Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: Mt8kaLvjyRXzq96wrXZLLNc8a0KulKPRIC/o4kM3mz8=
Subject key identifier: 48:E4:4B:DA:CE:C8:EA:FF:8B:14:04:03:4A:9B:17:41:A6:04:A9:96
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 158A2E9F1BF64DB0B1DE640F0F495554C9CC7646
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa
Signing time: Thu 14 Aug 2025 00:00:10 +0000
ROA not before: Wed 13 Aug 2025 23:55:10 +0000
ROA not after: Thu 13 Aug 2026 00:00:10 +0000
asID: 395374
IP address blocks: 143.14.192.0/24 maxlen: 24
143.14.255.0/24 maxlen: 24
162.141.119.0/24 maxlen: 24
162.141.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:8a:2e:9f:1b:f6:4d:b0:b1:de:64:0f:0f:49:55:54:c9:cc:76:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 13 23:55:10 2025 GMT
Not After : Aug 13 00:00:10 2026 GMT
Subject: CN=48E44BDACEC8EAFF8B1404034A9B1741A604A996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:6e:b3:ce:11:e0:fc:5e:fb:4b:ae:d2:d7:
1a:e9:3b:e9:25:17:36:80:2b:d8:58:3f:70:17:a6:
da:4f:f2:b6:8a:dd:f5:09:87:e0:f3:17:77:21:63:
2a:55:f7:46:9e:8d:7e:73:56:f3:3f:db:c0:a4:97:
16:9a:80:60:d8:2a:ec:f0:14:8b:de:e2:04:7a:44:
c3:c5:36:59:0b:68:78:25:ba:00:84:b8:89:8d:d2:
81:2a:50:aa:24:4d:15:96:25:11:e6:69:b1:81:e7:
26:35:7b:2f:45:6b:05:9c:eb:f2:4b:d8:9c:b5:ae:
9a:16:b0:94:a7:07:98:89:6f:16:19:c0:21:6d:fc:
f5:48:d4:2f:01:cb:ee:82:da:1a:91:69:ea:c9:56:
08:73:7e:c0:7f:c5:03:c6:09:8d:3f:d6:e2:fb:73:
f6:75:15:41:63:3a:f4:54:a8:38:ba:7b:10:c6:6c:
05:24:0e:b2:e7:d6:72:58:bf:cf:34:95:61:b4:23:
4e:2f:82:08:50:93:9b:05:8d:a5:b0:f8:75:df:e9:
55:93:e9:09:a6:36:15:f0:e0:0b:1d:32:84:98:1b:
c7:fc:2d:22:3f:33:37:bf:8d:bc:7c:6f:7a:76:5c:
6d:09:c6:40:86:52:2f:89:8e:be:8e:7d:11:bf:6a:
7c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E4:4B:DA:CE:C8:EA:FF:8B:14:04:03:4A:9B:17:41:A6:04:A9:96
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.192.0/24
143.14.255.0/24
162.141.119.0-162.141.120.255
Signature Algorithm: sha256WithRSAEncryption
30:4c:96:7b:0f:51:9b:30:c1:73:a3:17:6e:ab:66:35:ed:aa:
3a:73:d9:49:31:7d:29:2a:25:f3:d6:97:87:e7:88:dc:fa:58:
19:a1:f4:89:3e:6e:f2:b8:bc:1d:cb:7b:b4:72:24:24:41:16:
33:96:69:13:c5:da:7f:dc:67:49:cd:2c:11:f2:7b:f9:e9:7f:
bb:07:3c:8f:22:82:33:ba:35:00:44:c2:a8:d1:a1:f1:4f:ce:
94:d6:eb:c7:2e:61:6a:c0:ee:db:52:4b:f5:70:da:37:6a:52:
43:52:3a:a0:26:a6:04:2c:94:e1:f0:23:cd:e0:56:4f:6f:f4:
08:02:b8:54:5b:c5:68:d9:40:04:82:e6:b0:c5:4d:1e:78:4f:
41:f8:a9:12:f0:c9:b8:70:27:7e:82:46:ec:b4:a5:8d:ee:23:
cf:06:33:92:53:47:ba:be:2a:40:ea:22:79:de:c0:2c:9a:3f:
43:ac:36:cf:c3:d6:17:a9:7d:2d:e3:88:5e:bc:28:d2:98:42:
4e:3c:b9:2e:5a:1a:ff:86:99:8a:ae:76:8e:b4:58:98:4c:d0:
17:5f:f8:fe:f5:99:8d:e4:f1:cc:42:c1:40:a7:9a:36:74:90:
44:b3:6a:07:97:c7:87:cd:a2:11:88:30:ad:49:42:af:a2:e2:
45:fc:27:5b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIUFYounxv2TbCx3mQPD0lVVMnMdkYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTMyMzU1MTBaFw0yNjA4MTMwMDAwMTBaMDMxMTAvBgNV
BAMTKDQ4RTQ0QkRBQ0VDOEVBRkY4QjE0MDQwMzRBOUIxNzQxQTYwNEE5OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz/G6zzhHg/F77S67S1xrpO+kl
FzaAK9hYP3AXptpP8raK3fUJh+DzF3chYypV90aejX5zVvM/28CklxaagGDYKuzw
FIve4gR6RMPFNlkLaHglugCEuImN0oEqUKokTRWWJRHmabGB5yY1ey9FawWc6/JL
2Jy1rpoWsJSnB5iJbxYZwCFt/PVI1C8By+6C2hqRaerJVghzfsB/xQPGCY0/1uL7
c/Z1FUFjOvRUqDi6exDGbAUkDrLn1nJYv880lWG0I04vgghQk5sFjaWw+HXf6VWT
6QmmNhXw4AsdMoSYG8f8LSI/Mze/jbx8b3p2XG0JxkCGUi+Jjr6OfRG/anwBAgMB
AAGjggIeMIICGjAdBgNVHQ4EFgQUSORL2s7I6v+LFAQDSpsXQaYEqZYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAjw7A
AwQAjw7/MAwDBACijXcDBACijXgwDQYJKoZIhvcNAQELBQADggEBADBMlnsPUZsw
wXOjF26rZjXtqjpz2UkxfSkqJfPWl4fniNz6WBmh9Ik+bvK4vB3Le7RyJCRBFjOW
aRPF2n/cZ0nNLBHye/npf7sHPI8igjO6NQBEwqjRofFPzpTW68cuYWrA7ttSS/Vw
2jdqUkNSOqAmpgQslOHwI83gVk9v9AgCuFRbxWjZQASC5rDFTR54T0H4qRLwybhw
J36CRuy0pY3uI88GM5JTR7q+KkDqInnewCyaP0OsNs/D1hepfS3jiF68KNKYQk48
uS5aGv+GmYqudo60WJhM0Bdf+P71mY3k8cxCwUCnmjZ0kESzageXx4fNohGIMK1J
Qq+i4kX8J1s=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:40:32 2025 by rpki-client