Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20115.roa
File: AS20115.roa (raw, json)
Hash identifier: d7C5jpRaqr9fQSZLBULYa78OrI/1liXBFzfn0FBWEWw=
Subject key identifier: AA:2C:44:0A:E1:16:C9:95:2E:53:D1:5B:2B:B6:37:8F:7D:54:67:B4
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0581CE67EC4BDA2254EB64E99DC587B5D9C7995F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20115.roa
Signing time: Wed 30 Apr 2025 18:43:59 +0000
ROA not before: Wed 30 Apr 2025 18:38:59 +0000
ROA not after: Wed 29 Apr 2026 18:43:59 +0000
asID: 20115
IP address blocks: 143.14.0.0/20 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.24.0/21 maxlen: 24
143.14.40.0/21 maxlen: 24
143.14.112.0/22 maxlen: 24
143.14.116.0/22 maxlen: 24
143.14.120.0/22 maxlen: 24
143.14.232.0/21 maxlen: 24
143.14.241.0/24 maxlen: 24
143.14.255.0/24 maxlen: 24
155.117.64.0/21 maxlen: 24
155.117.80.0/21 maxlen: 24
155.117.112.0/21 maxlen: 24
155.117.120.0/21 maxlen: 24
155.117.216.0/24 maxlen: 24
155.117.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:81:ce:67:ec:4b:da:22:54:eb:64:e9:9d:c5:87:b5:d9:c7:99:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 30 18:38:59 2025 GMT
Not After : Apr 29 18:43:59 2026 GMT
Subject: CN=AA2C440AE116C9952E53D15B2BB6378F7D5467B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f6:eb:a4:13:7c:1c:b2:0c:7f:27:0d:e8:4f:
da:1f:75:70:fa:15:ec:cc:67:e1:8f:e6:01:ca:0f:
44:a6:fd:7c:d5:b3:df:2f:79:51:2d:d7:32:36:e1:
6a:c3:b9:fd:4e:14:9f:02:eb:34:a2:10:d4:58:d8:
30:79:96:cb:89:95:8c:82:21:ed:8b:30:0f:ff:3f:
b1:4e:ab:81:7a:e3:bd:f3:48:f7:f4:bb:d2:ae:6f:
79:d1:2e:bf:97:63:e0:dd:ed:15:99:2b:27:26:9f:
53:14:78:50:69:fd:66:a3:3a:7d:56:11:c1:9a:fe:
19:99:4c:0c:00:c0:89:2b:59:67:18:77:a7:26:d1:
6d:11:ef:75:fc:1e:7b:75:00:f8:9e:ca:64:63:4b:
35:79:87:3d:fe:8f:fe:ea:df:d3:01:f3:d1:b4:9b:
dd:39:45:f6:3a:9e:33:b9:4a:d8:f5:06:52:07:66:
3d:d2:0d:aa:f1:76:cb:58:61:bf:29:55:a8:2f:6e:
28:7b:1f:90:5e:a5:0a:02:1d:ac:0c:c4:0e:d6:02:
d1:70:73:a7:2b:65:93:be:54:43:a5:d9:a6:a1:bb:
de:f9:e1:9e:0d:40:84:5f:93:de:5d:11:32:95:e9:
c5:14:ba:69:d1:97:b5:f7:c3:1e:f1:d2:83:46:d0:
7d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2C:44:0A:E1:16:C9:95:2E:53:D1:5B:2B:B6:37:8F:7D:54:67:B4
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20115.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.0.0/19
143.14.40.0/21
143.14.112.0-143.14.123.255
