Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398704.roa
File: AS398704.roa (raw, json)
Hash identifier: YB4Dm2yNDOR4LC4uns/ooBWe+wzaJRPd0GVKVstmBs0=
Subject key identifier: 3A:07:92:A1:FC:D3:2C:76:03:32:57:7A:A6:7A:2C:57:03:F4:7A:DB
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3FA9FCF906C5D15DCBC693534BE453C6388B8222
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398704.roa
Signing time: Tue 06 May 2025 10:20:27 +0000
ROA not before: Tue 06 May 2025 10:15:27 +0000
ROA not after: Tue 05 May 2026 10:20:27 +0000
asID: 398704
IP address blocks: 143.14.35.0/24 maxlen: 24
143.14.64.0/24 maxlen: 24
143.14.67.0/24 maxlen: 24
143.14.70.0/24 maxlen: 24
143.14.138.0/24 maxlen: 24
143.14.139.0/24 maxlen: 24
143.14.150.0/24 maxlen: 24
143.14.151.0/24 maxlen: 24
143.14.192.0/24 maxlen: 24
143.14.194.0/24 maxlen: 24
143.14.198.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
155.117.154.0/24 maxlen: 24
155.117.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 16:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:a9:fc:f9:06:c5:d1:5d:cb:c6:93:53:4b:e4:53:c6:38:8b:82:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 6 10:15:27 2025 GMT
Not After : May 5 10:20:27 2026 GMT
Subject: CN=3A0792A1FCD32C760332577AA67A2C5703F47ADB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:c5:af:f4:c1:75:b7:b6:44:21:2a:ee:ad:
0a:42:73:e5:89:78:39:fe:85:83:99:3b:9d:41:3a:
34:9e:fc:19:5d:2f:2e:d3:58:68:0d:2e:83:29:17:
52:f1:5d:98:e2:1d:9e:08:ed:c4:e0:07:3e:3e:2c:
8c:c1:91:9f:70:1d:6b:aa:93:dc:89:8e:49:0f:14:
de:8a:57:99:86:f5:73:f6:7c:02:a0:55:a5:ed:6e:
16:04:0a:1a:b1:32:87:3f:3d:6c:0c:bc:4f:b8:59:
91:79:32:ff:6d:81:40:d4:14:a7:21:c6:7c:c6:3a:
8f:af:2b:73:da:89:41:e0:ce:ec:08:d3:dd:20:01:
cd:02:b5:98:79:8a:96:f5:ff:94:16:b2:a4:1b:2b:
72:c7:39:1f:14:0a:0f:bb:5c:51:60:95:a4:71:bc:
f1:75:b2:6d:2c:1d:24:4b:57:66:08:b0:45:72:94:
09:d3:18:fc:50:b9:69:96:f7:94:88:3a:68:f6:03:
e0:e4:f9:89:c9:40:8d:93:ba:06:8a:9c:a5:06:fd:
b1:9f:be:bd:65:11:26:23:92:a7:e0:62:81:4e:eb:
f4:83:bb:7a:d9:4a:9b:45:8a:35:23:44:d9:32:44:
7e:fd:96:56:be:9b:93:f0:7e:b7:56:d3:da:34:cc:
5d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:07:92:A1:FC:D3:2C:76:03:32:57:7A:A6:7A:2C:57:03:F4:7A:DB
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398704.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.35.0/24
143.14.64.0/24
143.14.67.0/24
