Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63150.roa
File: AS63150.roa (raw, json)
Hash identifier: mYY0R2LZt1KYVWIhgNw2s9By4m6VmGifmC9nIHBl1FI=
Subject key identifier: 3C:43:C8:EB:87:3E:E0:E3:95:3B:6E:E4:4D:1E:AD:B2:2A:8E:98:D0
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 309FAA6C22F72F85DA65EB6E8955B1DA31C172BD
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63150.roa
Signing time: Wed 13 Aug 2025 16:17:09 +0000
ROA not before: Wed 13 Aug 2025 16:12:09 +0000
ROA not after: Wed 12 Aug 2026 16:17:09 +0000
asID: 63150
IP address blocks: 143.14.13.0/24 maxlen: 24
148.135.184.0/24 maxlen: 24
148.135.187.0/24 maxlen: 24
155.117.18.0/24 maxlen: 24
155.117.19.0/24 maxlen: 24
155.117.211.0/24 maxlen: 24
162.141.130.0/24 maxlen: 24
162.141.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:9f:aa:6c:22:f7:2f:85:da:65:eb:6e:89:55:b1:da:31:c1:72:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 13 16:12:09 2025 GMT
Not After : Aug 12 16:17:09 2026 GMT
Subject: CN=3C43C8EB873EE0E3953B6EE44D1EADB22A8E98D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f6:92:5c:b4:e0:fb:3f:24:03:d6:80:84:e6:
d8:13:ff:9e:c7:cc:c6:c8:df:b7:c9:34:d8:5b:db:
ed:ee:16:aa:69:37:d7:ac:e0:0e:49:7f:19:93:38:
fb:a7:e9:ce:4c:47:71:ec:4f:5f:ce:a4:af:bd:88:
97:e6:16:db:b8:25:85:f6:0f:4a:16:a0:eb:7f:09:
25:a4:67:7e:50:7f:34:00:ee:32:30:b9:fc:05:83:
8b:06:54:f5:a7:57:ef:f1:a8:f0:b0:e8:54:f8:5f:
7d:ab:56:d4:d3:fe:73:e9:53:4d:bd:ca:53:c0:a4:
25:85:38:25:bf:73:77:4d:a2:d6:5f:2b:8f:99:4d:
8e:46:8b:3f:88:99:76:f4:a5:91:52:e5:b2:c8:c2:
bb:a5:17:2c:ed:59:75:cc:a6:5f:35:ef:f0:81:30:
bd:2e:b1:7c:ae:f0:a3:0c:e4:01:cf:4d:5b:5a:c2:
1c:6a:9d:23:a8:ae:e2:d7:e2:d4:b6:43:52:8e:12:
fd:8b:75:b6:e9:81:98:a1:fa:67:be:9c:5f:dc:08:
25:cb:f4:22:de:f0:c9:d0:47:4c:aa:d7:b5:26:fe:
dd:8b:6d:5a:59:2c:92:09:1d:a5:2c:92:4f:d3:20:
5e:fe:ac:ea:71:a3:37:49:7c:ac:42:b5:a9:4c:dd:
67:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:43:C8:EB:87:3E:E0:E3:95:3B:6E:E4:4D:1E:AD:B2:2A:8E:98:D0
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS63150.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.13.0/24
148.135.184.0/24
148.135.187.0/24
155.117.18.0/23
155.117.211.0/24
162.141.130.0/23
Signature Algorithm: sha256WithRSAEncryption
37:65:96:7e:07:5d:79:56:32:96:a5:77:5d:f0:3e:4f:e1:74:
95:30:8c:b9:e9:04:f9:cc:4b:52:c1:6f:de:dd:14:96:f9:2d:
ad:f1:f8:0a:3f:db:13:e8:34:ed:4e:ed:b5:ad:6c:12:81:f3:
2e:bb:b5:d2:19:c5:35:c0:d3:34:f2:c0:46:5e:86:94:06:0e:
bc:2d:48:c2:01:15:db:01:f9:7f:e4:f7:01:dc:b5:99:1d:bd:
b7:53:1f:49:e6:8e:ac:6d:94:a0:ce:48:24:60:7f:79:de:2d:
d9:3d:fd:72:70:aa:e3:90:9b:4a:a9:c6:91:9c:cc:a2:b6:52:
fb:3e:00:f1:8b:0f:d0:9f:51:79:73:37:b1:f0:1b:c9:0e:d3:
2e:83:c8:2b:58:39:e1:e1:78:9c:e2:ba:9a:8c:e9:57:c3:bd:
0f:cf:1e:ed:5a:48:74:68:1d:cb:8e:0f:57:21:bb:47:5d:33:
23:63:3f:c9:6f:1d:00:91:04:f1:62:cd:76:33:af:e3:2b:e4:
83:b1:3f:e9:58:52:36:01:a8:df:86:b5:b9:13:4f:8e:56:7d:
55:3d:fd:a6:76:e2:23:f1:80:72:5a:a0:21:0d:c3:67:8b:90:
c0:7d:a1:54:f4:a2:d8:6f:bf:6b:62:7e:16:70:7b:2a:f3:3c:
87:92:32:73
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUMJ+qbCL3L4XaZetuiVWx2jHBcr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTMxNjEyMDlaFw0yNjA4MTIxNjE3MDlaMDMxMTAvBgNV
BAMTKDNDNDNDOEVCODczRUUwRTM5NTNCNkVFNDREMUVBREIyMkE4RTk4RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL9pJctOD7PyQD1oCE5tgT/57H
zMbI37fJNNhb2+3uFqppN9es4A5JfxmTOPun6c5MR3HsT1/OpK+9iJfmFtu4JYX2
D0oWoOt/CSWkZ35QfzQA7jIwufwFg4sGVPWnV+/xqPCw6FT4X32rVtTT/nPpU029
ylPApCWFOCW/c3dNotZfK4+ZTY5Giz+ImXb0pZFS5bLIwrulFyztWXXMpl817/CB
ML0usXyu8KMM5AHPTVtawhxqnSOoruLX4tS2Q1KOEv2LdbbpgZih+me+nF/cCCXL
9CLe8MnQR0yq17Um/t2LbVpZLJIJHaUskk/TIF7+rOpxozdJfKxCtalM3WffAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUPEPI64c+4OOVO27kTR6tsiqOmNAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjMxNTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACPDg0D
BACUh7gDBACUh7sDBAGbdRIDBACbddMDBAGijYIwDQYJKoZIhvcNAQELBQADggEB
ADdlln4HXXlWMpald13wPk/hdJUwjLnpBPnMS1LBb97dFJb5La3x+Ao/2xPoNO1O
7bWtbBKB8y67tdIZxTXA0zTywEZehpQGDrwtSMIBFdsB+X/k9wHctZkdvbdTH0nm
jqxtlKDOSCRgf3neLdk9/XJwquOQm0qpxpGczKK2Uvs+APGLD9CfUXlzN7HwG8kO
0y6DyCtYOeHheJziupqM6VfDvQ/PHu1aSHRoHcuOD1chu0ddMyNjP8lvHQCRBPFi
zXYzr+Mr5IOxP+lYUjYBqN+GtbkTT45WfVU9/aZ24iPxgHJaoCENw2eLkMB9oVT0
othvv2tifhZweyrzPIeSMnM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:48:23 2025 by rpki-client