Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS23470.roa
File: AS23470.roa (raw, json)
Hash identifier: FmkkuKo5al5JQwziz0dUUsh35urGl+JTRWI9jXi+iYA=
Subject key identifier: 3A:ED:7C:BA:66:E4:6E:F4:83:13:04:E3:C9:2F:B7:57:58:4E:B6:A8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 43A11B4B8141FB3E66AB4A762633F17C9C085DBB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS23470.roa
Signing time: Sat 09 Aug 2025 17:46:53 +0000
ROA not before: Sat 09 Aug 2025 17:41:53 +0000
ROA not after: Sat 08 Aug 2026 17:46:53 +0000
asID: 23470
IP address blocks: 143.14.173.0/24 maxlen: 24
146.103.11.0/24 maxlen: 24
147.79.1.0/24 maxlen: 24
150.241.215.0/24 maxlen: 24
162.141.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:a1:1b:4b:81:41:fb:3e:66:ab:4a:76:26:33:f1:7c:9c:08:5d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 9 17:41:53 2025 GMT
Not After : Aug 8 17:46:53 2026 GMT
Subject: CN=3AED7CBA66E46EF4831304E3C92FB757584EB6A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:67:fc:0a:2a:d9:ce:82:07:0c:6a:9e:90:46:
10:91:3e:c3:7d:f8:f6:74:25:44:75:06:e8:fa:e9:
d2:20:fe:6d:8c:bc:df:b5:64:c1:08:4b:15:ca:1e:
01:6c:0d:9a:cb:72:e1:5a:e3:50:1e:cf:6e:c5:54:
57:69:d4:27:6b:77:54:c0:b1:7f:fd:e4:fc:54:36:
7a:63:fb:f7:56:8e:dc:fe:7c:8c:d9:67:d9:2e:df:
cc:7d:90:f4:ac:51:c2:cc:09:0c:b4:b8:3a:73:1c:
57:0c:0a:3c:3d:ac:92:1d:83:8a:9f:78:79:2d:f8:
92:b8:7f:80:3f:46:fc:13:8e:c8:6c:ac:24:14:33:
2d:d6:35:fb:18:c0:31:c9:f9:3b:e1:8c:7c:8c:d2:
6c:e1:96:5e:63:0e:3d:2d:97:73:27:19:33:40:43:
8f:f3:c0:93:be:14:63:8b:a5:49:66:63:d7:1f:05:
2f:10:8c:50:09:e4:23:b8:b8:a6:f6:55:11:f5:a1:
ec:13:ee:c5:cb:67:8c:b0:ab:4c:46:47:8e:1a:3c:
b2:01:2e:7f:f5:cf:95:a5:ad:63:ac:72:ac:56:27:
3e:bf:2f:2f:55:8a:b9:fc:e5:6b:f4:42:b1:1c:0e:
c2:0a:57:9b:97:bb:e3:84:f1:af:0a:ec:d7:01:4f:
ca:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:ED:7C:BA:66:E4:6E:F4:83:13:04:E3:C9:2F:B7:57:58:4E:B6:A8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS23470.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.173.0/24
146.103.11.0/24
147.79.1.0/24
150.241.215.0/24
162.141.8.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:cf:69:6a:86:66:a7:2a:d4:9d:bc:71:6b:f9:30:b6:8c:ca:
42:b4:3d:e5:14:6e:27:57:06:1d:0b:35:a4:30:81:19:da:eb:
c1:23:36:89:a3:cf:36:73:7e:09:f7:fc:a5:a5:c3:e9:33:19:
f3:f2:c5:1f:c3:b6:02:cd:04:14:4e:f8:fb:9d:e2:cc:2f:24:
4e:0c:31:37:54:3f:55:f1:e0:e7:b9:a7:59:8d:0a:ff:21:a4:
b9:43:23:2a:fd:e2:6e:67:69:01:32:6b:60:fb:4f:e6:fc:a0:
b0:92:d0:7d:4a:bf:9a:1c:75:44:77:68:2f:29:f8:9b:72:76:
be:a3:50:6b:8b:90:e1:a5:35:f1:b2:b3:d5:1e:9f:34:26:cc:
3f:35:4b:f5:c7:61:1d:08:77:b9:1e:6e:8e:af:94:22:ce:4e:
0a:04:89:9e:b3:ea:bf:4d:cc:f1:55:e9:c8:2f:e6:d9:8e:f2:
5a:3f:1b:f5:4f:0b:46:7b:f4:3f:70:0b:5a:2a:bf:60:d3:d1:
42:54:97:9d:b1:34:6d:47:b0:b4:b9:72:19:02:35:ee:c2:3d:
d5:f2:eb:95:dc:75:a2:7f:f9:ba:7a:86:f2:93:ab:8a:b1:68:
96:95:e6:d6:cf:21:53:26:81:d6:49:15:3f:42:2a:7f:d2:ee:
38:71:67:43
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUQ6EbS4FB+z5mq0p2JjPxfJwIXbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDkxNzQxNTNaFw0yNjA4MDgxNzQ2NTNaMDMxMTAvBgNV
BAMTKDNBRUQ3Q0JBNjZFNDZFRjQ4MzEzMDRFM0M5MkZCNzU3NTg0RUI2QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Z/wKKtnOggcMap6QRhCRPsN9
+PZ0JUR1Buj66dIg/m2MvN+1ZMEISxXKHgFsDZrLcuFa41Aez27FVFdp1Cdrd1TA
sX/95PxUNnpj+/dWjtz+fIzZZ9ku38x9kPSsUcLMCQy0uDpzHFcMCjw9rJIdg4qf
eHkt+JK4f4A/RvwTjshsrCQUMy3WNfsYwDHJ+TvhjHyM0mzhll5jDj0tl3MnGTNA
Q4/zwJO+FGOLpUlmY9cfBS8QjFAJ5CO4uKb2VRH1oewT7sXLZ4ywq0xGR44aPLIB
Ln/1z5WlrWOscqxWJz6/Ly9Virn85Wv0QrEcDsIKV5uXu+OE8a8K7NcBT8rXAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUOu18umbkbvSDEwTjyS+3V1hOtqgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjM0NzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACPDq0D
BACSZwsDBACTTwEDBACW8dcDBACijQgwDQYJKoZIhvcNAQELBQADggEBAK3PaWqG
Zqcq1J28cWv5MLaMykK0PeUUbidXBh0LNaQwgRna68EjNomjzzZzfgn3/KWlw+kz
GfPyxR/DtgLNBBRO+Pud4swvJE4MMTdUP1Xx4Oe5p1mNCv8hpLlDIyr94m5naQEy
a2D7T+b8oLCS0H1Kv5ocdUR3aC8p+Jtydr6jUGuLkOGlNfGys9UenzQmzD81S/XH
YR0Id7kebo6vlCLOTgoEiZ6z6r9NzPFV6cgv5tmO8lo/G/VPC0Z79D9wC1oqv2DT
0UJUl52xNG1HsLS5chkCNe7CPdXy65XcdaJ/+bp6hvKTq4qxaJaV5tbPIVMmgdZJ
FT9CKn/S7jhxZ0M=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:51:29 2025 by rpki-client