Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
File: AS135402.roa (raw, json)
Hash identifier: sBPS3pTGGBo+pV/gQ4mm0yXo5HHEnz/F/BSKZMOsxM4=
Subject key identifier: 77:28:FC:7D:E0:7D:51:55:ED:3E:55:45:B8:1E:17:85:66:5A:F0:C4
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 59F8944BFB53E0E784EAD977C0460FA11F92867C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
Signing time: Wed 15 Oct 2025 00:02:39 +0000
ROA not before: Tue 14 Oct 2025 23:57:39 +0000
ROA not after: Wed 14 Oct 2026 00:02:39 +0000
asID: 135402
IP address blocks: 143.14.159.0/24 maxlen: 24
146.103.0.0/24 maxlen: 24
162.141.11.0/24 maxlen: 24
162.141.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f8:94:4b:fb:53:e0:e7:84:ea:d9:77:c0:46:0f:a1:1f:92:86:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 14 23:57:39 2025 GMT
Not After : Oct 14 00:02:39 2026 GMT
Subject: CN=7728FC7DE07D5155ED3E5545B81E1785665AF0C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:82:6d:66:6e:22:44:61:c5:73:49:f5:03:c9:
12:e9:31:16:12:b2:7b:3e:a1:e2:33:6c:8a:95:13:
04:70:62:06:35:22:88:a0:4c:12:86:aa:cd:83:c4:
a9:ba:19:04:36:9c:40:9a:62:65:18:5a:bd:28:d8:
1a:53:89:65:54:87:ce:22:91:e9:49:74:eb:15:c7:
8e:9f:9f:9e:f0:59:23:d7:63:92:d1:12:87:d8:2a:
bf:f7:6e:f7:3b:b4:e2:f7:ff:97:84:50:5c:3a:82:
22:11:15:06:02:1f:07:7e:12:f3:02:b3:c2:36:3c:
54:35:bc:08:1f:13:a2:6b:76:44:fb:b1:cc:72:00:
e9:12:77:38:70:47:fd:ca:dd:f1:84:e2:a2:23:37:
1d:47:ec:fa:88:00:9a:4d:df:88:5f:b9:dc:62:0a:
35:38:9c:bd:1e:cd:e4:bd:35:55:23:5e:5d:89:5e:
d9:31:4f:0b:f5:38:fc:d4:27:a2:93:2c:1d:4d:cb:
08:56:12:75:9b:c0:6b:9f:dd:23:e2:9f:95:8d:28:
2c:60:fa:d8:72:eb:32:6b:da:3a:7e:03:90:6b:a9:
55:39:c0:9f:ce:6a:d4:38:4a:0c:0f:fc:96:91:31:
2d:81:d7:89:8c:9a:7f:d1:aa:c3:6e:51:44:ed:90:
15:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:28:FC:7D:E0:7D:51:55:ED:3E:55:45:B8:1E:17:85:66:5A:F0:C4
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.159.0/24
146.103.0.0/24
162.141.11.0/24
162.141.94.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:bf:37:b6:cb:b7:47:c8:ec:bb:fb:56:95:53:b2:e7:9e:19:
4e:ec:88:89:03:6e:e4:e9:75:28:ef:c5:06:66:49:77:1a:78:
5c:0c:bc:33:1b:e0:b3:ef:41:61:9e:48:cb:27:b8:11:a7:fe:
c9:66:54:ed:96:fe:1c:0a:54:fd:28:3c:fa:c7:fa:6f:d4:b1:
42:f1:1c:18:36:93:e3:d8:a0:6f:fe:b7:0d:bc:58:9c:82:5b:
b4:87:9f:86:04:10:df:cb:37:b7:0c:d9:3e:95:25:83:36:5f:
b5:f4:de:b1:ce:7c:3e:8f:19:c2:92:cc:3e:d1:72:31:5c:bb:
54:9f:a5:88:3b:f3:5b:99:8b:d2:28:0e:ab:4d:c2:84:b2:b9:
72:c1:1d:77:e3:a0:56:7c:9b:df:15:ce:af:65:79:42:bf:c2:
c6:ae:2c:c3:fa:e3:be:75:f2:f4:01:34:de:35:59:c4:c0:8f:
a3:cc:d2:b7:96:7f:cd:4a:96:9f:8d:ef:4a:12:a9:f7:33:15:
56:5d:de:3a:7c:1f:6a:a2:ec:73:bf:33:f9:70:dc:6f:c4:82:
11:be:91:24:a9:3c:14:ae:45:42:06:7d:9e:98:8b:61:4c:de:
3e:7e:5d:b1:5f:71:73:1e:bc:b8:0c:6c:70:9e:cb:01:78:1b:
62:0f:38:88
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUWfiUS/tT4OeE6tl3wEYPoR+ShnwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMTQyMzU3MzlaFw0yNjEwMTQwMDAyMzlaMDMxMTAvBgNV
BAMTKDc3MjhGQzdERTA3RDUxNTVFRDNFNTU0NUI4MUUxNzg1NjY1QUYwQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCygm1mbiJEYcVzSfUDyRLpMRYS
sns+oeIzbIqVEwRwYgY1IoigTBKGqs2DxKm6GQQ2nECaYmUYWr0o2BpTiWVUh84i
kelJdOsVx46fn57wWSPXY5LREofYKr/3bvc7tOL3/5eEUFw6giIRFQYCHwd+EvMC
s8I2PFQ1vAgfE6JrdkT7scxyAOkSdzhwR/3K3fGE4qIjNx1H7PqIAJpN34hfudxi
CjU4nL0ezeS9NVUjXl2JXtkxTwv1OPzUJ6KTLB1NywhWEnWbwGuf3SPin5WNKCxg
+thy6zJr2jp+A5BrqVU5wJ/OatQ4SgwP/JaRMS2B14mMmn/RqsNuUUTtkBVFAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUdyj8feB9UVXtPlVFuB4XhWZa8MQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1NDAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw6f
AwQAkmcAAwQAoo0LAwQAoo1eMA0GCSqGSIb3DQEBCwUAA4IBAQCbvze2y7dHyOy7
+1aVU7LnnhlO7IiJA27k6XUo78UGZkl3GnhcDLwzG+Cz70FhnkjLJ7gRp/7JZlTt
lv4cClT9KDz6x/pv1LFC8RwYNpPj2KBv/rcNvFicglu0h5+GBBDfyze3DNk+lSWD
Nl+19N6xznw+jxnCksw+0XIxXLtUn6WIO/NbmYvSKA6rTcKEsrlywR1346BWfJvf
Fc6vZXlCv8LGrizD+uO+dfL0ATTeNVnEwI+jzNK3ln/NSpafje9KEqn3MxVWXd46
fB9qouxzvzP5cNxvxIIRvpEkqTwUrkVCBn2emIthTN4+fl2xX3FzHry4DGxwnssB
eBtiDziI
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:30:01 2025 by rpki-client