Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS138160.roa
File: AS138160.roa (raw, json)
Hash identifier: x/AN72/b+5budy/72yqvGYmh9a8io4rFUUN2VVSxJ3Q=
Subject key identifier: A6:51:40:A9:26:F9:F5:16:30:4A:72:79:38:D2:75:96:2A:14:23:07
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 46DF570F9355A096A62C07DCA548BBCCE50EEF4C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS138160.roa
Signing time: Wed 20 Aug 2025 13:15:32 +0000
ROA not before: Wed 20 Aug 2025 13:10:32 +0000
ROA not after: Wed 19 Aug 2026 13:15:32 +0000
asID: 138160
IP address blocks: 143.14.76.0/22 maxlen: 24
143.14.80.0/22 maxlen: 24
143.14.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:df:57:0f:93:55:a0:96:a6:2c:07:dc:a5:48:bb:cc:e5:0e:ef:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 20 13:10:32 2025 GMT
Not After : Aug 19 13:15:32 2026 GMT
Subject: CN=A65140A926F9F516304A727938D275962A142307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:95:3e:b7:6a:2e:0c:56:06:04:06:3e:0f:31:
3a:75:0c:05:cb:bf:7a:f9:f5:ed:9d:25:87:55:86:
f0:42:be:87:fa:e6:f9:7e:04:94:87:4b:26:b9:a8:
1a:fa:5e:88:73:e8:c0:c2:bf:e0:0e:2e:d5:13:01:
c1:64:e6:03:86:44:d8:7e:16:8b:78:8a:df:ef:d0:
50:33:47:e9:ef:5c:e2:f0:19:f4:81:af:5c:8e:d5:
b8:76:72:22:16:1d:35:d8:66:23:92:9e:e8:7a:8c:
73:18:48:17:6f:e7:c7:5f:49:92:60:eb:e4:89:b1:
f5:be:8e:88:8f:60:6a:ce:5f:2d:ef:1e:21:c1:90:
33:4d:1d:13:9d:5f:84:16:e9:65:bb:52:94:47:d0:
0b:3a:f0:98:e8:62:89:b7:eb:7e:72:f9:cf:45:89:
09:9c:71:a4:ed:08:3a:29:c1:6d:4a:34:83:3d:40:
53:d5:f9:63:e4:c2:89:e1:91:9a:af:34:8b:41:ba:
a7:a4:eb:cf:ae:38:37:29:42:9e:9e:95:f5:f3:90:
b0:5b:f5:ca:79:1a:80:0a:27:8e:c3:c0:6f:da:92:
64:6b:8e:f5:24:ba:36:fe:ab:f8:5e:c6:fb:b3:a4:
02:ea:ba:67:1a:04:15:b7:fd:45:0a:94:9c:8d:67:
d9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:51:40:A9:26:F9:F5:16:30:4A:72:79:38:D2:75:96:2A:14:23:07
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS138160.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.76.0-143.14.83.255
143.14.104.0/22
Signature Algorithm: sha256WithRSAEncryption
80:9a:d2:e7:f0:a7:6c:6e:36:52:94:00:d7:d4:d7:56:e7:ce:
3e:68:dd:3f:4b:50:ce:c1:7d:b4:bf:08:f8:6f:72:77:bf:45:
99:19:6f:de:90:0c:ed:2b:8a:e8:d8:00:47:be:f0:ef:64:c8:
ee:9e:3a:10:54:16:63:e4:c9:ee:14:6d:de:04:e9:3c:f6:95:
3d:45:c7:6c:c1:bd:77:5e:e7:1a:ad:1d:fb:95:86:f9:f1:0d:
8f:12:13:b5:6f:01:6c:5c:78:bd:24:2e:a0:9b:75:cd:7f:9d:
f5:cd:1c:ac:43:d9:6a:26:a9:47:ec:ff:a7:90:16:78:5a:f6:
3b:4b:6b:aa:08:4c:ca:c4:d7:92:20:ac:93:b0:d7:f5:14:58:
db:9f:dd:1a:c3:09:22:55:f2:47:79:1b:49:45:c6:f4:13:7a:
ad:9b:88:63:4c:90:c2:cf:bc:3d:4b:41:bb:a5:f9:dd:90:d4:
73:dc:58:d0:4a:67:6e:ff:e6:1b:fe:94:74:7f:65:bc:7c:b5:
6b:40:91:07:f8:31:f6:6b:3c:2f:41:2d:e4:ff:8b:ae:a4:00:
bb:be:5a:c1:1b:0f:93:6b:38:5b:e6:73:28:48:16:60:bf:04:
a3:69:7d:3c:02:e9:10:62:8c:5d:44:42:55:ce:9c:da:62:e2:
0b:10:32:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIURt9XD5NVoJamLAfcpUi7zOUO70wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjAxMzEwMzJaFw0yNjA4MTkxMzE1MzJaMDMxMTAvBgNV
BAMTKEE2NTE0MEE5MjZGOUY1MTYzMDRBNzI3OTM4RDI3NTk2MkExNDIzMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4lT63ai4MVgYEBj4PMTp1DAXL
v3r59e2dJYdVhvBCvof65vl+BJSHSya5qBr6Xohz6MDCv+AOLtUTAcFk5gOGRNh+
Fot4it/v0FAzR+nvXOLwGfSBr1yO1bh2ciIWHTXYZiOSnuh6jHMYSBdv58dfSZJg
6+SJsfW+joiPYGrOXy3vHiHBkDNNHROdX4QW6WW7UpRH0As68JjoYom3635y+c9F
iQmccaTtCDopwW1KNIM9QFPV+WPkwonhkZqvNItBuqek68+uODcpQp6elfXzkLBb
9cp5GoAKJ47DwG/akmRrjvUkujb+q/hexvuzpALqumcaBBW3/UUKlJyNZ9knAgMB
AAGjggIYMIICFDAdBgNVHQ4EFgQUplFAqSb59RYwSnJ5ONJ1lioUIwcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM4MTYwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKP
DkwDBAKPDlADBAKPDmgwDQYJKoZIhvcNAQELBQADggEBAICa0ufwp2xuNlKUANfU
11bnzj5o3T9LUM7BfbS/CPhvcne/RZkZb96QDO0riujYAEe+8O9kyO6eOhBUFmPk
ye4Ubd4E6Tz2lT1Fx2zBvXde5xqtHfuVhvnxDY8SE7VvAWxceL0kLqCbdc1/nfXN
HKxD2WomqUfs/6eQFnha9jtLa6oITMrE15IgrJOw1/UUWNuf3RrDCSJV8kd5G0lF
xvQTeq2biGNMkMLPvD1LQbul+d2Q1HPcWNBKZ27/5hv+lHR/Zbx8tWtAkQf4MfZr
PC9BLeT/i66kALu+WsEbD5NrOFvmcyhIFmC/BKNpfTwC6RBijF1EQlXOnNpi4gsQ
MnE=
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:53:55 2025 by rpki-client