Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS400342.roa
File: AS400342.roa (raw, json)
Hash identifier: PZR+OwA578x/qHWW4K/9hj0DNeuBIbkEgto49Jgdy6k=
Subject key identifier: B6:A6:3F:3A:F9:9D:5E:63:48:DE:B4:58:57:45:B2:7D:3C:6B:4B:4E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3ADC915F67D78D16915CC958D8416BCB7183A668
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS400342.roa
Signing time: Sat 16 Aug 2025 14:14:53 +0000
ROA not before: Sat 16 Aug 2025 14:09:53 +0000
ROA not after: Sat 15 Aug 2026 14:14:53 +0000
asID: 400342
IP address blocks: 155.117.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:dc:91:5f:67:d7:8d:16:91:5c:c9:58:d8:41:6b:cb:71:83:a6:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 16 14:09:53 2025 GMT
Not After : Aug 15 14:14:53 2026 GMT
Subject: CN=B6A63F3AF99D5E6348DEB4585745B27D3C6B4B4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8c:49:7a:7d:b5:2c:cf:59:20:b3:56:8c:cf:
ad:65:db:87:85:9d:d5:62:f3:76:24:4b:0d:3d:3c:
b1:c6:db:a7:ce:f9:fa:2c:01:66:62:bb:20:f0:a5:
f4:31:b7:07:82:4d:bd:14:32:9b:52:cc:33:4e:19:
e4:6f:3d:61:14:af:d0:38:a1:f8:1a:b7:d7:eb:4b:
7f:5e:a7:9b:69:28:ab:24:f0:a7:37:7b:53:bf:93:
a8:16:93:09:46:e5:47:e7:f9:21:86:06:c1:31:1c:
d0:6b:51:76:44:c3:e2:50:62:1c:b7:cd:12:68:3d:
04:9e:4b:f4:e8:04:08:82:ba:c3:a1:76:bf:8f:6d:
1a:14:6c:66:50:64:85:cc:75:65:cd:e4:1f:c8:7e:
b2:27:c0:a7:0a:ac:7b:3d:2b:11:64:d6:15:1e:19:
06:b6:43:0a:49:33:a8:52:7f:1b:43:5a:41:45:ed:
28:42:3b:fb:74:63:dd:2b:5a:bd:3a:b7:4f:75:78:
86:8e:a5:f6:94:6d:40:d7:c7:50:d0:d1:75:20:a2:
25:2a:e6:e6:8e:c0:e6:cf:0a:af:12:ed:11:a6:35:
ae:c5:7b:41:34:cb:4c:db:07:69:bf:a2:66:86:40:
34:78:42:91:95:dd:07:ee:82:11:95:9c:70:c6:e8:
79:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A6:3F:3A:F9:9D:5E:63:48:DE:B4:58:57:45:B2:7D:3C:6B:4B:4E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS400342.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.148.0/24
Signature Algorithm: sha256WithRSAEncryption
94:a2:b4:f0:56:70:c2:a5:07:90:35:b2:f1:c8:9b:55:78:60:
9c:3d:41:cf:56:cb:3e:96:df:57:86:2d:da:57:94:26:ca:51:
e6:71:2e:7e:1e:39:c6:36:49:74:71:7a:84:6c:db:2a:82:d6:
30:91:0d:02:4d:45:dd:76:8c:ee:7e:22:8b:3c:bc:7e:29:e3:
1a:c3:88:72:39:26:94:21:1d:fa:9c:2c:97:80:2a:95:02:99:
6e:bd:87:e5:39:f3:67:35:42:e9:06:40:5a:d6:9f:8a:87:d9:
17:97:43:e4:2b:90:0b:31:49:51:ae:93:d6:89:70:70:7b:23:
a2:dc:99:eb:08:75:71:5d:2d:e5:ed:e3:0b:18:03:85:fd:0c:
84:22:61:98:e2:59:11:da:26:eb:f7:82:45:7b:9d:ae:8b:5b:
77:de:89:7f:2c:29:3c:9e:2d:0d:37:de:a5:3d:aa:65:8d:98:
12:5c:a7:47:26:94:69:55:35:dc:ed:bc:d5:5c:41:2c:39:71:
cf:23:36:a6:35:03:95:62:b5:3a:b1:57:1e:ab:2f:a1:c4:3c:
63:84:38:2c:4a:21:2c:5d:4a:fe:93:d7:9b:00:d7:db:b0:e3:
76:93:21:f9:70:8e:3a:5b:39:5d:ed:d6:58:1a:8e:f5:2f:99:
77:b2:82:1d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUOtyRX2fXjRaRXMlY2EFry3GDpmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTYxNDA5NTNaFw0yNjA4MTUxNDE0NTNaMDMxMTAvBgNV
BAMTKEI2QTYzRjNBRjk5RDVFNjM0OERFQjQ1ODU3NDVCMjdEM0M2QjRCNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYjEl6fbUsz1kgs1aMz61l24eF
ndVi83YkSw09PLHG26fO+fosAWZiuyDwpfQxtweCTb0UMptSzDNOGeRvPWEUr9A4
ofgat9frS39ep5tpKKsk8Kc3e1O/k6gWkwlG5Ufn+SGGBsExHNBrUXZEw+JQYhy3
zRJoPQSeS/ToBAiCusOhdr+PbRoUbGZQZIXMdWXN5B/IfrInwKcKrHs9KxFk1hUe
GQa2QwpJM6hSfxtDWkFF7ShCO/t0Y90rWr06t091eIaOpfaUbUDXx1DQ0XUgoiUq
5uaOwObPCq8S7RGmNa7Fe0E0y0zbB2m/omaGQDR4QpGV3QfughGVnHDG6HkHAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUtqY/OvmdXmNI3rRYV0WyfTxrS04wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDAwMzQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAm3WU
MA0GCSqGSIb3DQEBCwUAA4IBAQCUorTwVnDCpQeQNbLxyJtVeGCcPUHPVss+lt9X
hi3aV5QmylHmcS5+HjnGNkl0cXqEbNsqgtYwkQ0CTUXddozufiKLPLx+KeMaw4hy
OSaUIR36nCyXgCqVApluvYflOfNnNULpBkBa1p+Kh9kXl0PkK5ALMUlRrpPWiXBw
eyOi3JnrCHVxXS3l7eMLGAOF/QyEImGY4lkR2ibr94JFe52ui1t33ol/LCk8ni0N
N96lPapljZgSXKdHJpRpVTXc7bzVXEEsOXHPIzamNQOVYrU6sVceqy+hxDxjhDgs
SiEsXUr+k9ebANfbsON2kyH5cI46Wzld7dZYGo71L5l3soId
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:41:40 2025 by rpki-client