Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS200239.roa
File: AS200239.roa (raw, json)
Hash identifier: DnLcbL9N1XKhVnwtvVsV4b2NijWF6PEoRXwxD17ltHM=
Subject key identifier: 2B:38:F5:5C:F7:8E:F7:80:51:C3:F7:8C:F9:29:44:A5:15:CA:D2:E9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 601FFF4A31EBFA35F111AF3F83774EDFC640CA40
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS200239.roa
Signing time: Wed 01 Oct 2025 00:16:13 +0000
ROA not before: Wed 01 Oct 2025 00:11:13 +0000
ROA not after: Wed 30 Sep 2026 00:16:13 +0000
asID: 200239
IP address blocks: 162.141.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:1f:ff:4a:31:eb:fa:35:f1:11:af:3f:83:77:4e:df:c6:40:ca:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 1 00:11:13 2025 GMT
Not After : Sep 30 00:16:13 2026 GMT
Subject: CN=2B38F55CF78EF78051C3F78CF92944A515CAD2E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f0:ac:71:f9:93:0e:ea:df:aa:65:2c:f9:a9:
c2:21:bb:e9:4f:58:3f:7e:e9:65:4f:e0:3b:88:01:
f7:9b:9a:32:d9:df:10:5b:d1:be:87:4e:35:f7:53:
ac:f8:55:47:90:3c:86:ad:2c:ca:67:38:a4:d8:80:
ea:63:5f:57:03:56:fb:da:6d:6d:10:b7:b0:0d:c1:
b0:15:b7:a9:d4:84:41:30:d1:f2:a8:a1:e2:7d:37:
e8:e9:aa:6e:29:c7:50:e3:73:d7:58:b3:2d:a8:1d:
df:c1:0f:bd:72:b0:3f:8e:7f:65:a7:f3:6e:9e:82:
37:36:02:66:4d:b1:36:41:2b:d2:b4:27:c2:04:7f:
8e:29:4f:a3:f3:79:b4:cd:c8:eb:ac:46:22:29:17:
e8:04:67:e1:49:8c:d3:d6:a6:88:48:45:e4:a5:32:
cc:cf:02:7d:bc:c6:6b:89:12:95:e2:1f:ce:ca:9a:
81:ca:7d:8f:5e:30:f8:34:ff:83:21:95:34:4b:0c:
35:9d:09:db:3d:be:51:72:77:df:a6:2e:db:bf:3f:
88:b2:ac:78:92:47:4b:50:7d:bd:e4:56:f7:86:6a:
0a:3a:96:30:e1:54:38:75:16:6c:18:34:07:dd:71:
ce:a7:85:1f:4a:17:34:d2:90:35:c4:9c:a7:2b:41:
6d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:38:F5:5C:F7:8E:F7:80:51:C3:F7:8C:F9:29:44:A5:15:CA:D2:E9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS200239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.141.9.0/24
Signature Algorithm: sha256WithRSAEncryption
97:59:0a:35:3e:54:96:28:3f:08:5c:6c:b7:08:4d:aa:f2:11:
3a:1f:7f:28:cd:ea:be:35:3f:e9:43:59:fb:61:3a:6e:26:ca:
13:27:a0:67:a1:4a:75:bc:66:a8:67:e4:d8:e4:0c:68:d3:cd:
3e:e5:40:1d:2e:bc:99:e9:1c:b2:28:2c:2e:b1:35:1a:dd:8e:
90:fd:96:f6:3d:bd:d7:83:56:98:9d:ed:c0:e2:c5:45:c4:75:
2b:b0:3d:5e:bb:0f:70:b4:bc:14:8e:65:c1:7c:1d:80:d6:94:
d8:b7:dc:77:5c:2d:a3:39:d4:0f:b3:bd:01:34:2a:7a:05:59:
09:18:3c:36:f3:af:4a:32:5e:9b:69:2d:fe:9f:c5:9d:32:0e:
f2:7c:88:ac:79:da:09:89:d8:c7:e8:76:96:d1:c9:51:d2:76:
1c:46:0d:e0:d6:8a:7c:49:2a:85:4b:4a:ac:2e:e2:34:c1:72:
6f:de:80:51:25:51:74:51:4a:aa:a6:31:df:b5:d7:0e:87:34:
82:66:7a:10:64:35:a2:c7:11:36:92:5f:d3:31:01:aa:e6:8d:
7f:d7:0d:bc:1d:f9:7c:92:c6:60:e5:e5:e5:6c:af:df:76:74:
4f:81:eb:09:0e:7e:d3:75:10:c3:72:0e:3a:21:ba:42:35:a5:
d6:f7:c5:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUYB//SjHr+jXxEa8/g3dO38ZAykAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMDEwMDExMTNaFw0yNjA5MzAwMDE2MTNaMDMxMTAvBgNV
BAMTKDJCMzhGNTVDRjc4RUY3ODA1MUMzRjc4Q0Y5Mjk0NEE1MTVDQUQyRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE8Kxx+ZMO6t+qZSz5qcIhu+lP
WD9+6WVP4DuIAfebmjLZ3xBb0b6HTjX3U6z4VUeQPIatLMpnOKTYgOpjX1cDVvva
bW0Qt7ANwbAVt6nUhEEw0fKooeJ9N+jpqm4px1Djc9dYsy2oHd/BD71ysD+Of2Wn
826egjc2AmZNsTZBK9K0J8IEf44pT6PzebTNyOusRiIpF+gEZ+FJjNPWpohIReSl
MszPAn28xmuJEpXiH87KmoHKfY9eMPg0/4MhlTRLDDWdCds9vlFyd9+mLtu/P4iy
rHiSR0tQfb3kVveGago6ljDhVDh1FmwYNAfdcc6nhR9KFzTSkDXEnKcrQW0bAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUKzj1XPeO94BRw/eM+SlEpRXK0ukwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAwMjM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoo0J
MA0GCSqGSIb3DQEBCwUAA4IBAQCXWQo1PlSWKD8IXGy3CE2q8hE6H38ozeq+NT/p
Q1n7YTpuJsoTJ6BnoUp1vGaoZ+TY5Axo080+5UAdLryZ6RyyKCwusTUa3Y6Q/Zb2
Pb3Xg1aYne3A4sVFxHUrsD1euw9wtLwUjmXBfB2A1pTYt9x3XC2jOdQPs70BNCp6
BVkJGDw2869KMl6baS3+n8WdMg7yfIisedoJidjH6HaW0clR0nYcRg3g1op8SSqF
S0qsLuI0wXJv3oBRJVF0UUqqpjHftdcOhzSCZnoQZDWixxE2kl/TMQGq5o1/1w28
Hfl8ksZg5eXlbK/fdnRPgesJDn7TdRDDcg46IbpCNaXW98U5
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:07:47 2025 by rpki-client