Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS152918.roa
File: AS152918.roa (raw, json)
Hash identifier: D7vnHqWygDh3BD50GKQ2Cze14zBnWyVfjfQMiYoMsks=
Subject key identifier: C7:84:8B:7C:02:AC:41:E8:72:5E:72:72:C9:F8:8D:06:5B:A2:81:0B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3B818839F438D4D2EAAD8D031A551E2292E0A872
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS152918.roa
Signing time: Thu 08 May 2025 12:47:40 +0000
ROA not before: Thu 08 May 2025 12:42:40 +0000
ROA not after: Thu 07 May 2026 12:47:40 +0000
asID: 152918
IP address blocks: 150.241.240.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:81:88:39:f4:38:d4:d2:ea:ad:8d:03:1a:55:1e:22:92:e0:a8:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 8 12:42:40 2025 GMT
Not After : May 7 12:47:40 2026 GMT
Subject: CN=C7848B7C02AC41E8725E7272C9F88D065BA2810B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0b:32:77:3b:d1:1f:2d:ab:09:72:60:bd:43:
00:2d:c9:0f:5d:a3:6a:ce:b9:47:ab:2a:3b:28:8c:
18:f6:aa:7a:b2:81:b2:a6:38:73:5b:05:b8:0d:0b:
c2:09:41:66:b9:71:5e:3e:ff:4d:ec:4a:52:6e:cb:
29:9a:7e:79:22:5a:d4:89:48:fd:ca:53:b6:1c:49:
6f:40:82:4b:13:2e:86:bf:8a:42:cd:1f:ed:2d:a1:
09:22:44:89:ba:29:b4:4c:ed:e8:5f:40:72:f7:7d:
90:55:02:a1:cd:a3:1c:bf:47:2e:a7:0f:8d:4c:06:
a5:b0:cf:57:62:25:dc:b7:e9:b2:3d:d4:fd:19:25:
d5:4a:63:db:a7:cc:45:30:e0:e1:c7:73:3e:bf:46:
09:be:58:35:37:b4:94:1b:03:6f:df:aa:e2:85:d9:
d2:44:d7:42:92:8e:ac:f9:d4:d1:c6:5f:25:f5:f5:
56:d3:dc:15:dd:f3:b5:ee:e8:88:33:5e:23:50:84:
53:ee:d1:64:cd:86:4f:f8:d9:1b:65:b4:bc:52:34:
c7:c2:a3:b0:a7:55:62:f5:34:15:73:8a:e1:04:f6:
1a:43:77:7e:c1:2f:34:22:cc:21:0a:f8:7a:af:b7:
03:e0:4c:99:99:2d:c8:dc:96:48:8e:9b:aa:87:3d:
c6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:84:8B:7C:02:AC:41:E8:72:5E:72:72:C9:F8:8D:06:5B:A2:81:0B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS152918.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.240.0/23
Signature Algorithm: sha256WithRSAEncryption
26:81:7a:d0:37:43:ff:db:25:10:b4:46:98:61:fc:64:ba:af:
68:74:bf:f2:5c:b4:5e:c3:b9:36:b8:07:17:87:14:61:0c:d7:
07:71:50:aa:a5:47:ca:aa:3b:86:de:42:4b:43:ab:9d:72:60:
f2:7d:0a:23:60:1a:58:51:18:fb:d0:64:dc:77:c8:07:27:ed:
70:02:bf:9a:ca:57:58:40:f7:e6:75:81:7d:e4:d7:b0:20:df:
4e:6f:74:8e:d6:36:67:91:4f:6b:7c:c6:8c:d9:28:53:66:7b:
13:47:3e:f0:40:03:00:1d:f9:d6:c8:b1:2f:bb:5d:0d:9d:0e:
fc:0c:01:2e:ba:2a:40:44:dc:5a:da:ee:c4:01:f9:2d:04:7a:
84:8d:f6:ef:cb:5a:e4:94:da:88:3e:c5:31:f6:04:d2:cf:04:
e3:93:94:88:dd:07:2a:ca:ae:36:8d:13:4e:dd:6c:6e:b7:fe:
89:69:ab:8b:ee:1f:69:dc:36:5d:a4:3c:bd:c9:dc:fb:ac:11:
99:ed:9b:23:53:0a:bf:2d:a5:a4:e1:94:68:9f:62:ce:aa:ad:
88:51:6e:d7:89:eb:5a:b4:53:99:ab:e7:e6:2a:69:b0:04:bd:
1a:d8:1a:02:89:39:8e:d7:1b:48:eb:47:9d:11:6e:83:8e:22:
e0:c4:22:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUO4GIOfQ41NLqrY0DGlUeIpLgqHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDgxMjQyNDBaFw0yNjA1MDcxMjQ3NDBaMDMxMTAvBgNV
BAMTKEM3ODQ4QjdDMDJBQzQxRTg3MjVFNzI3MkM5Rjg4RDA2NUJBMjgxMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+CzJ3O9EfLasJcmC9QwAtyQ9d
o2rOuUerKjsojBj2qnqygbKmOHNbBbgNC8IJQWa5cV4+/03sSlJuyymafnkiWtSJ
SP3KU7YcSW9AgksTLoa/ikLNH+0toQkiRIm6KbRM7ehfQHL3fZBVAqHNoxy/Ry6n
D41MBqWwz1diJdy36bI91P0ZJdVKY9unzEUw4OHHcz6/Rgm+WDU3tJQbA2/fquKF
2dJE10KSjqz51NHGXyX19VbT3BXd87Xu6IgzXiNQhFPu0WTNhk/42RtltLxSNMfC
o7CnVWL1NBVziuEE9hpDd37BLzQizCEK+HqvtwPgTJmZLcjclkiOm6qHPcaLAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUx4SLfAKsQehyXnJyyfiNBluigQswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTUyOTE4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlvHw
MA0GCSqGSIb3DQEBCwUAA4IBAQAmgXrQN0P/2yUQtEaYYfxkuq9odL/yXLRew7k2
uAcXhxRhDNcHcVCqpUfKqjuG3kJLQ6udcmDyfQojYBpYURj70GTcd8gHJ+1wAr+a
yldYQPfmdYF95NewIN9Ob3SO1jZnkU9rfMaM2ShTZnsTRz7wQAMAHfnWyLEvu10N
nQ78DAEuuipARNxa2u7EAfktBHqEjfbvy1rklNqIPsUx9gTSzwTjk5SI3Qcqyq42
jRNO3Wxut/6JaauL7h9p3DZdpDy9ydz7rBGZ7ZsjUwq/LaWk4ZRon2LOqq2IUW7X
ietatFOZq+fmKmmwBL0a2BoCiTmO1xtI60edEW6DjiLgxCKG
-----END CERTIFICATE-----
Generated at Fri May 9 03:33:54 2025 by rpki-client