Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: wcbiU4Dq/P8FRKxuRs+XvLfD6hPFVGT351b2zDP0EJQ=
Subject key identifier: 80:CB:F6:78:12:7B:EF:9A:4C:95:EA:1F:09:93:2C:01:87:ED:98:BF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 741D34AC6987476930162ABA76CF72649EDBCA0B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
Signing time: Wed 06 Aug 2025 00:01:07 +0000
ROA not before: Tue 05 Aug 2025 23:56:07 +0000
ROA not after: Wed 05 Aug 2026 00:01:07 +0000
asID: 137235
IP address blocks: 143.14.162.0/24 maxlen: 24
162.141.78.0/24 maxlen: 24
162.141.114.0/24 maxlen: 24
167.148.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:1d:34:ac:69:87:47:69:30:16:2a:ba:76:cf:72:64:9e:db:ca:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 5 23:56:07 2025 GMT
Not After : Aug 5 00:01:07 2026 GMT
Subject: CN=80CBF678127BEF9A4C95EA1F09932C0187ED98BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f3:ae:11:f0:e1:a0:c8:a8:88:6c:55:ba:d0:
7c:d9:d0:47:9d:dd:28:64:36:96:26:a5:8d:8e:24:
bd:3d:0a:f3:d6:76:2f:b5:9b:9c:e2:a2:11:99:00:
d1:1d:ad:cd:bf:a9:4e:80:99:8c:ba:41:cb:e0:13:
8c:ae:df:84:f3:34:19:fe:5b:af:b1:bd:4f:1c:e9:
66:63:1d:2d:06:cd:10:32:93:89:9a:af:83:62:5f:
cb:c5:c5:80:2a:12:13:73:c1:b3:5f:63:aa:96:84:
c3:26:61:7c:9c:b4:dc:2f:4a:51:65:61:71:ee:75:
11:9a:dd:6d:52:76:41:2b:d2:64:51:05:13:a3:84:
54:40:b5:0c:3e:4a:47:cc:33:1e:fc:0d:e2:56:c5:
2b:5a:11:68:aa:1c:77:4d:da:1e:62:88:78:3f:ed:
2b:01:8f:36:9d:f0:37:53:52:cd:84:9b:b5:1a:9e:
0b:14:71:ae:7c:6b:aa:62:81:d4:fc:e5:fe:75:1e:
55:4f:d3:1a:27:71:b0:4b:52:d5:a7:09:2c:b5:f8:
65:21:b7:ce:be:07:5c:68:77:59:16:9b:0e:3e:9d:
f2:d4:3c:4b:80:fc:94:81:5f:74:db:e2:01:47:61:
3e:eb:f2:98:df:f7:d7:bf:f3:6f:8c:9e:b9:45:e4:
98:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:CB:F6:78:12:7B:EF:9A:4C:95:EA:1F:09:93:2C:01:87:ED:98:BF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.162.0/24
162.141.78.0/24
162.141.114.0/24
167.148.3.0/24
Signature Algorithm: sha256WithRSAEncryption
38:bd:63:ed:90:3b:f6:f5:44:32:3c:e5:26:6d:52:21:76:ba:
05:98:79:af:41:51:78:82:45:81:9c:e5:6f:82:42:53:b1:3e:
87:7a:c7:4f:d5:c3:68:8d:df:fc:b8:ca:b7:fe:8c:d3:a0:eb:
11:71:09:4c:d9:80:fd:d1:11:95:3d:da:47:a4:8b:f1:70:49:
fd:47:2e:93:b8:63:87:ee:5f:16:a0:91:78:84:18:25:a9:88:
36:c4:73:10:6c:36:90:b8:ec:19:af:55:bd:97:65:62:e1:cf:
e5:5b:c6:00:44:83:59:39:d2:23:48:4b:10:b0:f9:9a:04:b9:
5e:ff:ff:c7:42:85:57:91:5c:bb:14:79:1c:bd:47:31:44:3d:
84:40:a4:ba:3e:86:2b:3a:53:00:ed:7a:a6:bc:ac:3d:13:79:
fd:a7:c7:36:67:b1:ad:be:1c:25:7b:27:58:18:49:a7:9f:e0:
b7:39:e5:b2:be:7a:46:f0:3f:72:b9:10:7f:b7:6c:f6:bc:4d:
76:c4:ce:dc:8b:e3:44:e8:f3:ee:84:66:b7:8f:51:19:f0:5d:
8a:1c:a3:ca:13:74:4b:d4:2d:c2:75:6a:8c:cd:d2:99:30:49:
3d:45:79:12:36:5b:39:9b:51:52:36:07:69:32:43:ee:f6:b0:
78:70:a7:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUdB00rGmHR2kwFiq6ds9yZJ7bygswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDUyMzU2MDdaFw0yNjA4MDUwMDAxMDdaMDMxMTAvBgNV
BAMTKDgwQ0JGNjc4MTI3QkVGOUE0Qzk1RUExRjA5OTMyQzAxODdFRDk4QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv864R8OGgyKiIbFW60HzZ0Eed
3ShkNpYmpY2OJL09CvPWdi+1m5ziohGZANEdrc2/qU6AmYy6QcvgE4yu34TzNBn+
W6+xvU8c6WZjHS0GzRAyk4mar4NiX8vFxYAqEhNzwbNfY6qWhMMmYXyctNwvSlFl
YXHudRGa3W1SdkEr0mRRBROjhFRAtQw+SkfMMx78DeJWxStaEWiqHHdN2h5iiHg/
7SsBjzad8DdTUs2Em7UangsUca58a6pigdT85f51HlVP0xoncbBLUtWnCSy1+GUh
t86+B1xod1kWmw4+nfLUPEuA/JSBX3Tb4gFHYT7r8pjf99e/82+MnrlF5JiRAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUgMv2eBJ775pMleofCZMsAYftmL8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw6i
AwQAoo1OAwQAoo1yAwQAp5QDMA0GCSqGSIb3DQEBCwUAA4IBAQA4vWPtkDv29UQy
POUmbVIhdroFmHmvQVF4gkWBnOVvgkJTsT6HesdP1cNojd/8uMq3/ozToOsRcQlM
2YD90RGVPdpHpIvxcEn9Ry6TuGOH7l8WoJF4hBglqYg2xHMQbDaQuOwZr1W9l2Vi
4c/lW8YARINZOdIjSEsQsPmaBLle///HQoVXkVy7FHkcvUcxRD2EQKS6PoYrOlMA
7XqmvKw9E3n9p8c2Z7GtvhwleydYGEmnn+C3OeWyvnpG8D9yuRB/t2z2vE12xM7c
i+NE6PPuhGa3j1EZ8F2KHKPKE3RL1C3CdWqMzdKZMEk9RXkSNls5m1FSNgdpMkPu
9rB4cKdk
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:49:37 2025 by rpki-client