Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16589.roa
File: AS16589.roa (raw, json)
Hash identifier: Jkxdp0mJ3cl3Rfxqa5FTVVDKs62Pk/zAdXgICZbzRKY=
Subject key identifier: 3F:00:FC:DE:60:EC:61:E7:52:C0:AC:99:99:58:C5:AB:A7:03:C2:AF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 72C7922781723B9B092C3CBCD666F72EE279EFDC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16589.roa
Signing time: Tue 29 Apr 2025 06:37:16 +0000
ROA not before: Tue 29 Apr 2025 06:32:16 +0000
ROA not after: Tue 28 Apr 2026 06:37:16 +0000
asID: 16589
IP address blocks: 143.14.241.0/24 maxlen: 24
143.14.255.0/24 maxlen: 24
155.117.216.0/24 maxlen: 24
155.117.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:c7:92:27:81:72:3b:9b:09:2c:3c:bc:d6:66:f7:2e:e2:79:ef:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 29 06:32:16 2025 GMT
Not After : Apr 28 06:37:16 2026 GMT
Subject: CN=3F00FCDE60EC61E752C0AC999958C5ABA703C2AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5a:a2:22:09:bd:2d:af:4c:cf:92:ca:e7:66:
f5:16:81:c8:f3:ca:3e:b5:da:53:a2:3d:91:71:81:
c9:95:8d:52:c7:4e:e2:d4:6a:9e:13:e6:66:66:19:
5c:41:fc:ff:0c:8f:80:2b:3f:a0:87:b6:db:ab:5e:
fb:9b:a5:33:40:e5:6f:8f:ea:a1:e9:3f:b1:eb:39:
22:c1:90:0b:b3:f4:9f:1c:d7:c1:e6:26:04:de:4c:
71:24:ff:88:bc:c6:c5:6a:0d:74:d6:4d:10:e5:dd:
d7:54:af:e2:b3:2e:3e:61:89:94:c1:8a:1b:bb:7d:
03:c4:78:d0:27:8d:c3:b9:0b:3e:51:62:26:05:d2:
38:48:cc:f6:51:6f:21:c7:6f:86:0f:c0:b1:b0:a7:
4c:0f:96:dd:50:92:7a:b7:22:83:83:0e:48:b7:66:
a5:30:5f:d4:50:aa:77:df:ba:a8:38:46:0c:40:0d:
1a:46:e2:8c:94:1c:d0:5a:fb:28:4c:e5:9b:2f:13:
8a:e8:7c:e3:f9:82:13:83:dd:6d:27:e1:3f:1f:36:
aa:fd:39:ff:39:a5:df:eb:4e:5c:99:b2:26:16:33:
ff:0e:17:d7:80:f1:d8:0f:31:dd:c7:bb:19:c4:b2:
65:e8:54:d2:3b:4d:3e:28:3d:33:c1:94:31:b9:65:
bb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:00:FC:DE:60:EC:61:E7:52:C0:AC:99:99:58:C5:AB:A7:03:C2:AF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16589.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.241.0/24
143.14.255.0/24
155.117.216.0/24
155.117.247.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:9e:4b:ed:6f:ef:9a:68:19:26:56:07:62:37:c2:1e:d2:bc:
3b:85:c2:fe:e5:a9:0b:61:4b:6f:9c:24:60:ba:49:a4:68:fe:
4a:61:4d:f5:0a:88:49:65:a6:f6:73:16:98:b5:49:6d:e3:87:
f5:87:5c:47:46:4d:fe:99:e9:bc:a6:fc:f1:e1:d8:55:2a:1d:
1c:fe:3b:c8:9e:98:30:38:89:34:0e:20:1a:0c:3c:e5:8b:65:
4a:eb:41:1c:d2:db:18:d6:31:33:2b:db:64:4f:39:f9:a1:19:
56:46:4c:5e:bb:f7:19:ae:3c:06:a6:fa:e3:40:4e:3b:92:40:
5f:ea:6c:2b:d0:bc:81:f9:43:d7:68:d4:ad:3f:ef:92:ee:f5:
e8:26:c0:68:77:9a:ff:bf:31:72:e8:8a:90:76:72:49:05:04:
b4:67:75:ca:b3:f4:5d:59:1a:98:31:fa:2d:5b:34:6c:f6:c6:
85:aa:dd:a1:13:99:d0:88:1e:88:dd:b6:e2:2a:bc:62:55:bf:
64:9b:37:b5:28:9a:d7:06:7a:e6:52:46:44:99:3b:70:e6:fc:
dd:00:f6:7b:7a:26:e2:7e:4f:04:42:e5:21:e9:ab:94:2f:39:
38:c9:48:2b:e9:03:ed:16:c0:2b:a5:54:ff:e5:40:b1:73:b0:
9e:ef:50:14
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUcseSJ4FyO5sJLDy81mb3LuJ579wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MjkwNjMyMTZaFw0yNjA0MjgwNjM3MTZaMDMxMTAvBgNV
BAMTKDNGMDBGQ0RFNjBFQzYxRTc1MkMwQUM5OTk5NThDNUFCQTcwM0MyQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5WqIiCb0tr0zPksrnZvUWgcjz
yj612lOiPZFxgcmVjVLHTuLUap4T5mZmGVxB/P8Mj4ArP6CHtturXvubpTNA5W+P
6qHpP7HrOSLBkAuz9J8c18HmJgTeTHEk/4i8xsVqDXTWTRDl3ddUr+KzLj5hiZTB
ihu7fQPEeNAnjcO5Cz5RYiYF0jhIzPZRbyHHb4YPwLGwp0wPlt1Qknq3IoODDki3
ZqUwX9RQqnffuqg4RgxADRpG4oyUHNBa+yhM5ZsvE4rofOP5ghOD3W0n4T8fNqr9
Of85pd/rTlyZsiYWM/8OF9eA8dgPMd3HuxnEsmXoVNI7TT4oPTPBlDG5Zbt1AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUPwD83mDsYedSwKyZmVjFq6cDwq8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1ODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACPDvED
BACPDv8DBACbddgDBACbdfcwDQYJKoZIhvcNAQELBQADggEBALSeS+1v75poGSZW
B2I3wh7SvDuFwv7lqQthS2+cJGC6SaRo/kphTfUKiEllpvZzFpi1SW3jh/WHXEdG
Tf6Z6bym/PHh2FUqHRz+O8iemDA4iTQOIBoMPOWLZUrrQRzS2xjWMTMr22RPOfmh
GVZGTF679xmuPAam+uNATjuSQF/qbCvQvIH5Q9do1K0/75Lu9egmwGh3mv+/MXLo
ipB2ckkFBLRndcqz9F1ZGpgx+i1bNGz2xoWq3aETmdCIHojdtuIqvGJVv2SbN7Uo
mtcGeuZSRkSZO3Dm/N0A9nt6JuJ+TwRC5SHpq5QvOTjJSCvpA+0WwCulVP/lQLFz
sJ7vUBQ=
-----END CERTIFICATE-----
Generated at Wed May 7 03:01:35 2025 by rpki-client