Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS55201.roa
File: AS55201.roa (raw, json)
Hash identifier: W9akiwowFxZguUG1S3bDrmvhqvzyS4UqMxRqLYtwd4U=
Subject key identifier: F4:53:BC:43:59:14:39:3E:8C:18:99:0F:9D:0C:6E:C0:F5:0F:B0:26
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3775975E42D0B8C11CF27E93721E388B53EA7205
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS55201.roa
Signing time: Thu 14 Aug 2025 19:47:26 +0000
ROA not before: Thu 14 Aug 2025 19:42:26 +0000
ROA not after: Thu 13 Aug 2026 19:47:26 +0000
asID: 55201
IP address blocks: 96.62.0.0/19 maxlen: 24
96.62.37.0/24 maxlen: 24
96.62.45.0/24 maxlen: 24
96.62.47.0/24 maxlen: 24
96.62.48.0/23 maxlen: 24
96.62.50.0/23 maxlen: 24
96.62.52.0/23 maxlen: 24
96.62.54.0/24 maxlen: 24
96.62.55.0/24 maxlen: 24
96.62.56.0/24 maxlen: 24
96.62.57.0/24 maxlen: 24
96.62.58.0/24 maxlen: 24
96.62.60.0/23 maxlen: 24
96.62.62.0/23 maxlen: 24
96.62.79.0/24 maxlen: 24
96.62.80.0/23 maxlen: 24
96.62.82.0/23 maxlen: 24
96.62.85.0/24 maxlen: 24
96.62.86.0/23 maxlen: 24
96.62.88.0/24 maxlen: 24
96.62.90.0/23 maxlen: 24
96.62.92.0/23 maxlen: 24
96.62.94.0/23 maxlen: 24
96.62.98.0/23 maxlen: 24
96.62.135.0/24 maxlen: 24
96.62.149.0/24 maxlen: 24
96.62.150.0/24 maxlen: 24
96.62.151.0/24 maxlen: 24
148.135.216.0/23 maxlen: 24
148.135.218.0/23 maxlen: 24
148.135.224.0/23 maxlen: 24
148.135.226.0/23 maxlen: 24
148.135.232.0/23 maxlen: 24
148.135.234.0/23 maxlen: 24
148.135.240.0/23 maxlen: 24
148.135.242.0/23 maxlen: 24
148.135.248.0/23 maxlen: 24
148.135.250.0/23 maxlen: 24
150.241.146.0/23 maxlen: 24
150.241.148.0/23 maxlen: 24
150.241.150.0/23 maxlen: 24
150.241.152.0/23 maxlen: 24
150.241.154.0/23 maxlen: 24
150.241.156.0/23 maxlen: 24
150.241.158.0/23 maxlen: 24
150.241.160.0/23 maxlen: 24
150.241.162.0/23 maxlen: 24
150.241.164.0/23 maxlen: 24
150.241.166.0/23 maxlen: 24
150.241.168.0/23 maxlen: 24
150.241.170.0/23 maxlen: 24
150.241.172.0/23 maxlen: 24
150.241.176.0/23 maxlen: 24
150.241.178.0/23 maxlen: 24
150.241.180.0/23 maxlen: 24
150.241.182.0/23 maxlen: 24
150.241.184.0/23 maxlen: 24
150.241.186.0/23 maxlen: 24
150.241.188.0/23 maxlen: 24
150.241.190.0/23 maxlen: 24
167.148.97.0/24 maxlen: 24
167.148.98.0/24 maxlen: 24
167.148.104.0/24 maxlen: 24
167.148.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:75:97:5e:42:d0:b8:c1:1c:f2:7e:93:72:1e:38:8b:53:ea:72:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 14 19:42:26 2025 GMT
Not After : Aug 13 19:47:26 2026 GMT
Subject: CN=F453BC435914393E8C18990F9D0C6EC0F50FB026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:97:80:61:de:78:d3:b2:a3:64:de:e2:c5:
99:fe:8f:71:46:f9:16:43:79:f5:4d:15:23:d4:73:
2b:bb:03:4f:4e:31:2f:4e:1f:07:36:cd:7c:dd:14:
4f:b4:89:13:9b:4e:91:e3:a6:c3:15:c3:e6:c1:20:
e6:9e:e8:09:83:c0:92:d8:90:88:15:51:b4:f6:aa:
1a:fb:f7:d1:ce:93:d6:f9:2b:bb:99:05:ff:62:d2:
63:96:2c:ec:8d:3f:12:95:ce:3d:32:4f:97:b0:d1:
92:8f:c2:a0:18:65:0f:66:47:e7:51:e3:5f:f4:ae:
6c:ac:91:6f:00:bb:17:aa:ad:46:52:b8:12:06:7d:
c0:a9:00:ea:c7:bf:b9:59:6b:ec:9e:b5:6a:1f:23:
87:4e:e6:ce:f7:b9:29:fc:84:63:63:5e:3c:f5:87:
6e:39:cf:1f:a6:96:b4:e7:d4:97:89:60:6e:db:fc:
57:25:02:23:93:8f:7b:c5:d9:ea:19:87:69:bf:15:
