Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: weaXJFxvhJh4oto/29LolP3q30mQQn1w7BdR94Hyguw=
Subject key identifier: 9E:A5:E8:9B:28:BD:52:67:51:58:00:E3:45:75:4C:7A:21:D9:12:4F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 25DA790478C78C12D86E2372F3CCED81A5EFA893
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
Signing time: Sat 23 Aug 2025 00:00:10 +0000
ROA not before: Fri 22 Aug 2025 23:55:10 +0000
ROA not after: Sat 22 Aug 2026 00:00:10 +0000
asID: 137517
IP address blocks: 143.14.95.0/24 maxlen: 24
155.117.207.0/24 maxlen: 24
167.148.2.0/24 maxlen: 24
167.148.8.0/24 maxlen: 24
167.148.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:da:79:04:78:c7:8c:12:d8:6e:23:72:f3:cc:ed:81:a5:ef:a8:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 22 23:55:10 2025 GMT
Not After : Aug 22 00:00:10 2026 GMT
Subject: CN=9EA5E89B28BD5267515800E345754C7A21D9124F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fc:11:df:ff:f1:fa:f3:ab:03:e6:d8:8f:af:
00:d8:5a:54:9c:02:68:98:79:11:8f:99:40:1c:df:
c5:80:f3:1c:f6:75:d7:30:0c:a9:15:d3:35:0a:1c:
88:41:ea:54:23:03:eb:11:7e:53:4e:be:2b:ae:92:
46:83:79:d3:93:44:4a:8d:70:1e:b0:09:38:47:10:
d1:c5:7c:86:85:52:6a:29:ae:d1:c6:69:c7:cd:f5:
68:82:e0:fb:e3:94:2b:5c:10:11:d0:9e:8c:67:e7:
08:9a:fb:bb:0b:29:1f:30:d2:82:f3:99:57:52:2b:
c6:6e:09:98:34:dd:e9:ed:34:74:95:e3:1e:28:5b:
62:f9:91:22:4c:39:2d:e5:e4:ff:70:3e:ce:b7:49:
8b:0b:34:8a:c3:8e:68:8e:b4:1b:d8:e9:49:96:9d:
a2:ff:4d:39:4f:1e:ee:e6:78:44:a9:0d:c5:82:a8:
3b:3e:29:c2:cd:01:2d:5c:c9:f0:02:b9:22:e2:c8:
d4:65:4d:3b:07:ea:c4:ee:49:ef:c4:17:8c:00:a7:
74:7a:09:1e:d3:11:fe:2a:60:58:2d:92:64:2f:df:
cb:66:11:a9:7a:ac:3c:7f:03:d4:b0:0d:a2:8a:f0:
45:12:49:6c:cf:e3:d1:b4:19:6c:12:ab:5a:aa:8d:
16:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A5:E8:9B:28:BD:52:67:51:58:00:E3:45:75:4C:7A:21:D9:12:4F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.95.0/24
155.117.207.0/24
167.148.2.0/24
167.148.8.0/24
167.148.172.0/24
Signature Algorithm: sha256WithRSAEncryption
02:2e:d5:2e:35:5c:a2:2f:78:f4:0f:3b:c8:4d:ed:d1:88:52:
bd:f2:9d:cf:29:e8:9d:bb:63:d0:e3:b9:39:f9:cf:ca:c3:8c:
d9:32:c2:c8:df:fe:ac:fb:d0:1a:8d:ee:4b:31:c8:f7:4d:ce:
0e:e6:c0:c1:a2:0c:0f:f9:4a:ad:0e:82:16:27:57:54:a1:a8:
57:ea:b3:e1:90:81:66:71:8f:10:cb:0e:6c:7b:7c:f4:24:b9:
bd:3c:9a:a7:bb:1f:54:f7:0a:a0:ee:21:fb:48:cb:86:35:d8:
5c:e3:92:11:a1:69:a8:4d:f1:fd:3a:2e:31:4a:2c:20:46:d5:
46:1e:32:cd:1c:c5:2d:6a:3a:7d:b1:94:11:55:d4:b1:94:db:
0a:ba:41:05:52:02:44:40:83:20:b5:25:21:89:09:25:84:f4:
ed:1a:fe:9b:0e:d3:e6:07:92:7d:19:32:23:6e:f9:51:1e:1d:
a9:be:78:32:7c:55:17:8d:a8:4d:c8:fc:d0:73:50:00:e8:4b:
10:76:20:81:01:29:8f:65:b7:16:26:15:30:6e:8c:90:43:b1:
44:30:e5:66:28:95:0d:dd:a6:4e:3b:15:04:93:d5:f7:4c:e5:
b5:b4:77:71:70:7d:b4:d2:4d:2e:64:70:03:36:41:cb:43:00:
5a:18:79:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUJdp5BHjHjBLYbiNy88ztgaXvqJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjIyMzU1MTBaFw0yNjA4MjIwMDAwMTBaMDMxMTAvBgNV
BAMTKDlFQTVFODlCMjhCRDUyNjc1MTU4MDBFMzQ1NzU0QzdBMjFEOTEyNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy/BHf//H686sD5tiPrwDYWlSc
AmiYeRGPmUAc38WA8xz2ddcwDKkV0zUKHIhB6lQjA+sRflNOviuukkaDedOTREqN
cB6wCThHENHFfIaFUmoprtHGacfN9WiC4PvjlCtcEBHQnoxn5wia+7sLKR8w0oLz
mVdSK8ZuCZg03entNHSV4x4oW2L5kSJMOS3l5P9wPs63SYsLNIrDjmiOtBvY6UmW
naL/TTlPHu7meESpDcWCqDs+KcLNAS1cyfACuSLiyNRlTTsH6sTuSe/EF4wAp3R6
CR7TEf4qYFgtkmQv38tmEal6rDx/A9SwDaKK8EUSSWzP49G0GWwSq1qqjRbfAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUnqXomyi9UmdRWADjRXVMeiHZEk8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAjw5f
AwQAm3XPAwQAp5QCAwQAp5QIAwQAp5SsMA0GCSqGSIb3DQEBCwUAA4IBAQACLtUu
NVyiL3j0DzvITe3RiFK98p3PKeidu2PQ47k5+c/Kw4zZMsLI3/6s+9Aaje5LMcj3
Tc4O5sDBogwP+UqtDoIWJ1dUoahX6rPhkIFmcY8Qyw5se3z0JLm9PJqnux9U9wqg
7iH7SMuGNdhc45IRoWmoTfH9Oi4xSiwgRtVGHjLNHMUtajp9sZQRVdSxlNsKukEF
UgJEQIMgtSUhiQklhPTtGv6bDtPmB5J9GTIjbvlRHh2pvngyfFUXjahNyPzQc1AA
6EsQdiCBASmPZbcWJhUwboyQQ7FEMOVmKJUN3aZOOxUEk9X3TOW1tHdxcH200k0u
ZHADNkHLQwBaGHm9
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:53:34 2025 by rpki-client