Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: P/mSs8xV93b4ike9wv8gG0eLnmVQYbjkgYGQBsrjoGY=
Subject key identifier: DF:87:F9:9B:13:34:2E:0B:B9:8B:68:57:D7:69:44:BE:AC:24:20:10
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 521BF2B4DE73E3B3AD72D48BE469C5407352C010
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
Signing time: Tue 06 May 2025 11:29:13 +0000
ROA not before: Tue 06 May 2025 11:24:13 +0000
ROA not after: Tue 05 May 2026 11:29:13 +0000
asID: 137517
IP address blocks: 155.117.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:1b:f2:b4:de:73:e3:b3:ad:72:d4:8b:e4:69:c5:40:73:52:c0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 6 11:24:13 2025 GMT
Not After : May 5 11:29:13 2026 GMT
Subject: CN=DF87F99B13342E0BB98B6857D76944BEAC242010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:35:e2:5a:70:f7:fe:e5:f6:a9:b6:72:5b:dc:
fb:c5:89:9e:51:ea:48:ad:bd:63:99:e6:22:3b:eb:
53:93:84:d8:9c:1e:01:0e:6d:1e:2c:02:a5:6a:23:
bd:e8:c0:d7:8c:6d:4e:ba:84:27:51:05:e7:d4:8f:
cc:7e:d8:b2:7e:13:19:12:cb:67:6c:84:2a:12:15:
74:67:2d:ca:9a:db:84:82:bf:8d:00:c8:39:3b:bc:
cf:47:1a:19:0e:bd:9f:a1:26:06:53:4d:a5:7a:f0:
33:cb:0d:a5:cf:a7:62:e2:5c:9d:38:a3:8e:a5:51:
af:04:18:df:11:1f:50:c2:0d:bc:a6:3b:80:ad:33:
93:25:4c:a2:e9:79:b3:d7:df:76:9c:22:2a:1e:80:
39:fa:d1:1a:9a:8b:8e:34:6a:92:55:29:23:fb:4d:
48:69:c1:43:9e:6f:40:28:fb:9d:c9:90:eb:4e:b6:
d8:1f:54:f9:e8:cc:21:0c:21:43:fa:4e:ac:c4:8a:
c2:bd:3e:6a:4e:58:30:9c:70:9a:36:6a:c8:a7:3e:
2f:c2:ec:ac:28:e0:a8:62:f6:76:c8:c0:43:28:09:
45:5e:2d:22:dd:67:19:a5:2c:49:42:92:1a:c5:3c:
6c:74:73:ae:2a:4f:be:6b:6d:a4:43:7c:66:e8:ec:
8c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:87:F9:9B:13:34:2E:0B:B9:8B:68:57:D7:69:44:BE:AC:24:20:10
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.241.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:18:27:40:05:9d:e7:fe:9e:88:1e:bc:19:fe:e0:74:0d:87:
ef:c3:c7:ab:e3:02:31:d9:21:87:72:32:e2:04:91:24:15:bf:
c5:53:62:64:7b:7e:be:c8:15:75:a8:2d:6c:80:05:5f:23:10:
04:a3:2a:a0:0e:a1:8b:1c:86:45:7d:39:4c:cc:48:8b:c5:74:
33:23:d2:ef:72:24:69:8b:54:60:4b:c4:12:97:0b:55:e1:38:
1f:12:4f:84:70:de:bb:21:a5:1d:79:a0:3f:7b:b7:0b:77:0f:
ab:7f:ee:e7:32:d0:db:e4:76:c4:93:f7:ef:88:77:50:b4:fe:
c0:c0:95:4c:84:20:9d:91:8f:68:58:5b:63:3f:7c:bb:af:0f:
c5:46:76:9a:ec:f9:53:a1:28:66:df:bf:d5:15:4d:ee:79:1e:
8f:84:79:be:b3:4a:04:a0:e7:7d:e7:89:b5:66:a5:60:e5:f2:
26:d7:48:9a:91:6b:15:f4:66:9e:5c:4d:61:d4:03:1e:9f:13:
50:97:f2:55:c7:ba:08:e6:49:b9:02:90:4b:eb:88:26:8d:11:
2f:11:c2:1e:70:be:c7:1c:be:08:40:99:c2:fc:2c:d0:0b:9d:
ab:c9:62:71:3f:4c:06:9f:80:78:7f:db:db:3f:72:6a:f9:34:
73:aa:5e:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUUhvytN5z47OtctSL5GnFQHNSwBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDYxMTI0MTNaFw0yNjA1MDUxMTI5MTNaMDMxMTAvBgNV
BAMTKERGODdGOTlCMTMzNDJFMEJCOThCNjg1N0Q3Njk0NEJFQUMyNDIwMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxNeJacPf+5faptnJb3PvFiZ5R
6kitvWOZ5iI761OThNicHgEObR4sAqVqI73owNeMbU66hCdRBefUj8x+2LJ+ExkS
y2dshCoSFXRnLcqa24SCv40AyDk7vM9HGhkOvZ+hJgZTTaV68DPLDaXPp2LiXJ04
o46lUa8EGN8RH1DCDbymO4CtM5MlTKLpebPX33acIioegDn60Rqai440apJVKSP7
TUhpwUOeb0Ao+53JkOtOttgfVPnozCEMIUP6TqzEisK9PmpOWDCccJo2asinPi/C
7Kwo4Khi9nbIwEMoCUVeLSLdZxmlLElCkhrFPGx0c64qT75rbaRDfGbo7Iz5AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU34f5mxM0Lgu5i2hX12lEvqwkIBAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAm3Xx
MA0GCSqGSIb3DQEBCwUAA4IBAQAbGCdABZ3n/p6IHrwZ/uB0DYfvw8er4wIx2SGH
cjLiBJEkFb/FU2Jke36+yBV1qC1sgAVfIxAEoyqgDqGLHIZFfTlMzEiLxXQzI9Lv
ciRpi1RgS8QSlwtV4TgfEk+EcN67IaUdeaA/e7cLdw+rf+7nMtDb5HbEk/fviHdQ
tP7AwJVMhCCdkY9oWFtjP3y7rw/FRnaa7PlToShm37/VFU3ueR6PhHm+s0oEoOd9
54m1ZqVg5fIm10iakWsV9GaeXE1h1AMenxNQl/JVx7oI5km5ApBL64gmjREvEcIe
cL7HHL4IQJnC/CzQC52ryWJxP0wGn4B4f9vbP3Jq+TRzql6/
-----END CERTIFICATE-----
Generated at Sat May 10 08:18:20 2025 by rpki-client