Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3257.roa
File: AS3257.roa (raw, json)
Hash identifier: a0IP79w4KCZvmepuYpl0HtT5xXtgD+jC1eTUpVQ6+M0=
Subject key identifier: 02:9C:29:16:AE:C7:89:AF:28:53:CD:BD:1C:2B:F8:43:39:48:90:D9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 334C595C4EDD61CBE9B384C243F6EE6EAB4D4929
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3257.roa
Signing time: Sat 21 Jun 2025 05:37:58 +0000
ROA not before: Sat 21 Jun 2025 05:32:58 +0000
ROA not after: Sat 20 Jun 2026 05:37:58 +0000
asID: 3257
IP address blocks: 143.14.37.0/24 maxlen: 24
143.14.127.0/24 maxlen: 24
162.141.49.0/24 maxlen: 24
162.141.64.0/24 maxlen: 24
162.141.95.0/24 maxlen: 24
162.141.122.0/24 maxlen: 24
162.141.165.0/24 maxlen: 24
167.148.1.0/24 maxlen: 24
167.148.4.0/24 maxlen: 24
167.148.5.0/24 maxlen: 24
167.148.10.0/24 maxlen: 24
167.148.12.0/24 maxlen: 24
167.148.14.0/24 maxlen: 24
167.148.29.0/24 maxlen: 24
167.148.30.0/24 maxlen: 24
167.148.35.0/24 maxlen: 24
167.148.70.0/24 maxlen: 24
167.148.100.0/24 maxlen: 24
167.148.102.0/24 maxlen: 24
167.148.106.0/24 maxlen: 24
167.148.116.0/24 maxlen: 24
167.148.127.0/24 maxlen: 24
167.148.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:4c:59:5c:4e:dd:61:cb:e9:b3:84:c2:43:f6:ee:6e:ab:4d:49:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 21 05:32:58 2025 GMT
Not After : Jun 20 05:37:58 2026 GMT
Subject: CN=029C2916AEC789AF2853CDBD1C2BF843394890D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b2:32:e4:39:69:3f:ff:0d:94:d9:47:9c:04:
59:6f:c3:ef:2e:44:cd:99:f2:cb:23:ee:0a:55:da:
08:a4:b3:58:e2:a5:b6:5b:21:0f:20:6a:4c:3c:69:
0a:06:9e:08:35:b0:43:f1:9b:5e:12:1c:5b:c1:b4:
7b:fa:3d:57:7c:eb:a1:61:f2:df:1c:d0:78:0e:ff:
bd:0f:55:d3:62:1b:5f:cd:0d:57:05:be:4b:47:7d:
a4:4c:63:ae:e2:fc:36:4d:27:c1:39:e9:ac:db:8c:
ca:96:c0:fd:a9:bd:82:8c:ea:b7:ff:22:b6:77:3b:
17:de:e8:4e:5b:92:bc:f8:a2:96:46:f5:eb:87:d0:
67:a8:fb:b1:ca:5c:15:2c:a4:06:b8:7d:45:a1:ad:
24:4f:1e:8e:26:87:7a:76:7e:44:df:5a:3b:87:db:
48:0c:64:0b:1e:7e:b5:72:2d:a5:f8:36:6b:9c:f7:
b7:e3:ad:bc:68:1b:29:64:57:fd:02:5f:db:ad:60:
f9:32:3c:14:b3:99:34:9b:ba:32:8e:fa:9f:70:af:
80:b2:47:3e:be:9d:ac:66:55:62:b1:c4:36:f7:78:
36:81:ce:68:91:66:c1:f7:9b:4f:0f:f6:3d:f5:ed:
1d:ad:de:af:b2:0f:0d:f6:3c:0b:f2:7a:fa:1c:b2:
2d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9C:29:16:AE:C7:89:AF:28:53:CD:BD:1C:2B:F8:43:39:48:90:D9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.37.0/24
143.14.127.0/24
162.141.49.0/24
162.141.64.0/24
162.141.95.0/24
162.141.122.0/24
