
bb:77:12:1c:b1:17:04:67:0a:f8:f9:96:e1:59:14:
81:fd:91:f4:cd:b5:ea:a9:2b:58:0a:f2:6a:bf:13:
be:2a:38:14:bc:5f:16:0e:66:70:fc:7b:9e:09:19:
e4:5e:11:e1:e3:77:3f:3e:8a:81:b7:0e:0e:00:c0:
79:72:e4:0b:af:ec:e0:4a:52:13:0c:04:cf:e2:8b:
1a:4e:b3:d3:43:c5:5b:de:4d:ec:25:ba:0a:1d:1f:
66:e0:e8:ad:7e:94:14:d0:02:6c:06:fb:31:1a:12:
58:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:EF:14:44:28:FF:1D:15:22:DD:11:16:D1:D2:4F:00:38:BD:F5:E3
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.56.0/24
155.117.1.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:e2:92:05:64:d2:00:24:ac:a1:e3:e1:bb:81:01:44:5b:79:
a8:da:25:39:2f:a6:15:db:16:a2:27:fd:e5:62:25:7b:bf:a6:
21:62:f6:ca:2a:40:41:de:34:d4:c8:14:04:a9:43:46:9e:c3:
f6:10:f2:f2:97:e4:30:b9:fb:63:7d:d9:72:17:5e:0e:c3:93:
19:20:59:0f:1c:09:f5:53:43:d8:01:16:2b:03:30:93:d1:55:
a8:ff:aa:9d:89:b2:e8:0b:ea:14:0a:af:6f:e7:4e:dc:ba:97:
ff:b3:bd:38:f1:0f:ed:e9:cf:ad:01:5c:fb:8b:6a:52:f6:2e:
a3:66:57:b8:e6:a1:68:9d:59:1e:d4:7a:d3:b9:ff:6f:7c:a4:
5c:55:e7:66:d7:71:74:15:7c:ff:23:d9:66:02:ff:de:f8:80:
12:17:b7:0e:5d:44:06:5a:fc:b1:27:0c:c8:76:01:7a:a5:7a:
4f:15:d7:7c:b1:34:46:22:a5:a8:a1:3a:3c:cb:8a:b2:61:7d:
ec:23:d1:e7:a0:2d:23:a0:94:e0:3a:75:9f:53:b9:c1:3f:56:
bd:75:ae:0c:c3:7f:d4:9c:7c:1a:36:8f:6f:f4:53:6b:07:9a:
8b:82:1e:f1:8b:c3:cd:91:ed:0e:17:bd:18:cb:79:c9:b2:a9:
6f:81:79:71
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUTUUep5Ujt+l0CUGCkZRT9+Gm1gwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDYxMTIwNTFaFw0yNjA1MDUxMTI1NTFaMDMxMTAvBgNV
BAMTKDdGRUYxNDQ0MjhGRjFEMTUyMkREMTExNkQxRDI0RjAwMzhCREY1RTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfj5U+wqgPVEJh8KQ3CDYM6pm8
LXHkW1K7Bc5jvCtzBh1Nhca20dSQnuzJ19Wxgd5FY0HxfvjAaizDHTtDyMH0Tb24
xwYOyDLxbGyAl4GLJteHeDINsM5TUexi1mbo165gbBTMYJShnRUwHwtNfjcRIl/8
CEASjItQH8iRtx9gSV+Q/Hh1BjQ8T9gUSg8/QKIw2NGeWLt3EhyxFwRnCvj5luFZ
FIH9kfTNteqpK1gK8mq/E74qOBS8XxYOZnD8e54JGeReEeHjdz8+ioG3Dg4AwHly
5Auv7OBKUhMMBM/iixpOs9NDxVveTewlugodH2bg6K1+lBTQAmwG+zEaElifAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUf+8URCj/HRUi3REW0dJPADi99eMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1MzkxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk084
AwQAm3UBMA0GCSqGSIb3DQEBCwUAA4IBAQAe4pIFZNIAJKyh4+G7gQFEW3mo2iU5
L6YV2xaiJ/3lYiV7v6YhYvbKKkBB3jTUyBQEqUNGnsP2EPLyl+QwuftjfdlyF14O
w5MZIFkPHAn1U0PYARYrAzCT0VWo/6qdibLoC+oUCq9v507cupf/s7048Q/t6c+t
AVz7i2pS9i6jZle45qFonVke1HrTuf9vfKRcVedm13F0FXz/I9lmAv/e+IASF7cO
XUQGWvyxJwzIdgF6pXpPFdd8sTRGIqWooTo8y4qyYX3sI9HnoC0joJTgOnWfU7nB
P1a9da4Mw3/UnHwaNo9v9FNrB5qLgh7xi8PNke0OF70Yy3nJsqlvgXlx
-----END CERTIFICATE-----
Generated at Sat May 10 08:26:06 2025 by rpki-client