Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137557.roa
File: AS137557.roa (raw, json)
Hash identifier: aXWmNkr5SqKG/gxbxpgi+0dpF+Bq6M8x7JSoOBTnelw=
Subject key identifier: 32:31:BA:C1:AD:FF:02:4A:28:ED:1F:F2:CB:86:92:55:C9:7F:24:F3
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 680C5198134BEAC42B28E73472CCC4989246C4C0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137557.roa
Signing time: Wed 13 Aug 2025 09:50:20 +0000
ROA not before: Wed 13 Aug 2025 09:45:20 +0000
ROA not after: Wed 12 Aug 2026 09:50:20 +0000
asID: 137557
IP address blocks: 143.14.76.0/22 maxlen: 24
143.14.80.0/22 maxlen: 24
143.14.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:0c:51:98:13:4b:ea:c4:2b:28:e7:34:72:cc:c4:98:92:46:c4:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 13 09:45:20 2025 GMT
Not After : Aug 12 09:50:20 2026 GMT
Subject: CN=3231BAC1ADFF024A28ED1FF2CB869255C97F24F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ec:c0:e1:3f:ec:19:6e:2a:2d:7d:e8:4a:87:
76:32:5d:71:dd:5d:27:fc:74:00:06:43:07:57:90:
7a:c9:a7:8e:5f:76:6f:df:34:a3:cd:3b:a5:bd:63:
ce:5d:b4:58:83:f1:42:0a:b3:a8:24:3c:2b:fe:37:
40:64:85:66:85:69:08:c5:b1:8b:52:52:04:d3:69:
f8:ef:d2:33:85:2c:49:89:92:7e:b3:12:25:28:94:
50:ed:12:d4:97:61:c4:ed:48:9c:91:69:d8:c2:cf:
a6:22:c5:e7:49:e8:bc:99:08:62:be:36:11:70:e8:
d1:29:80:53:73:c8:65:32:74:2d:53:0b:41:e9:80:
2f:0a:b3:c2:6d:85:91:c1:cf:f3:e9:e7:c4:a7:2c:
a7:ac:0c:56:ff:0b:3a:24:79:1f:91:7a:7d:12:1d:
1e:b1:0f:4d:1e:ea:14:0a:42:de:81:56:1d:b9:2f:
2a:9c:73:22:47:d4:6c:96:e1:70:2c:c3:33:10:11:
a9:c1:f2:d3:f1:7e:86:5f:bd:1b:99:01:7f:53:5f:
f5:a7:e6:85:5d:6c:7c:93:a4:c1:da:13:cc:df:3f:
7c:4e:84:b8:6c:a7:5f:59:ce:c3:c3:f0:03:92:3c:
13:0b:7b:9c:79:73:41:a6:5e:a3:b7:eb:94:d0:8c:
db:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:31:BA:C1:AD:FF:02:4A:28:ED:1F:F2:CB:86:92:55:C9:7F:24:F3
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137557.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.76.0-143.14.83.255
143.14.104.0/22
Signature Algorithm: sha256WithRSAEncryption
93:2e:cd:97:5b:3b:73:5f:64:2b:4a:44:7e:6e:b7:c3:76:1e:
f5:b2:50:63:98:1f:06:73:69:fa:86:e0:1f:f2:31:f3:61:07:
88:38:ff:27:f7:4e:33:2c:1d:2f:4a:80:4b:fa:25:17:63:20:
ed:f9:49:75:09:49:03:1b:40:35:c4:3e:8d:3e:22:76:cf:85:
f3:f1:f5:2c:6f:0a:ee:67:69:9d:dd:48:47:40:aa:0f:32:8b:
a4:26:43:46:cf:b1:4d:ed:26:67:af:17:e0:97:41:e5:d6:d5:
b3:59:7f:4c:df:dd:00:c9:94:08:c4:42:ec:64:65:c3:02:e0:
53:22:27:31:f7:c5:21:a9:c3:38:6b:75:cc:b5:2e:20:7a:11:
14:60:3f:4f:75:01:52:47:5b:57:2d:40:f2:ff:41:ca:57:0c:
96:ad:88:8d:00:86:e2:a0:9a:df:47:bb:0b:d0:90:a8:74:83:
bf:3e:81:f6:a4:ca:b4:e5:6b:ae:2f:a0:58:94:b2:c4:47:43:
bc:db:50:f3:b1:aa:ff:bc:ba:24:fa:fa:0f:87:5b:94:6f:cf:
44:4b:2d:6d:4a:ba:f0:33:f1:01:a7:19:63:74:0b:0b:19:b0:
d4:e0:ed:7a:10:ef:8c:1d:e3:d5:20:e0:a8:39:9b:7b:43:15:
59:9f:c9:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUaAxRmBNL6sQrKOc0cszEmJJGxMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTMwOTQ1MjBaFw0yNjA4MTIwOTUwMjBaMDMxMTAvBgNV
BAMTKDMyMzFCQUMxQURGRjAyNEEyOEVEMUZGMkNCODY5MjU1Qzk3RjI0RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx7MDhP+wZbiotfehKh3YyXXHd
XSf8dAAGQwdXkHrJp45fdm/fNKPNO6W9Y85dtFiD8UIKs6gkPCv+N0BkhWaFaQjF
sYtSUgTTafjv0jOFLEmJkn6zEiUolFDtEtSXYcTtSJyRadjCz6YixedJ6LyZCGK+
NhFw6NEpgFNzyGUydC1TC0HpgC8Ks8JthZHBz/Pp58SnLKesDFb/CzokeR+Ren0S
HR6xD00e6hQKQt6BVh25LyqccyJH1GyW4XAswzMQEanB8tPxfoZfvRuZAX9TX/Wn
5oVdbHyTpMHaE8zfP3xOhLhsp19ZzsPD8AOSPBMLe5x5c0GmXqO365TQjNtHAgMB
AAGjggIYMIICFDAdBgNVHQ4EFgQUMjG6wa3/Akoo7R/yy4aSVcl/JPMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3NTU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKP
DkwDBAKPDlADBAKPDmgwDQYJKoZIhvcNAQELBQADggEBAJMuzZdbO3NfZCtKRH5u
t8N2HvWyUGOYHwZzafqG4B/yMfNhB4g4/yf3TjMsHS9KgEv6JRdjIO35SXUJSQMb
QDXEPo0+InbPhfPx9SxvCu5naZ3dSEdAqg8yi6QmQ0bPsU3tJmevF+CXQeXW1bNZ
f0zf3QDJlAjEQuxkZcMC4FMiJzH3xSGpwzhrdcy1LiB6ERRgP091AVJHW1ctQPL/
QcpXDJatiI0AhuKgmt9HuwvQkKh0g78+gfakyrTla64voFiUssRHQ7zbUPOxqv+8
uiT6+g+HW5Rvz0RLLW1KuvAz8QGnGWN0CwsZsNTg7XoQ74wd49Ug4Kg5m3tDFVmf
ySM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:48:43 2025 by rpki-client