143.14.70.0/24
143.14.138.0/23
143.14.150.0/23
143.14.192.0/24
143.14.194.0/24
143.14.198.0/24
155.117.6.0/24
155.117.154.0/24
155.117.210.0/24
Signature Algorithm: sha256WithRSAEncryption
38:04:5a:88:77:c8:29:8a:4b:38:66:c8:cd:63:a0:dd:6c:7b:
e7:a7:81:ec:49:68:53:94:fa:de:e5:bd:30:2b:b4:b5:1f:47:
51:a7:7a:7b:07:57:53:f3:0c:cd:ce:62:d9:47:c3:0b:25:42:
63:8f:08:44:a7:fa:3a:c3:fe:35:91:2a:25:f3:ae:08:42:7c:
f7:69:66:58:d7:e2:fa:25:c5:ab:03:07:20:08:59:f9:92:57:
cd:49:4d:84:24:01:29:f0:2f:ed:d6:11:c3:04:7c:a4:6d:6b:
91:6e:8b:5d:e2:ea:6a:3f:9a:ab:f1:bc:84:7a:a2:2d:b5:24:
d4:2b:28:66:fc:a3:29:b8:a2:00:d0:53:7a:02:28:e4:9f:9d:
d4:c9:dd:f9:ba:78:e1:2b:d2:30:09:d6:6e:e9:bc:cd:f2:7f:
17:c5:81:5b:85:dc:fc:14:63:75:b7:67:0e:0c:aa:57:07:6a:
dc:27:a3:ff:d5:5e:af:e8:86:6d:89:f7:0b:af:3d:16:37:22:
24:35:3b:79:a1:cd:5b:3d:3a:ac:01:cc:63:a1:cf:be:fe:da:
a2:79:3b:d0:fc:57:2c:5d:d3:a3:97:48:63:1c:70:6f:61:43:
fe:6f:e7:01:fe:27:99:22:04:f2:11:e1:0e:23:2f:88:38:22:
b2:e7:06:5b
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUP6n8+QbF0V3LxpNTS+RTxjiLgiIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDYxMDE1MjdaFw0yNjA1MDUxMDIwMjdaMDMxMTAvBgNV
BAMTKDNBMDc5MkExRkNEMzJDNzYwMzMyNTc3QUE2N0EyQzU3MDNGNDdBREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1rcWv9MF1t7ZEISrurQpCc+WJ
eDn+hYOZO51BOjSe/BldLy7TWGgNLoMpF1LxXZjiHZ4I7cTgBz4+LIzBkZ9wHWuq
k9yJjkkPFN6KV5mG9XP2fAKgVaXtbhYEChqxMoc/PWwMvE+4WZF5Mv9tgUDUFKch
xnzGOo+vK3PaiUHgzuwI090gAc0CtZh5ipb1/5QWsqQbK3LHOR8UCg+7XFFglaRx
vPF1sm0sHSRLV2YIsEVylAnTGPxQuWmW95SIOmj2A+Dk+YnJQI2TugaKnKUG/bGf
vr1lESYjkqfgYoFO6/SDu3rZSptFijUjRNkyRH79lla+m5PwfrdW09o0zF1jAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUOgeSofzTLHYDMld6pnosVwP0etswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk4NzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAjw4j
AwQAjw5AAwQAjw5DAwQAjw5GAwQBjw6KAwQBjw6WAwQAjw7AAwQAjw7CAwQAjw7G
AwQAm3UGAwQAm3WaAwQAm3XSMA0GCSqGSIb3DQEBCwUAA4IBAQA4BFqId8gpiks4
ZsjNY6DdbHvnp4HsSWhTlPre5b0wK7S1H0dRp3p7B1dT8wzNzmLZR8MLJUJjjwhE
p/o6w/41kSol864IQnz3aWZY1+L6JcWrAwcgCFn5klfNSU2EJAEp8C/t1hHDBHyk
bWuRbotd4upqP5qr8byEeqIttSTUKyhm/KMpuKIA0FN6Aijkn53Uyd35unjhK9Iw
CdZu6bzN8n8XxYFbhdz8FGN1t2cODKpXB2rcJ6P/1V6v6IZtifcLrz0WNyIkNTt5
oc1bPTqsAcxjoc++/tqieTvQ/FcsXdOjl0hjHHBvYUP+b+cB/ieZIgTyEeEOIy+I
OCKy5wZb
-----END CERTIFICATE-----
Generated at Sat May 10 08:18:30 2025 by rpki-client