Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
File: AS135402.roa (raw, json)
Hash identifier: KlgjOoZSmjyWDkzp2yAK7KfHamK7ZiGwmagCUyeGzs8=
Subject key identifier: FE:59:AF:9D:D5:E9:FA:03:B1:BC:5D:79:15:E9:C5:31:4E:00:DE:BA
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 41D30C7F648A449C6CB6A1FBADFEDC50B20FDA05
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
Signing time: Tue 06 May 2025 11:28:31 +0000
ROA not before: Tue 06 May 2025 11:23:31 +0000
ROA not after: Tue 05 May 2026 11:28:31 +0000
asID: 135402
IP address blocks: 143.14.253.0/24 maxlen: 24
146.103.0.0/24 maxlen: 24
155.117.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:d3:0c:7f:64:8a:44:9c:6c:b6:a1:fb:ad:fe:dc:50:b2:0f:da:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 6 11:23:31 2025 GMT
Not After : May 5 11:28:31 2026 GMT
Subject: CN=FE59AF9DD5E9FA03B1BC5D7915E9C5314E00DEBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:49:95:a1:29:66:5b:19:c2:71:fa:6e:f8:92:
0e:fa:82:4f:9c:33:85:a4:af:08:a5:08:35:ac:0e:
19:a5:5d:af:d2:20:28:66:a7:59:9e:04:f8:1c:09:
f0:67:0f:29:9a:ec:fa:24:eb:68:07:d5:2b:8a:29:
99:b8:9d:98:b4:57:df:d6:2a:a1:3c:d6:70:79:1f:
e7:7c:05:d2:f3:d5:75:62:26:2a:54:f3:29:59:74:
82:b2:28:ba:78:78:a8:3d:56:13:5a:49:00:ec:67:
6f:5c:18:04:59:4b:e1:c2:86:0f:f6:d8:73:4d:93:
f0:3e:22:e0:1d:f7:4c:89:8b:c1:9e:37:b2:73:30:
ed:06:d4:16:d4:20:9d:78:30:e8:59:62:95:33:bc:
90:b7:68:04:3f:d7:96:e9:65:5c:36:4c:a6:eb:b2:
b5:41:b3:d0:b7:51:7b:16:2f:99:5d:c1:a6:66:32:
df:f4:c2:c5:64:b9:84:5a:fa:b8:a0:20:36:bc:77:
e2:51:50:0b:70:c3:c5:e4:74:64:e4:d0:a3:7a:86:
da:74:3f:8d:b4:0c:f5:39:46:2f:7b:a4:81:77:92:
5e:2a:a7:89:2d:8d:a2:ee:db:84:44:c7:c1:cd:a0:
7c:ad:e7:d6:32:62:73:74:26:48:33:44:25:08:81:
40:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:59:AF:9D:D5:E9:FA:03:B1:BC:5D:79:15:E9:C5:31:4E:00:DE:BA
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.253.0/24
146.103.0.0/24
155.117.242.0/24
Signature Algorithm: sha256WithRSAEncryption
84:94:22:d2:81:c9:90:c1:f1:03:e2:c5:56:43:27:d5:27:fa:
08:0b:9a:b2:e4:bb:fc:d4:39:b0:01:d0:0a:b1:a7:eb:4f:a4:
cd:0c:5d:f7:4a:0f:50:8c:e0:2f:89:e1:91:ec:3c:38:b0:82:
b4:a0:81:43:88:70:6c:b8:71:71:91:e5:5a:60:37:c6:0d:7e:
00:bb:c6:92:c2:7e:80:b2:52:99:18:d9:09:a3:c1:4e:e3:e4:
95:be:af:2d:87:af:65:57:da:46:7b:4b:41:7d:8c:88:a3:9e:
5e:51:4f:d7:4b:ad:a3:5c:64:48:32:65:49:4e:94:97:58:f4:
8f:bc:c0:d9:9b:d7:29:82:3b:8c:b8:98:c6:88:d4:a9:e0:6d:
74:b9:a3:9d:e3:ec:4c:fc:c7:00:ff:98:46:f2:b8:f0:a4:f0:
81:4a:0b:cd:1d:05:2b:a3:bb:0b:9c:e6:db:fc:ea:04:c9:df:
5b:8f:ef:22:0c:1d:a6:c5:a4:ff:ec:8d:6a:07:77:31:19:35:
8c:d7:3d:90:5b:5f:ae:cf:a9:05:99:33:54:04:03:fe:81:72:
de:80:25:ec:db:0d:22:ef:4e:7d:8c:8f:f6:70:2f:04:40:75:
73:1e:21:af:81:c1:08:79:4b:9d:ae:72:19:e5:f0:ce:40:d9:
12:2e:78:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUQdMMf2SKRJxstqH7rf7cULIP2gUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDYxMTIzMzFaFw0yNjA1MDUxMTI4MzFaMDMxMTAvBgNV
BAMTKEZFNTlBRjlERDVFOUZBMDNCMUJDNUQ3OTE1RTlDNTMxNEUwMERFQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkSZWhKWZbGcJx+m74kg76gk+c
M4WkrwilCDWsDhmlXa/SIChmp1meBPgcCfBnDyma7Pok62gH1SuKKZm4nZi0V9/W
KqE81nB5H+d8BdLz1XViJipU8ylZdIKyKLp4eKg9VhNaSQDsZ29cGARZS+HChg/2
2HNNk/A+IuAd90yJi8GeN7JzMO0G1BbUIJ14MOhZYpUzvJC3aAQ/15bpZVw2TKbr
srVBs9C3UXsWL5ldwaZmMt/0wsVkuYRa+rigIDa8d+JRUAtww8XkdGTk0KN6htp0
P420DPU5Ri97pIF3kl4qp4ktjaLu24REx8HNoHyt59YyYnN0JkgzRCUIgUCvAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU/lmvndXp+gOxvF15FenFMU4A3rowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1NDAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjw79
AwQAkmcAAwQAm3XyMA0GCSqGSIb3DQEBCwUAA4IBAQCElCLSgcmQwfED4sVWQyfV
J/oIC5qy5Lv81DmwAdAKsafrT6TNDF33Sg9QjOAvieGR7Dw4sIK0oIFDiHBsuHFx
keVaYDfGDX4Au8aSwn6AslKZGNkJo8FO4+SVvq8th69lV9pGe0tBfYyIo55eUU/X
S62jXGRIMmVJTpSXWPSPvMDZm9cpgjuMuJjGiNSp4G10uaOd4+xM/McA/5hG8rjw
pPCBSgvNHQUro7sLnObb/OoEyd9bj+8iDB2mxaT/7I1qB3cxGTWM1z2QW1+uz6kF
mTNUBAP+gXLegCXs2w0i7059jI/2cC8EQHVzHiGvgcEIeUudrnIZ5fDOQNkSLngk
-----END CERTIFICATE-----
Generated at Tue May 6 22:38:37 2025 by rpki-client