Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: I90Md0+FW+nB8G44tnH2OvsMvGfkL9vlvxs4F9aAaAg=
Subject key identifier: 38:46:D1:69:31:F0:C0:E4:F3:1A:6E:75:71:89:5A:12:E8:A8:24:9E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 08F3003CB51F49F65E1113D4908A445F6B0519AB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
Signing time: Fri 26 Sep 2025 12:32:43 +0000
ROA not before: Fri 26 Sep 2025 12:27:43 +0000
ROA not after: Fri 25 Sep 2026 12:32:43 +0000
asID: 137517
IP address blocks: 143.14.95.0/24 maxlen: 24
155.117.207.0/24 maxlen: 24
167.148.8.0/24 maxlen: 24
167.148.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:f3:00:3c:b5:1f:49:f6:5e:11:13:d4:90:8a:44:5f:6b:05:19:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 26 12:27:43 2025 GMT
Not After : Sep 25 12:32:43 2026 GMT
Subject: CN=3846D16931F0C0E4F31A6E7571895A12E8A8249E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:13:e0:0c:57:ea:b8:38:32:51:92:c0:ec:b0:
fb:4a:41:c8:55:fc:76:b6:2f:70:cc:4d:ae:cd:06:
56:b4:8e:6c:d9:e6:73:23:d7:ca:bf:b8:93:0f:44:
50:5f:9a:c9:c4:d8:2c:9d:fb:46:85:38:65:e1:29:
39:92:1d:98:4a:8c:b1:73:5f:6a:77:24:2f:98:23:
31:d6:01:cd:23:a3:6e:63:24:9e:0d:77:c4:db:2b:
05:ba:a8:8b:6c:ed:d9:60:18:52:51:a3:51:29:a4:
54:e9:62:14:97:70:16:76:20:49:2e:d8:a4:7e:26:
6e:01:18:6f:e4:3d:25:94:6b:e0:f1:a2:23:aa:2e:
cd:63:c7:77:e6:8a:b4:13:3f:61:47:b8:1b:f7:42:
06:37:72:1b:95:9f:4c:2c:fd:49:a4:4c:a1:45:77:
81:2d:41:5d:3a:cb:b9:46:28:03:f0:27:58:4a:91:
4c:6b:ea:a7:53:da:36:8d:d1:81:39:af:1c:bc:e9:
35:c5:c9:ec:73:34:d6:02:00:98:98:b5:0b:53:a0:
86:ea:b0:cf:dc:d8:44:ea:e6:eb:b6:8d:bd:67:d8:
2f:ed:00:c3:a5:d8:41:fe:77:59:20:8a:32:6b:a0:
88:45:61:b4:b6:58:5c:7b:33:55:d5:a9:58:92:bb:
4c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:46:D1:69:31:F0:C0:E4:F3:1A:6E:75:71:89:5A:12:E8:A8:24:9E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.95.0/24
155.117.207.0/24
167.148.8.0/24
167.148.41.0/24
Signature Algorithm: sha256WithRSAEncryption
08:d1:a4:fc:95:d5:a9:92:e0:2d:ce:63:d6:b7:1e:85:ea:1d:
61:c2:f0:4f:ae:26:d3:ca:53:97:54:80:23:3e:23:b6:32:73:
ba:04:6a:e0:ae:01:22:19:fa:25:cb:dc:f4:f0:a3:0e:f3:05:
7d:cd:be:e8:52:0e:43:29:5f:0c:87:c5:9f:21:36:2c:55:19:
43:a8:5e:04:c3:04:cc:1e:cf:90:07:4c:0b:fc:0c:0d:e7:db:
d8:0e:60:91:63:18:66:65:db:c5:ab:a4:76:14:25:0b:5d:ba:
ac:b1:23:a6:5d:56:90:32:c2:33:ed:c8:61:f8:4e:62:36:e5:
7b:14:0e:ce:63:d6:b1:6b:b5:4a:c7:ef:87:56:ac:1f:5c:52:
ea:e9:78:b0:f2:22:83:5e:13:ae:c5:2f:01:1a:13:a6:46:6e:
4b:e3:e5:e3:3e:05:d9:d3:33:20:8c:bc:be:f7:d8:8d:61:1e:
82:42:1e:31:a5:b3:5b:2a:d1:2c:a2:27:b2:a0:92:36:1c:89:
4c:8a:4a:3c:0b:a6:d5:c1:d3:5d:b0:d2:6e:c5:a7:3b:d0:bc:
d7:17:57:13:a5:0f:cb:46:e3:cf:18:7a:7b:b4:5e:56:06:27:
1a:65:4c:d9:03:96:0f:60:3a:88:52:46:88:e7:06:7b:9f:6e:
a3:e6:19:a4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUCPMAPLUfSfZeERPUkIpEX2sFGaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MjYxMjI3NDNaFw0yNjA5MjUxMjMyNDNaMDMxMTAvBgNV
BAMTKDM4NDZEMTY5MzFGMEMwRTRGMzFBNkU3NTcxODk1QTEyRThBODI0OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQE+AMV+q4ODJRksDssPtKQchV
/Ha2L3DMTa7NBla0jmzZ5nMj18q/uJMPRFBfmsnE2Cyd+0aFOGXhKTmSHZhKjLFz
X2p3JC+YIzHWAc0jo25jJJ4Nd8TbKwW6qIts7dlgGFJRo1EppFTpYhSXcBZ2IEku
2KR+Jm4BGG/kPSWUa+DxoiOqLs1jx3fmirQTP2FHuBv3QgY3chuVn0ws/UmkTKFF
d4EtQV06y7lGKAPwJ1hKkUxr6qdT2jaN0YE5rxy86TXFyexzNNYCAJiYtQtToIbq
sM/c2ETq5uu2jb1n2C/tAMOl2EH+d1kgijJroIhFYbS2WFx7M1XVqViSu0ypAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUOEbRaTHwwOTzGm51cYlaEuioJJ4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw5f
AwQAm3XPAwQAp5QIAwQAp5QpMA0GCSqGSIb3DQEBCwUAA4IBAQAI0aT8ldWpkuAt
zmPWtx6F6h1hwvBPribTylOXVIAjPiO2MnO6BGrgrgEiGfoly9z08KMO8wV9zb7o
Ug5DKV8Mh8WfITYsVRlDqF4EwwTMHs+QB0wL/AwN59vYDmCRYxhmZdvFq6R2FCUL
XbqssSOmXVaQMsIz7chh+E5iNuV7FA7OY9axa7VKx++HVqwfXFLq6Xiw8iKDXhOu
xS8BGhOmRm5L4+XjPgXZ0zMgjLy+99iNYR6CQh4xpbNbKtEsoieyoJI2HIlMiko8
C6bVwdNdsNJuxac70LzXF1cTpQ/LRuPPGHp7tF5WBicaZUzZA5YPYDqIUkaI5wZ7
n26j5hmk
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:12:16 2025 by rpki-client