143.14.232.0/21
143.14.241.0/24
143.14.255.0/24
155.117.64.0/21
155.117.80.0/21
155.117.112.0/20
155.117.216.0/24
155.117.247.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:2b:51:35:26:b8:30:e7:b4:1f:f0:ee:21:dd:a9:c5:21:25:
21:ae:38:62:f9:81:67:75:f6:be:ed:fb:1b:bc:8f:39:9b:41:
3f:2d:57:b0:e1:20:49:7d:aa:06:49:53:14:b8:b1:7d:65:13:
e1:08:9c:6b:4d:bd:dd:da:11:73:78:6f:04:34:e5:2e:e8:bb:
0a:5e:d3:ed:37:3e:c8:5f:f7:c3:ad:7c:ce:73:48:21:3f:15:
3f:16:8d:60:c6:e1:ec:2d:fb:72:e6:5b:68:f1:8b:10:7f:b7:
dc:aa:0e:1f:0a:37:39:85:a5:7b:67:53:65:fd:52:fd:38:6f:
a4:ca:95:ce:d8:13:f8:18:e6:cb:13:cd:5d:67:bd:7e:fb:26:
e5:f7:24:a7:2b:11:c3:57:5a:79:76:8f:98:da:48:6e:69:0c:
fa:c7:c5:70:11:d8:f4:d7:7c:d4:a6:d2:b6:09:53:1f:9c:c8:
ed:ed:76:e2:83:c2:d3:8f:b7:b2:83:29:3a:ff:65:4a:48:2d:
ab:f0:5e:d5:63:ef:22:d2:e0:1c:f1:4e:2f:c1:19:d0:c9:06:
d3:eb:79:2c:5a:ec:a8:6c:76:cd:e1:7a:c6:05:49:00:8d:25:
e1:59:45:8b:69:36:46:f5:8f:f7:9a:c7:4c:e1:6f:8a:14:fd:
98:99:3a:0a
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUBYHOZ+xL2iJU62TpncWHtdnHmV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MzAxODM4NTlaFw0yNjA0MjkxODQzNTlaMDMxMTAvBgNV
BAMTKEFBMkM0NDBBRTExNkM5OTUyRTUzRDE1QjJCQjYzNzhGN0Q1NDY3QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk9uukE3wcsgx/Jw3oT9ofdXD6
FezMZ+GP5gHKD0Sm/XzVs98veVEt1zI24WrDuf1OFJ8C6zSiENRY2DB5lsuJlYyC
Ie2LMA//P7FOq4F6473zSPf0u9Kub3nRLr+XY+Dd7RWZKycmn1MUeFBp/WajOn1W
EcGa/hmZTAwAwIkrWWcYd6cm0W0R73X8Hnt1APieymRjSzV5hz3+j/7q39MB89G0
m905RfY6njO5Stj1BlIHZj3SDarxdstYYb8pVagvbih7H5BepQoCHawMxA7WAtFw
c6crZZO+VEOl2aahu9754Z4NQIRfk95dETKV6cUUumnRl7X3wx7x0oNG0H2/AgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUqixECuEWyZUuU9FbK7Y3j31UZ7QwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAxMTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgABMEoDBAWPDgAD
BAOPDigwDAMEBI8OcAMEAo8OeAMEA48O6AMEAI8O8QMEAI8O/wMEA5t1QAMEA5t1
UAMEBJt1cAMEAJt12AMEAJt19zANBgkqhkiG9w0BAQsFAAOCAQEAXStRNSa4MOe0
H/DuId2pxSElIa44YvmBZ3X2vu37G7yPOZtBPy1XsOEgSX2qBklTFLixfWUT4Qic
a0293doRc3hvBDTlLui7Cl7T7Tc+yF/3w618znNIIT8VPxaNYMbh7C37cuZbaPGL
EH+33KoOHwo3OYWle2dTZf1S/ThvpMqVztgT+BjmyxPNXWe9fvsm5fckpysRw1da
eXaPmNpIbmkM+sfFcBHY9Nd81KbStglTH5zI7e124oPC04+3soMpOv9lSkgtq/Be
1WPvItLgHPFOL8EZ0MkG0+t5LFrsqGx2zeF6xgVJAI0l4VlFi2k2RvWP95rHTOFv
ihT9mJk6Cg==
-----END CERTIFICATE-----
Generated at Sat May 10 08:18:33 2025 by rpki-client