Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS197649.roa
File: AS197649.roa (raw, json)
Hash identifier: LO+nWKKBgquit6fSG5CKEkJb90u6nThOxCy22hBZJ2A=
Subject key identifier: A5:00:F0:0C:5C:D1:A3:A3:2A:5A:04:47:34:BF:22:FC:D6:B6:92:8F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2DE33503CC341B7CEFE8A1667C070F96A1B9F66B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS197649.roa
Signing time: Mon 13 Oct 2025 20:07:56 +0000
ROA not before: Mon 13 Oct 2025 20:02:56 +0000
ROA not after: Mon 12 Oct 2026 20:07:56 +0000
asID: 197649
IP address blocks: 150.241.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:e3:35:03:cc:34:1b:7c:ef:e8:a1:66:7c:07:0f:96:a1:b9:f6:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 13 20:02:56 2025 GMT
Not After : Oct 12 20:07:56 2026 GMT
Subject: CN=A500F00C5CD1A3A32A5A044734BF22FCD6B6928F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e9:a1:19:fd:ee:fe:dc:eb:29:c2:93:99:0f:
3f:2b:9a:f5:6e:f3:24:67:be:91:91:e2:15:14:05:
63:a9:ab:97:db:0f:8d:b3:4f:37:26:ea:f3:ee:8b:
23:43:b9:5a:17:d3:fc:a0:18:79:e8:f1:39:c0:06:
92:2e:3f:4c:ad:d8:28:8c:f3:ea:d5:19:db:54:7d:
75:95:3e:23:0e:2d:43:52:6c:1d:a1:17:de:67:61:
6c:b0:13:2e:0c:60:e9:83:d8:9c:f5:09:37:22:94:
e1:18:06:c0:c8:de:c5:c6:ad:92:79:bc:ea:f0:bc:
8f:f5:07:98:d1:c9:c0:1c:53:93:79:30:86:28:cb:
dd:4d:44:cf:e8:3f:e7:e0:1b:4d:60:dc:7d:54:d9:
8f:39:15:40:5f:4a:33:d8:8f:5f:03:c8:d2:ac:88:
65:88:2c:99:1a:2a:d9:80:23:30:0d:58:14:0c:26:
a3:e4:51:10:15:82:98:0f:67:f4:d2:99:a0:13:df:
52:0f:ba:89:3a:22:08:10:b0:b7:c6:b7:5b:dd:d7:
fe:1b:8a:cf:3f:58:ba:8a:9a:51:01:c5:a9:65:5a:
60:f1:c9:85:f6:d8:cd:69:5a:22:59:09:78:c7:98:
ad:63:1c:73:02:af:ce:7d:4b:ce:3f:a5:91:a8:e6:
c7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:00:F0:0C:5C:D1:A3:A3:2A:5A:04:47:34:BF:22:FC:D6:B6:92:8F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS197649.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.253.0/24
Signature Algorithm: sha256WithRSAEncryption
83:b3:a7:bb:3b:ab:11:3a:0f:82:b8:0d:35:4e:31:6a:13:e0:
4c:2e:79:b4:9a:c8:96:6c:16:f0:f0:69:2e:53:08:d4:56:d9:
b4:56:f3:ae:a2:80:cb:9e:8c:34:66:7b:e4:c2:b4:3f:8e:41:
87:ea:29:9d:d9:6a:a5:b0:97:fd:98:85:6d:8d:9a:e8:cb:73:
d9:6f:aa:36:9e:5c:ba:57:6d:5b:44:4c:c3:32:a7:0e:ef:aa:
90:1c:39:0e:69:8b:18:66:34:43:05:f4:4b:e4:74:81:d3:37:
7a:00:a5:06:01:64:91:c1:79:71:f5:8c:37:f7:1d:35:b4:70:
34:e0:ea:fc:d2:fa:c3:f4:a2:69:8e:71:49:64:27:7c:f0:04:
e6:4b:a8:40:45:af:03:13:bb:17:3a:56:38:f9:5f:54:af:e4:
40:e2:b6:a0:d4:1e:93:27:9f:8c:45:d3:e3:05:93:40:bb:a8:
d1:8b:a3:ae:4f:73:ac:b2:5c:9b:27:08:36:62:a0:0d:1f:1b:
9b:37:82:4c:ca:8b:6e:ab:21:0e:a9:9f:d4:03:a0:c6:36:45:
cf:7b:ca:ca:8b:23:6b:c9:00:5d:1f:e8:75:d3:0e:cb:a6:13:
a0:e4:d6:b9:8b:ea:9a:c7:19:96:c0:eb:d1:d0:01:19:38:10:
bf:2d:45:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIULeM1A8w0G3zv6KFmfAcPlqG59mswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMTMyMDAyNTZaFw0yNjEwMTIyMDA3NTZaMDMxMTAvBgNV
BAMTKEE1MDBGMDBDNUNEMUEzQTMyQTVBMDQ0NzM0QkYyMkZDRDZCNjkyOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC06aEZ/e7+3OspwpOZDz8rmvVu
8yRnvpGR4hUUBWOpq5fbD42zTzcm6vPuiyNDuVoX0/ygGHno8TnABpIuP0yt2CiM
8+rVGdtUfXWVPiMOLUNSbB2hF95nYWywEy4MYOmD2Jz1CTcilOEYBsDI3sXGrZJ5
vOrwvI/1B5jRycAcU5N5MIYoy91NRM/oP+fgG01g3H1U2Y85FUBfSjPYj18DyNKs
iGWILJkaKtmAIzANWBQMJqPkURAVgpgPZ/TSmaAT31IPuok6IggQsLfGt1vd1/4b
is8/WLqKmlEBxallWmDxyYX22M1pWiJZCXjHmK1jHHMCr859S84/pZGo5se1AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUpQDwDFzRo6MqWgRHNL8i/Na2ko8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTk3NjQ5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlvH9
MA0GCSqGSIb3DQEBCwUAA4IBAQCDs6e7O6sROg+CuA01TjFqE+BMLnm0msiWbBbw
8GkuUwjUVtm0VvOuooDLnow0ZnvkwrQ/jkGH6imd2WqlsJf9mIVtjZroy3PZb6o2
nly6V21bREzDMqcO76qQHDkOaYsYZjRDBfRL5HSB0zd6AKUGAWSRwXlx9Yw39x01
tHA04Or80vrD9KJpjnFJZCd88ATmS6hARa8DE7sXOlY4+V9Ur+RA4rag1B6TJ5+M
RdPjBZNAu6jRi6OuT3OsslybJwg2YqANHxubN4JMyotuqyEOqZ/UA6DGNkXPe8rK
iyNryQBdH+h10w7LphOg5Na5i+qaxxmWwOvR0AEZOBC/LUW4
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:11:31 2025 by rpki-client