Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: yaP83zYnu5DP7uL9V/QqDP4kMrvcyN2rIwAiLHcomtI=
Subject key identifier: D2:8A:0B:EB:34:7A:13:B7:4B:CE:75:D4:BB:0C:14:87:4B:FB:C4:EC
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7FA93325DDB499D7602973DFC1B4E65959DCBAF1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
Signing time: Fri 27 Jun 2025 09:58:36 +0000
ROA not before: Fri 27 Jun 2025 09:53:36 +0000
ROA not after: Fri 26 Jun 2026 09:58:36 +0000
asID: 137517
IP address blocks: 143.14.95.0/24 maxlen: 24
143.14.190.0/24 maxlen: 24
155.117.113.0/24 maxlen: 24
155.117.144.0/24 maxlen: 24
155.117.207.0/24 maxlen: 24
155.117.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:a9:33:25:dd:b4:99:d7:60:29:73:df:c1:b4:e6:59:59:dc:ba:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 27 09:53:36 2025 GMT
Not After : Jun 26 09:58:36 2026 GMT
Subject: CN=D28A0BEB347A13B74BCE75D4BB0C14874BFBC4EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:09:43:a0:e1:05:00:fa:61:84:53:50:e2:f7:
28:6a:86:61:5c:48:7d:7c:f2:ac:7c:fd:2b:5b:cf:
95:e5:8f:2f:db:a7:12:01:f7:1b:46:a9:2f:1f:3e:
85:a4:52:c9:da:1d:b8:4c:5b:1f:07:92:eb:29:47:
8e:b9:93:01:3b:60:b5:a7:39:33:bf:b5:2c:39:c5:
b6:09:78:e5:d9:f9:bb:9b:12:91:74:72:d3:46:2a:
1b:db:c7:e8:20:82:2c:e8:53:31:ee:92:2e:e2:54:
ca:f4:f6:92:a5:ad:f9:6b:b6:cc:2c:c9:55:3e:cb:
f8:bc:64:bb:7c:f3:d7:18:8c:c5:42:ac:ed:46:a8:
65:c6:79:c6:fe:be:f7:26:ef:88:51:71:5e:11:40:
c0:af:46:9f:b2:78:d8:d3:f9:39:04:5f:cb:6f:cd:
43:95:42:9a:8b:c7:c4:54:9d:b1:4a:12:00:6d:2f:
12:92:8d:a2:ec:f6:8e:4a:ef:77:10:01:9e:f4:5d:
26:71:60:4a:18:5f:61:d0:97:f1:4a:ca:20:8b:38:
33:c1:6c:aa:af:23:46:d6:65:a7:fb:f6:79:4b:53:
0c:43:91:5d:c3:3d:d2:a7:70:4c:f0:41:bd:85:34:
a3:e9:f7:0b:44:93:8c:99:3c:2f:83:20:30:c7:bc:
10:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:8A:0B:EB:34:7A:13:B7:4B:CE:75:D4:BB:0C:14:87:4B:FB:C4:EC
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.95.0/24
143.14.190.0/24
155.117.113.0/24
155.117.144.0/24
155.117.207.0/24
155.117.241.0/24
Signature Algorithm: sha256WithRSAEncryption
08:4f:9d:5d:9f:77:14:48:f1:53:fb:28:90:77:29:66:ca:1a:
94:84:10:1b:f1:59:58:56:c7:53:69:b5:67:62:2a:15:eb:65:
8a:ef:45:aa:ac:2a:90:f3:43:6a:d4:a5:f4:ac:c6:78:7d:1e:
14:14:e8:9c:f8:0f:71:ac:93:6a:5b:e3:a4:4d:43:d4:67:77:
51:08:6c:97:46:ac:a1:21:9d:de:d9:c1:3e:41:22:e4:b7:5f:
4a:e3:c6:3e:b4:56:07:31:1b:aa:ee:e9:8c:3d:5a:73:6a:8c:
57:1f:a2:e0:5e:20:62:6d:c8:d5:44:9e:9b:6d:ee:9b:e4:7e:
9d:b4:1f:c3:a2:aa:12:a2:a0:b2:f9:1f:5c:6f:02:b6:58:22:
59:46:38:c4:f1:df:18:af:5a:24:c2:a9:af:c8:3c:4e:a7:65:
50:38:24:9a:21:f7:8f:75:f0:09:3f:66:ef:6a:72:2f:96:2d:
67:9b:96:4d:fb:f8:35:28:4a:08:ba:70:88:1c:7f:9f:b2:49:
55:31:32:22:b4:99:e6:f4:0f:dd:97:8a:6d:c2:48:84:3f:79:
dc:c6:0c:31:43:86:53:00:a4:6b:fa:3f:2e:15:80:c2:3e:4f:
4a:b2:9b:f9:c9:40:2c:3a:a3:25:ca:4e:b4:45:60:9a:5b:f1:
0f:0d:e2:a8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUf6kzJd20mddgKXPfwbTmWVncuvEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjcwOTUzMzZaFw0yNjA2MjYwOTU4MzZaMDMxMTAvBgNV
BAMTKEQyOEEwQkVCMzQ3QTEzQjc0QkNFNzVENEJCMEMxNDg3NEJGQkM0RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhCUOg4QUA+mGEU1Di9yhqhmFc
SH188qx8/Stbz5Xljy/bpxIB9xtGqS8fPoWkUsnaHbhMWx8HkuspR465kwE7YLWn
OTO/tSw5xbYJeOXZ+bubEpF0ctNGKhvbx+gggizoUzHuki7iVMr09pKlrflrtsws
yVU+y/i8ZLt889cYjMVCrO1GqGXGecb+vvcm74hRcV4RQMCvRp+yeNjT+TkEX8tv
zUOVQpqLx8RUnbFKEgBtLxKSjaLs9o5K73cQAZ70XSZxYEoYX2HQl/FKyiCLODPB
bKqvI0bWZaf79nlLUwxDkV3DPdKncEzwQb2FNKPp9wtEk4yZPC+DIDDHvBCTAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQU0ooL6zR6E7dLznXUuwwUh0v7xOwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjw5f
AwQAjw6+AwQAm3VxAwQAm3WQAwQAm3XPAwQAm3XxMA0GCSqGSIb3DQEBCwUAA4IB
AQAIT51dn3cUSPFT+yiQdylmyhqUhBAb8VlYVsdTabVnYioV62WK70WqrCqQ80Nq
1KX0rMZ4fR4UFOic+A9xrJNqW+OkTUPUZ3dRCGyXRqyhIZ3e2cE+QSLkt19K48Y+
tFYHMRuq7umMPVpzaoxXH6LgXiBibcjVRJ6bbe6b5H6dtB/DoqoSoqCy+R9cbwK2
WCJZRjjE8d8Yr1okwqmvyDxOp2VQOCSaIfePdfAJP2bvanIvli1nm5ZN+/g1KEoI
unCIHH+fsklVMTIitJnm9A/dl4ptwkiEP3ncxgwxQ4ZTAKRr+j8uFYDCPk9Kspv5
yUAsOqMlyk60RWCaW/EPDeKo
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:29:03 2025 by rpki-client