Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: Vtnc30jdrdusYij3ej/jhr81R+QvQw9W8A1A4B8Uekc=
Subject key identifier: 9B:1A:91:18:1A:4D:D3:5D:47:AC:0B:50:2B:06:FF:3A:70:45:0B:1B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3BE8F03036694599170C203B1F5B6C1328A7A838
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
Signing time: Fri 26 Sep 2025 08:42:10 +0000
ROA not before: Fri 26 Sep 2025 08:37:10 +0000
ROA not after: Fri 25 Sep 2026 08:42:10 +0000
asID: 42831
IP address blocks: 148.135.207.0/24 maxlen: 24
150.241.132.0/24 maxlen: 24
150.241.133.0/24 maxlen: 24
150.241.134.0/24 maxlen: 24
150.241.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:e8:f0:30:36:69:45:99:17:0c:20:3b:1f:5b:6c:13:28:a7:a8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 26 08:37:10 2025 GMT
Not After : Sep 25 08:42:10 2026 GMT
Subject: CN=9B1A91181A4DD35D47AC0B502B06FF3A70450B1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2c:e7:6c:92:e9:34:6d:83:58:a1:2a:70:90:
f5:1f:cd:04:9d:8c:5c:7d:84:75:d0:14:bd:b7:e9:
0e:02:c0:5e:3a:0c:4e:b2:2f:2f:c2:ce:29:28:c5:
73:24:03:1a:0e:46:d7:88:e9:af:f7:12:f9:a4:58:
9d:e2:af:b5:c6:02:b8:60:16:80:f4:df:b1:61:72:
88:da:d9:e9:63:8b:fb:1c:67:ec:a0:fa:a5:74:76:
0d:a2:45:ff:d7:ce:d3:b2:13:1f:f3:4d:bf:7f:ee:
d0:0c:5d:56:aa:a9:c1:0b:cc:6a:1f:d1:7a:9e:b5:
96:29:b9:55:86:c3:9a:92:a2:f1:6e:b5:06:6c:3a:
3d:d2:89:6f:88:56:c4:cc:e9:33:16:61:5c:6f:9e:
dc:7d:35:6c:b6:b4:08:48:9e:66:8b:53:0d:fb:a7:
c1:5d:36:c8:e3:5d:46:66:4b:3e:8d:a1:e7:77:72:
83:dc:4b:f3:df:d4:09:4b:4e:95:36:ff:3a:d0:94:
26:2f:e2:40:61:9a:b7:26:06:8b:5e:e7:31:21:cb:
78:80:55:a5:7d:81:57:81:bf:a1:82:a1:ba:d7:85:
d7:50:a0:a2:7d:f8:85:40:ca:8e:2e:30:7f:a0:ab:
b9:69:84:65:ab:aa:f8:ea:2a:56:02:81:01:a0:e7:
1a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1A:91:18:1A:4D:D3:5D:47:AC:0B:50:2B:06:FF:3A:70:45:0B:1B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.207.0/24
150.241.132.0-150.241.134.255
150.241.144.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:92:02:6d:36:9f:38:78:8a:3c:0c:77:62:1d:5d:d5:48:eb:
bf:65:5b:dd:bc:bf:ac:9d:9c:8a:20:83:cc:e1:dc:33:79:3a:
b8:61:3b:2d:20:d3:1f:b5:2a:7c:68:70:53:a8:ab:94:4a:6d:
36:2d:4d:bf:0d:bc:5b:1a:c6:c0:c4:69:c4:b3:74:47:3e:a0:
d1:6b:93:5b:fa:07:22:50:b7:4a:b1:77:53:cf:6e:4d:dc:66:
ea:35:95:5d:50:8c:5f:13:84:29:dd:92:b2:97:51:32:8a:3d:
22:02:86:e1:c1:cf:e5:4f:96:11:c4:07:7f:28:f7:c6:08:e4:
4f:c9:c9:15:22:b3:47:ae:e2:75:fc:93:20:4c:61:63:59:51:
be:5e:5e:25:8e:3d:1e:a9:63:c6:1b:4f:dc:48:3d:91:42:87:
70:d1:87:b9:aa:73:59:c5:30:4f:30:f7:87:f4:4d:53:51:9a:
a2:b9:9c:e9:80:fb:f5:38:5d:a9:42:f7:ca:61:f3:e5:26:66:
07:16:8e:a2:c9:d9:af:53:ae:a1:28:8b:2c:35:b0:62:01:9f:
d7:06:d8:8e:e5:ce:91:c2:94:7e:e6:a6:5a:92:54:6f:15:7b:
2e:34:fb:6a:2a:a8:1b:f2:86:9b:1e:6b:51:f5:93:da:48:81:
8a:b2:9e:bf
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUO+jwMDZpRZkXDCA7H1tsEyinqDgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MjYwODM3MTBaFw0yNjA5MjUwODQyMTBaMDMxMTAvBgNV
BAMTKDlCMUE5MTE4MUE0REQzNUQ0N0FDMEI1MDJCMDZGRjNBNzA0NTBCMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkLOdskuk0bYNYoSpwkPUfzQSd
jFx9hHXQFL236Q4CwF46DE6yLy/CzikoxXMkAxoORteI6a/3EvmkWJ3ir7XGArhg
FoD037Fhcoja2elji/scZ+yg+qV0dg2iRf/XztOyEx/zTb9/7tAMXVaqqcELzGof
0XqetZYpuVWGw5qSovFutQZsOj3SiW+IVsTM6TMWYVxvntx9NWy2tAhInmaLUw37
p8FdNsjjXUZmSz6Noed3coPcS/Pf1AlLTpU2/zrQlCYv4kBhmrcmBote5zEhy3iA
VaV9gVeBv6GCobrXhddQoKJ9+IVAyo4uMH+gq7lphGWrqvjqKlYCgQGg5xrFAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUmxqRGBpN011HrAtQKwb/OnBFCxswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoDBACUh88w
DAMEApbxhAMEAJbxhgMEAJbxkDANBgkqhkiG9w0BAQsFAAOCAQEAWpICbTafOHiK
PAx3Yh1d1Ujrv2Vb3by/rJ2ciiCDzOHcM3k6uGE7LSDTH7UqfGhwU6irlEptNi1N
vw28WxrGwMRpxLN0Rz6g0WuTW/oHIlC3SrF3U89uTdxm6jWVXVCMXxOEKd2SspdR
Moo9IgKG4cHP5U+WEcQHfyj3xgjkT8nJFSKzR67idfyTIExhY1lRvl5eJY49Hqlj
xhtP3Eg9kUKHcNGHuapzWcUwTzD3h/RNU1Gaormc6YD79ThdqUL3ymHz5SZmBxaO
osnZr1OuoSiLLDWwYgGf1wbYjuXOkcKUfuamWpJUbxV7LjT7aiqoG/KGmx5rUfWT
2kiBirKevw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:11:30 2025 by rpki-client