162.141.165.0/24
167.148.1.0/24
167.148.4.0/23
167.148.10.0/24
167.148.12.0/24
167.148.14.0/24
167.148.29.0-167.148.30.255
167.148.35.0/24
167.148.70.0/24
167.148.100.0/24
167.148.102.0/24
167.148.106.0/24
167.148.116.0/24
167.148.127.0/24
167.148.191.0/24
Signature Algorithm: sha256WithRSAEncryption
32:18:63:fa:a7:ef:19:87:b0:86:49:d2:ad:7a:72:bc:89:60:
b3:0a:22:10:0f:b0:de:d0:99:53:77:2c:d7:06:3c:2f:6e:2b:
11:d4:15:04:60:e3:e6:81:78:c2:ad:84:a6:36:8a:fd:57:cb:
be:6c:ca:11:e3:5d:4f:43:96:11:67:62:cf:4f:8d:63:27:b4:
8a:f5:d8:b6:69:9b:0d:b2:4a:4f:e7:17:23:da:84:53:7d:35:
7c:e2:89:cb:e2:f0:ef:d2:4e:44:dd:86:c3:a0:6e:eb:75:d9:
b5:30:0e:15:01:a9:b9:a9:1b:70:87:42:b9:cc:01:a1:4b:56:
f2:51:31:f1:2a:2e:03:8c:c6:f9:5e:26:e9:68:5d:08:9e:b9:
b4:5e:ff:44:86:75:7f:ed:43:70:49:3e:3e:69:e4:44:bc:9b:
f3:42:e8:3a:2e:8f:cd:cb:d6:1b:3a:69:d8:7c:c5:be:72:6c:
41:42:88:83:10:f8:fb:a3:f0:05:e6:d4:ba:c2:c2:2b:81:db:
51:d6:b4:0d:63:d6:65:e2:76:5f:b9:52:5b:0d:a9:f4:05:29:
83:3a:ef:3c:d2:c7:1d:78:96:b3:91:1c:1c:9f:0e:7f:9e:91:
11:b0:28:5a:00:d8:5a:e0:e2:f8:da:09:88:ec:1e:d4:29:90:
f0:a2:22:ef
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIUM0xZXE7dYcvps4TCQ/bubqtNSSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjEwNTMyNThaFw0yNjA2MjAwNTM3NThaMDMxMTAvBgNV
BAMTKDAyOUMyOTE2QUVDNzg5QUYyODUzQ0RCRDFDMkJGODQzMzk0ODkwRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjsjLkOWk//w2U2UecBFlvw+8u
RM2Z8ssj7gpV2giks1jipbZbIQ8gakw8aQoGngg1sEPxm14SHFvBtHv6PVd866Fh
8t8c0HgO/70PVdNiG1/NDVcFvktHfaRMY67i/DZNJ8E56azbjMqWwP2pvYKM6rf/
IrZ3Oxfe6E5bkrz4opZG9euH0Geo+7HKXBUspAa4fUWhrSRPHo4mh3p2fkTfWjuH
20gMZAsefrVyLaX4Nmuc97fjrbxoGylkV/0CX9utYPkyPBSzmTSbujKO+p9wr4Cy
Rz6+naxmVWKxxDb3eDaBzmiRZsH3m08P9j317R2t3q+yDw32PAvyevocsi2tAgMB
AAGjggKNMIICiTAdBgNVHQ4EFgQUApwpFq7Hia8oU829HCv4QzlIkNkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBowYIKwYBBQUHAQcBAf8EgZMwgZAwgY0EAgABMIGGAwQA
jw4lAwQAjw5/AwQAoo0xAwQAoo1AAwQAoo1fAwQAoo16AwQAoo2lAwQAp5QBAwQB
p5QEAwQAp5QKAwQAp5QMAwQAp5QOMAwDBACnlB0DBACnlB4DBACnlCMDBACnlEYD
BACnlGQDBACnlGYDBACnlGoDBACnlHQDBACnlH8DBACnlL8wDQYJKoZIhvcNAQEL
BQADggEBADIYY/qn7xmHsIZJ0q16cryJYLMKIhAPsN7QmVN3LNcGPC9uKxHUFQRg
4+aBeMKthKY2iv1Xy75syhHjXU9DlhFnYs9PjWMntIr12LZpmw2ySk/nFyPahFN9
NXziicvi8O/STkTdhsOgbut12bUwDhUBqbmpG3CHQrnMAaFLVvJRMfEqLgOMxvle
JuloXQieubRe/0SGdX/tQ3BJPj5p5ES8m/NC6Douj83L1hs6adh8xb5ybEFCiIMQ
+Puj8AXm1LrCwiuB21HWtA1j1mXidl+5UlsNqfQFKYM67zzSxx14lrORHByfDn+e
kRGwKFoA2Frg4vjaCYjsHtQpkPCiIu8=
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:34:17 2025 by rpki-client