73:6e:c7:ad:37:b4:e0:23:3c:74:ef:35:cd:3c:59:
7b:63:58:91:82:74:e3:1f:ee:ad:79:78:02:ec:e3:
98:6e:d5:45:d6:6f:ea:57:55:af:67:2a:cb:08:97:
81:83:cb:ed:7f:ea:68:bc:e3:f3:19:c4:0b:15:ed:
f2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:53:BC:43:59:14:39:3E:8C:18:99:0F:9D:0C:6E:C0:F5:0F:B0:26
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS55201.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.0.0/19
96.62.37.0/24
96.62.45.0/24
96.62.47.0-96.62.58.255
96.62.60.0/22
96.62.79.0-96.62.83.255
96.62.85.0-96.62.88.255
96.62.90.0-96.62.95.255
96.62.98.0/23
96.62.135.0/24
96.62.149.0-96.62.151.255
148.135.216.0/22
148.135.224.0/22
148.135.232.0/22
148.135.240.0/22
148.135.248.0/22
150.241.146.0-150.241.173.255
150.241.176.0/20
167.148.97.0-167.148.98.255
167.148.104.0/24
167.148.112.0/24
Signature Algorithm: sha256WithRSAEncryption
47:f9:bf:5d:e3:62:6a:f2:28:c2:8e:2b:3a:c3:ee:3a:75:84:
41:29:4d:54:a6:ad:7b:a9:a9:7d:fd:8e:00:fd:cb:9e:6a:c8:
4a:20:38:e0:db:b9:a8:c4:ff:ad:98:59:82:81:dd:2c:49:ea:
c9:6b:68:36:bf:59:5c:e3:2e:54:ba:46:af:2c:5d:a5:7e:ee:
22:33:51:1b:d0:11:cb:12:a4:f4:19:06:28:7e:0d:26:22:a5:
b4:8b:b4:ad:78:92:1f:a5:76:08:65:74:af:bc:30:74:32:ec:
ab:c9:48:fb:19:41:3f:8f:ac:17:d3:78:b9:57:04:1d:ac:69:
9b:9b:d0:98:31:95:b9:69:6b:9b:03:f0:8c:cc:8e:36:81:0c:
13:01:28:57:73:a0:05:35:b7:5c:69:c4:02:08:24:65:f9:e1:
28:84:88:68:5d:2b:e6:34:8d:95:dd:be:9f:03:aa:15:ea:a9:
a4:9c:82:25:6b:63:a3:bd:86:16:45:3d:9e:5e:01:b2:fd:db:
bf:c8:79:6a:bc:94:ca:91:e5:62:22:cb:91:2e:5d:6c:ef:17:
63:98:6c:39:20:43:e8:81:f5:45:6f:bd:76:b8:32:81:7d:86:
ba:d2:de:d6:c4:e5:aa:b9:07:01:ff:6c:c5:1e:79:58:99:e0:
99:50:0a:1a
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIUN3WXXkLQuMEc8n6Tch44i1PqcgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTQxOTQyMjZaFw0yNjA4MTMxOTQ3MjZaMDMxMTAvBgNV
BAMTKEY0NTNCQzQzNTkxNDM5M0U4QzE4OTkwRjlEMEM2RUMwRjUwRkIwMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrXZeAYd5407KjZN7ixZn+j3FG
+RZDefVNFSPUcyu7A09OMS9OHwc2zXzdFE+0iRObTpHjpsMVw+bBIOae6AmDwJLY
kIgVUbT2qhr799HOk9b5K7uZBf9i0mOWLOyNPxKVzj0yT5ew0ZKPwqAYZQ9mR+dR
41/0rmyskW8AuxeqrUZSuBIGfcCpAOrHv7lZa+yetWofI4dO5s73uSn8hGNjXjz1
h245zx+mlrTn1JeJYG7b/FclAiOTj3vF2eoZh2m/FXNux603tOAjPHTvNc08WXtj
WJGCdOMf7q15eALs45hu1UXWb+pXVa9nKssIl4GDy+1/6mi84/MZxAsV7fIXAgMB
AAGjggK+MIICujAdBgNVHQ4EFgQU9FO8Q1kUOT6MGJkPnQxuwPUPsCYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTUyMDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgdMGCCsGAQUFBwEHAQH/BIHDMIHAMIG9BAIAATCBtgME
BWA+AAMEAGA+JQMEAGA+LTAMAwQAYD4vAwQAYD46AwQCYD48MAwDBABgPk8DBAJg
PlAwDAMEAGA+VQMEAGA+WDAMAwQBYD5aAwQFYD5AAwQBYD5iAwQAYD6HMAwDBABg
PpUDBANgPpADBAKUh9gDBAKUh+ADBAKUh+gDBAKUh/ADBAKUh/gwDAMEAZbxkgME
AZbxrAMEBJbxsDAMAwQAp5RhAwQAp5RiAwQAp5RoAwQAp5RwMA0GCSqGSIb3DQEB
CwUAA4IBAQBH+b9d42Jq8ijCjis6w+46dYRBKU1Upq17qal9/Y4A/cueashKIDjg
27moxP+tmFmCgd0sSerJa2g2v1lc4y5UukavLF2lfu4iM1Eb0BHLEqT0GQYofg0m
IqW0i7SteJIfpXYIZXSvvDB0MuyryUj7GUE/j6wX03i5VwQdrGmbm9CYMZW5aWub
A/CMzI42gQwTAShXc6AFNbdcacQCCCRl+eEohIhoXSvmNI2V3b6fA6oV6qmknIIl
a2OjvYYWRT2eXgGy/du/yHlqvJTKkeViIsuRLl1s7xdjmGw5IEPogfVFb712uDKB
fYa60t7WxOWquQcB/2zFHnlYmeCZUAoa
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:48:54 2025 by rpki-client