Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: SjV43jS66hDrYfa5S+IJk4/xoo5nk5zCUMzmOubDc80=
Subject key identifier: FD:84:0E:A1:37:4E:3C:8D:51:75:1E:7B:20:7E:80:39:AA:7A:1F:D9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3C5BBD98DDB7C561D29A81AFB5CB4CFA07D43DEC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
Signing time: Mon 16 Jun 2025 03:28:29 +0000
ROA not before: Mon 16 Jun 2025 03:23:29 +0000
ROA not after: Mon 15 Jun 2026 03:28:29 +0000
asID: 137235
IP address blocks: 143.14.71.0/24 maxlen: 24
143.14.162.0/24 maxlen: 24
155.117.243.0/24 maxlen: 24
155.117.244.0/24 maxlen: 24
162.141.114.0/24 maxlen: 24
162.141.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:5b:bd:98:dd:b7:c5:61:d2:9a:81:af:b5:cb:4c:fa:07:d4:3d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 16 03:23:29 2025 GMT
Not After : Jun 15 03:28:29 2026 GMT
Subject: CN=FD840EA1374E3C8D51751E7B207E8039AA7A1FD9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ab:bd:54:5a:14:11:67:24:35:fa:c6:fa:a4:
73:5f:8e:4b:35:fd:d0:32:96:4e:c8:18:35:a4:df:
fc:9c:49:cb:8f:6c:ae:44:a5:b3:12:fe:c4:89:26:
83:b1:75:a9:31:69:7f:12:35:ee:d2:e2:3b:08:06:
bc:2b:82:d4:61:c3:c9:96:2c:f7:02:15:0c:1e:7c:
0f:35:ec:7e:26:e7:42:6d:6c:c5:a4:5e:12:4e:87:
fb:56:fb:6a:c7:0b:6a:90:59:66:ab:0d:b1:47:30:
fd:14:6f:7d:97:79:b7:d6:73:66:43:a6:06:fe:63:
cd:e3:fd:f9:4f:b5:3e:06:e2:5b:d0:3a:86:b1:6c:
af:7c:1f:fa:58:2b:0a:03:04:c2:21:f3:96:15:15:
c2:6e:c0:4f:0b:08:e3:e5:0a:dc:00:b7:17:37:e7:
ef:d2:65:23:e3:cc:1e:2b:ea:38:0c:be:6a:de:29:
ff:eb:28:c8:98:14:ae:12:ab:24:bb:c5:4a:5a:c1:
85:16:e7:1a:d7:dd:f1:b2:8e:e8:64:8e:eb:c4:6c:
f4:ab:30:a0:b4:b7:71:38:3a:7e:22:36:dc:76:5c:
16:ae:1e:17:04:1c:06:ae:06:57:d2:eb:90:09:ea:
d8:6f:46:3f:15:4b:c2:fa:6a:c0:61:e6:c3:33:fb:
af:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:84:0E:A1:37:4E:3C:8D:51:75:1E:7B:20:7E:80:39:AA:7A:1F:D9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.71.0/24
143.14.162.0/24
155.117.243.0-155.117.244.255
162.141.114.0/24
162.141.130.0/24
Signature Algorithm: sha256WithRSAEncryption
50:a9:84:7d:d3:25:14:e6:cf:00:95:af:f1:4e:64:d3:a2:74:
8d:d2:8b:e0:6d:9d:b6:86:76:51:7b:91:f1:17:a9:c3:b9:a3:
64:b3:86:2d:d4:57:16:6c:f6:4c:4d:cc:8e:71:15:ee:8e:25:
92:e7:ab:43:29:ad:8b:34:6e:d1:ca:15:ab:c5:31:a4:ad:dc:
97:f7:5f:76:f0:ad:27:72:76:dd:fb:4f:01:66:5a:f9:0d:86:
74:02:58:26:80:21:ec:74:62:60:52:e4:4f:9b:50:ca:17:16:
7b:b1:be:76:04:b1:1b:89:19:0d:a0:08:92:48:99:7f:ef:85:
fe:12:4a:02:f7:52:02:b3:f4:fb:82:f7:19:07:1a:a2:01:84:
5b:ed:47:15:d1:4d:71:a4:89:1f:3a:f0:97:ca:27:0b:bc:33:
87:93:6e:e7:59:aa:7e:16:99:64:86:e6:83:7d:9b:37:88:81:
d5:de:ef:2b:d0:94:25:55:92:b3:9b:51:42:10:b4:e4:45:b6:
c4:18:78:48:34:8e:7e:c1:ef:e9:82:99:84:f8:9c:38:81:b3:
1e:0d:3c:1f:f0:51:7d:75:e1:ee:63:cf:3f:95:27:f7:a9:00:
3e:90:40:41:d8:b6:13:94:fa:56:04:bc:8a:61:8b:c3:dd:5d:
af:4e:ed:e7
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUPFu9mN23xWHSmoGvtctM+gfUPewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MTYwMzIzMjlaFw0yNjA2MTUwMzI4MjlaMDMxMTAvBgNV
BAMTKEZEODQwRUExMzc0RTNDOEQ1MTc1MUU3QjIwN0U4MDM5QUE3QTFGRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtq71UWhQRZyQ1+sb6pHNfjks1
/dAylk7IGDWk3/ycScuPbK5EpbMS/sSJJoOxdakxaX8SNe7S4jsIBrwrgtRhw8mW
LPcCFQwefA817H4m50JtbMWkXhJOh/tW+2rHC2qQWWarDbFHMP0Ub32XebfWc2ZD
pgb+Y83j/flPtT4G4lvQOoaxbK98H/pYKwoDBMIh85YVFcJuwE8LCOPlCtwAtxc3
5+/SZSPjzB4r6jgMvmreKf/rKMiYFK4SqyS7xUpawYUW5xrX3fGyjuhkjuvEbPSr
MKC0t3E4On4iNtx2XBauHhcEHAauBlfS65AJ6thvRj8VS8L6asBh5sMz+68rAgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQU/YQOoTdOPI1RdR57IH6AOap6H9kwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAjw5H
AwQAjw6iMAwDBACbdfMDBACbdfQDBACijXIDBACijYIwDQYJKoZIhvcNAQELBQAD
ggEBAFCphH3TJRTmzwCVr/FOZNOidI3Si+BtnbaGdlF7kfEXqcO5o2Szhi3UVxZs
9kxNzI5xFe6OJZLnq0MprYs0btHKFavFMaSt3Jf3X3bwrSdydt37TwFmWvkNhnQC
WCaAIex0YmBS5E+bUMoXFnuxvnYEsRuJGQ2gCJJImX/vhf4SSgL3UgKz9PuC9xkH
GqIBhFvtRxXRTXGkiR868JfKJwu8M4eTbudZqn4WmWSG5oN9mzeIgdXe7yvQlCVV
krObUUIQtORFtsQYeEg0jn7B7+mCmYT4nDiBsx4NPB/wUX114e5jzz+VJ/epAD6Q
QEHYthOU+lYEvIphi8PdXa9O7ec=
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:38:00 2025 by rpki-client