Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: Qh++fr7pDKgR5nFTUZPGG5zv9v7FgoWTy6CN6DoyOD8=
Subject key identifier: A1:B8:0E:94:DA:56:76:4E:56:D1:7F:06:C9:17:3C:05:9B:BB:26:89
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6F614BED88DDAD9FE5A07259047F191EF6670FF3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
Signing time: Mon 28 Apr 2025 10:42:36 +0000
ROA not before: Mon 28 Apr 2025 10:37:36 +0000
ROA not after: Mon 27 Apr 2026 10:42:36 +0000
asID: 396356
IP address blocks: 145.223.40.0/24 maxlen: 24
150.241.135.0/24 maxlen: 24
155.117.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 21:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:61:4b:ed:88:dd:ad:9f:e5:a0:72:59:04:7f:19:1e:f6:67:0f:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 28 10:37:36 2025 GMT
Not After : Apr 27 10:42:36 2026 GMT
Subject: CN=A1B80E94DA56764E56D17F06C9173C059BBB2689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ff:02:53:f9:8f:cb:97:97:62:a5:52:71:fa:
d3:34:b0:4a:fb:ea:e8:9b:4b:1a:5d:ac:df:6e:d7:
ec:af:04:bd:7e:d3:ce:94:81:3b:a8:37:3d:ca:4c:
d3:1f:e3:de:17:ac:cd:6f:25:d7:b5:2e:af:80:2d:
de:44:c6:b4:46:27:92:ea:f8:1f:74:4e:2a:11:6c:
ba:94:b5:15:b6:83:82:c4:82:4b:e9:1a:8c:d2:23:
2a:01:ab:b3:2f:89:d2:20:a8:56:b1:52:4a:49:1e:
d8:eb:60:f9:6c:b1:2a:32:f2:c2:ad:15:56:d7:10:
97:6f:92:91:39:e5:f5:cb:08:10:3d:e0:ef:81:e5:
ed:dc:53:5b:14:8e:36:b4:a3:f9:43:a6:81:33:55:
cc:35:cf:58:a0:1d:69:79:a0:14:84:ae:27:1c:09:
f5:73:0c:cc:19:05:0e:35:9f:f0:c2:86:7e:e9:1f:
00:60:64:d5:4c:60:c6:f1:80:4e:e8:93:0f:1c:9a:
2e:50:b2:05:4a:ef:f9:ed:bc:a5:a3:56:b6:bf:3a:
66:d3:c9:c2:0f:e7:43:70:74:d0:23:91:6c:0e:55:
23:b1:7b:e0:e6:58:07:0f:f3:d2:cc:26:d3:89:7f:
62:f2:eb:97:2c:c9:89:e4:b7:98:91:3a:30:7a:fb:
14:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B8:0E:94:DA:56:76:4E:56:D1:7F:06:C9:17:3C:05:9B:BB:26:89
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.40.0/24
150.241.135.0/24
155.117.248.0/22
Signature Algorithm: sha256WithRSAEncryption
71:36:ba:8a:be:97:22:dc:cf:6a:f5:0c:ae:80:67:88:2e:8a:
36:f3:be:2f:82:4c:c1:bf:de:4b:37:46:16:2f:b2:20:f1:9c:
40:04:82:c9:6c:c8:39:7e:b4:db:3d:df:17:da:69:5b:cd:5a:
a6:ff:bb:9c:1d:3f:68:f0:ad:6d:8f:e8:d3:81:ae:47:a0:a2:
c9:f6:a6:91:9a:3c:3a:2e:98:fc:e3:8c:fb:bc:b7:f5:a6:7f:
51:f0:eb:3e:15:c4:ba:03:6f:45:14:0f:11:f9:ef:90:26:40:
61:d4:b9:bb:9c:f1:86:a9:8f:05:b4:e5:1a:43:cf:61:8a:cd:
fd:80:65:9b:d6:f1:3c:96:9b:53:74:a7:97:75:19:f8:9c:88:
f5:85:c9:c9:15:82:9b:e9:4c:44:87:78:e0:f8:1b:74:50:57:
a8:10:a2:54:f4:c7:42:f1:3f:e9:36:d3:df:5b:d9:8e:eb:7b:
d4:4b:c5:4d:bc:84:a9:82:e1:7c:d0:31:47:dd:2f:01:a9:c1:
7f:f2:37:f2:55:1b:76:0d:a3:a3:a4:f5:3e:4e:d6:86:af:6d:
28:7d:67:b9:5d:6f:19:ea:26:ed:25:16:32:f4:ed:bb:31:53:
ff:77:c0:fc:c8:b1:f7:92:4c:a0:3a:17:21:10:70:0d:5e:09:
ae:c7:28:4c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUb2FL7YjdrZ/loHJZBH8ZHvZnD/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MjgxMDM3MzZaFw0yNjA0MjcxMDQyMzZaMDMxMTAvBgNV
BAMTKEExQjgwRTk0REE1Njc2NEU1NkQxN0YwNkM5MTczQzA1OUJCQjI2ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4/wJT+Y/Ll5dipVJx+tM0sEr7
6uibSxpdrN9u1+yvBL1+086UgTuoNz3KTNMf494XrM1vJde1Lq+ALd5ExrRGJ5Lq
+B90TioRbLqUtRW2g4LEgkvpGozSIyoBq7MvidIgqFaxUkpJHtjrYPlssSoy8sKt
FVbXEJdvkpE55fXLCBA94O+B5e3cU1sUjja0o/lDpoEzVcw1z1igHWl5oBSEricc
CfVzDMwZBQ41n/DChn7pHwBgZNVMYMbxgE7okw8cmi5QsgVK7/ntvKWjVra/OmbT
ycIP50NwdNAjkWwOVSOxe+DmWAcP89LMJtOJf2Ly65csyYnkt5iROjB6+xSzAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUobgOlNpWdk5W0X8GyRc8BZu7JokwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkd8o
AwQAlvGHAwQCm3X4MA0GCSqGSIb3DQEBCwUAA4IBAQBxNrqKvpci3M9q9QyugGeI
Loo2874vgkzBv95LN0YWL7Ig8ZxABILJbMg5frTbPd8X2mlbzVqm/7ucHT9o8K1t
j+jTga5HoKLJ9qaRmjw6Lpj844z7vLf1pn9R8Os+FcS6A29FFA8R+e+QJkBh1Lm7
nPGGqY8FtOUaQ89his39gGWb1vE8lptTdKeXdRn4nIj1hcnJFYKb6UxEh3jg+Bt0
UFeoEKJU9MdC8T/pNtPfW9mO63vUS8VNvISpguF80DFH3S8BqcF/8jfyVRt2DaOj
pPU+TtaGr20ofWe5XW8Z6ibtJRYy9O27MVP/d8D8yLH3kkygOhchEHANXgmuxyhM
-----END CERTIFICATE-----
Generated at Tue May 6 05:19:11 2025 by rpki-client