Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: CuzmKkxoL+5g+K0hKTZd/Cmy5s5r0tw40KyP0lzwacU=
Subject key identifier: B7:59:59:71:27:AE:58:D2:BF:7F:5F:C5:CE:29:A2:80:DB:1A:2F:3F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 657800E421C1348F16C5BC7590DA2B2EC90939D0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
Signing time: Fri 02 May 2025 15:43:53 +0000
ROA not before: Fri 02 May 2025 15:38:53 +0000
ROA not after: Fri 01 May 2026 15:43:53 +0000
asID: 397423
IP address blocks: 145.223.44.0/24 maxlen: 24
145.223.54.0/24 maxlen: 24
145.223.58.0/24 maxlen: 24
146.103.5.0/24 maxlen: 24
150.241.226.0/23 maxlen: 24
155.117.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:12:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:78:00:e4:21:c1:34:8f:16:c5:bc:75:90:da:2b:2e:c9:09:39:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 2 15:38:53 2025 GMT
Not After : May 1 15:43:53 2026 GMT
Subject: CN=B759597127AE58D2BF7F5FC5CE29A280DB1A2F3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b7:81:83:a6:1e:06:b7:04:36:9a:0b:8a:1b:
1e:5f:a7:07:40:be:8e:de:a8:bf:75:32:f3:c5:f9:
58:97:5e:f8:b8:c9:57:c3:ee:4e:1d:47:3e:a6:fb:
9b:3d:25:a3:79:99:a6:92:df:9e:b2:ae:29:52:bc:
67:e3:7c:05:cc:47:d5:28:5c:7a:73:1b:44:ac:58:
2c:c2:23:67:da:f9:05:f1:4c:db:82:18:de:58:18:
5b:62:9b:45:ca:37:e8:f9:28:d2:d8:8e:54:13:41:
88:92:d2:8d:39:f1:c1:77:f2:3a:07:2c:32:98:92:
99:44:c9:cd:d3:0d:38:f2:a5:7b:0e:c1:54:f0:3e:
d1:3f:e2:34:d1:9b:c7:d9:5f:75:97:04:c6:ec:e4:
db:2c:c2:f5:f4:5b:2f:ee:c6:50:65:81:3b:05:a0:
bc:0f:70:86:0f:90:61:e3:c6:3e:30:90:11:bb:b3:
10:82:c2:ac:a2:19:ea:ae:51:1f:63:12:a7:37:5e:
5d:5a:d5:89:32:22:97:12:5d:60:1f:c7:aa:5e:0f:
53:b7:44:cf:41:b7:83:e0:ef:19:f7:a1:f6:e5:10:
7f:5e:61:80:9d:dc:6e:fd:43:98:14:72:7e:af:d7:
ff:96:50:c1:d5:00:89:98:17:96:93:33:29:02:46:
fb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:59:59:71:27:AE:58:D2:BF:7F:5F:C5:CE:29:A2:80:DB:1A:2F:3F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.44.0/24
145.223.54.0/24
145.223.58.0/24
146.103.5.0/24
150.241.226.0/23
155.117.246.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:0c:0e:70:95:e1:be:05:49:2c:87:6c:df:7a:29:cc:dc:0f:
17:a3:ca:3e:27:61:5e:41:17:b4:be:dd:ce:02:3e:63:80:cc:
ae:01:62:53:f5:92:ec:7b:bf:7e:76:66:30:5c:e0:87:be:76:
1c:82:91:a4:79:93:57:0f:cf:a7:f0:06:70:1c:16:77:79:af:
66:21:4f:6a:52:66:f8:17:fa:bc:f1:b4:ce:9d:35:f0:98:3b:
45:a6:27:dd:ba:d9:b3:81:72:a9:65:e0:51:e1:e0:33:a2:fa:
7b:a7:d2:4e:95:46:be:fa:fd:a2:40:79:a2:ac:43:1d:22:53:
19:22:45:2f:68:3a:9e:e2:d0:b1:dd:2a:3b:56:c4:69:04:95:
40:05:81:ba:21:fc:85:ac:78:c1:c5:54:97:a8:9a:cf:72:f5:
64:a9:a5:67:f7:de:d1:65:56:12:e2:40:10:a5:b9:2b:c7:bd:
32:6e:4e:6b:0d:ab:e4:a7:94:56:0f:63:77:b3:e4:4e:3b:49:
69:fa:d6:1a:d3:b7:4f:6f:84:5e:3a:fb:e4:c2:28:a8:44:9e:
a5:33:08:8c:8b:76:b3:34:5c:c6:ca:55:30:13:d3:83:6d:10:
b6:39:3a:0f:f2:99:93:a2:39:1c:37:85:af:3f:25:3d:65:5e:
2a:7b:0f:b7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUZXgA5CHBNI8Wxbx1kNorLskJOdAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDIxNTM4NTNaFw0yNjA1MDExNTQzNTNaMDMxMTAvBgNV
BAMTKEI3NTk1OTcxMjdBRTU4RDJCRjdGNUZDNUNFMjlBMjgwREIxQTJGM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEt4GDph4GtwQ2mguKGx5fpwdA
vo7eqL91MvPF+ViXXvi4yVfD7k4dRz6m+5s9JaN5maaS356yrilSvGfjfAXMR9Uo
XHpzG0SsWCzCI2fa+QXxTNuCGN5YGFtim0XKN+j5KNLYjlQTQYiS0o058cF38joH
LDKYkplEyc3TDTjypXsOwVTwPtE/4jTRm8fZX3WXBMbs5NsswvX0Wy/uxlBlgTsF
oLwPcIYPkGHjxj4wkBG7sxCCwqyiGequUR9jEqc3Xl1a1YkyIpcSXWAfx6peD1O3
RM9Bt4Pg7xn3ofblEH9eYYCd3G79Q5gUcn6v1/+WUMHVAImYF5aTMykCRvvJAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUt1lZcSeuWNK/f1/FzimigNsaLz8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAkd8s
AwQAkd82AwQAkd86AwQAkmcFAwQBlvHiAwQAm3X2MA0GCSqGSIb3DQEBCwUAA4IB
AQCoDA5wleG+BUksh2zfeinM3A8Xo8o+J2FeQRe0vt3OAj5jgMyuAWJT9ZLse79+
dmYwXOCHvnYcgpGkeZNXD8+n8AZwHBZ3ea9mIU9qUmb4F/q88bTOnTXwmDtFpifd
utmzgXKpZeBR4eAzovp7p9JOlUa++v2iQHmirEMdIlMZIkUvaDqe4tCx3So7VsRp
BJVABYG6IfyFrHjBxVSXqJrPcvVkqaVn997RZVYS4kAQpbkrx70ybk5rDavkp5RW
D2N3s+ROO0lp+tYa07dPb4ReOvvkwiioRJ6lMwiMi3azNFzGylUwE9ODbRC2OToP
8pmTojkcN4WvPyU9ZV4qew+3
-----END CERTIFICATE-----
Generated at Mon May 5 11:33:45 2025 by rpki-client