Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9232.roa
File: AS9232.roa (raw, json)
Hash identifier: PBA30183eEwXqMb3WDjgImiqHAXXEXPsxF7+CpDOPl4=
Subject key identifier: CB:7D:20:13:92:CB:31:CF:FC:5D:B5:A4:5A:55:5B:D8:41:2B:77:09
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 35668B7D13F0783E2B6F36D6C506E855E9366684
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9232.roa
Signing time: Mon 23 Jun 2025 00:01:59 +0000
ROA not before: Sun 22 Jun 2025 23:56:59 +0000
ROA not after: Mon 22 Jun 2026 00:01:59 +0000
asID: 9232
IP address blocks: 143.14.62.0/24 maxlen: 24
143.14.193.0/24 maxlen: 24
143.14.223.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.102.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.188.0/24 maxlen: 24
162.141.121.0/24 maxlen: 24
167.148.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:66:8b:7d:13:f0:78:3e:2b:6f:36:d6:c5:06:e8:55:e9:36:66:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 22 23:56:59 2025 GMT
Not After : Jun 22 00:01:59 2026 GMT
Subject: CN=CB7D201392CB31CFFC5DB5A45A555BD8412B7709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e7:e5:46:ea:13:48:be:e3:cb:43:6c:54:b1:
b1:65:b8:57:84:a2:9a:8d:27:99:16:2c:fe:a1:33:
32:ab:ff:6a:f2:53:47:8d:b0:74:8b:ae:fe:2d:fd:
a7:7d:ea:fc:6e:e0:cb:ec:1a:c3:b6:34:07:83:6d:
43:9d:81:e5:46:78:0a:10:c0:08:5a:21:1c:28:bc:
5e:15:10:df:33:57:32:9a:bf:0d:47:33:c5:ea:39:
b0:ca:0d:57:bf:cd:9d:cf:e8:90:9a:01:ac:45:92:
d2:df:60:3f:78:fd:ea:6a:b9:ba:d1:c9:62:17:5e:
ca:25:0c:0c:65:04:a8:6b:e2:d3:e5:35:b1:6a:06:
b8:52:12:77:18:39:88:03:87:ef:8c:ea:12:70:84:
fc:ca:09:04:c0:a4:a5:ce:a7:f7:dc:b7:53:8c:d5:
ba:a6:33:b3:7b:d7:48:64:df:7d:03:14:74:06:c1:
de:6b:4b:e9:d9:9d:38:82:59:18:6e:9c:57:fd:df:
51:d8:54:1f:58:27:4b:60:be:4f:ef:18:1b:db:bd:
7c:86:cd:ba:35:5b:ba:1c:25:f7:7f:3e:9d:18:4b:
40:ee:fe:68:db:c5:e9:74:92:17:8e:d9:b2:29:ab:
1c:44:e8:9d:88:10:4f:a2:4a:7a:b4:4f:be:b1:5a:
cd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7D:20:13:92:CB:31:CF:FC:5D:B5:A4:5A:55:5B:D8:41:2B:77:09
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.62.0/24
143.14.193.0/24
143.14.223.0/24
155.117.0.0/24
155.117.102.0/24
155.117.185.0/24
155.117.188.0/24
162.141.121.0/24
167.148.210.0/24
Signature Algorithm: sha256WithRSAEncryption
22:a0:da:2c:49:36:09:61:61:6a:6d:11:56:26:89:0f:0e:e2:
f5:c4:f4:a3:aa:b4:80:99:43:32:2b:7f:9e:77:f1:a9:a2:db:
0a:6a:79:06:7c:6f:61:01:fc:08:50:c3:af:6e:61:05:e5:f4:
3d:54:1e:d5:4e:61:b6:8d:e5:9b:55:ed:1b:da:9b:a6:e0:2c:
f2:eb:d6:89:ac:7c:24:09:65:b5:77:e6:c3:99:2f:86:97:1c:
46:82:44:00:ca:72:60:f0:4f:7a:4b:98:47:51:aa:44:b7:54:
c0:5c:d5:6b:68:39:d9:8a:7a:77:76:67:41:84:95:9d:ae:b7:
da:4d:f1:01:66:0a:22:f7:fb:94:2e:72:20:03:ca:fb:67:8d:
96:1d:1f:fe:36:68:d5:12:1d:0d:b0:97:a7:5f:60:16:3b:fb:
83:64:eb:b4:4c:36:44:f0:81:86:46:3a:7b:0d:12:60:0c:6c:
02:0a:aa:e8:09:ea:5c:d2:82:a0:c2:fc:fc:6b:79:72:dd:22:
3f:c7:ad:29:96:e5:8c:2d:a8:d1:17:36:27:64:0d:49:8d:d3:
de:74:e3:e3:90:f4:73:51:ed:bc:d1:dd:8d:89:de:f5:50:c4:
d3:c8:c3:11:07:a0:4e:37:20:a3:c9:e6:49:7e:46:28:53:a0:
30:77:ee:85
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIUNWaLfRPweD4rbzbWxQboVek2ZoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjIyMzU2NTlaFw0yNjA2MjIwMDAxNTlaMDMxMTAvBgNV
BAMTKENCN0QyMDEzOTJDQjMxQ0ZGQzVEQjVBNDVBNTU1QkQ4NDEyQjc3MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/5+VG6hNIvuPLQ2xUsbFluFeE
opqNJ5kWLP6hMzKr/2ryU0eNsHSLrv4t/ad96vxu4MvsGsO2NAeDbUOdgeVGeAoQ
wAhaIRwovF4VEN8zVzKavw1HM8XqObDKDVe/zZ3P6JCaAaxFktLfYD94/epqubrR
yWIXXsolDAxlBKhr4tPlNbFqBrhSEncYOYgDh++M6hJwhPzKCQTApKXOp/fct1OM
1bqmM7N710hk330DFHQGwd5rS+nZnTiCWRhunFf931HYVB9YJ0tgvk/vGBvbvXyG
zbo1W7ocJfd/Pp0YS0Du/mjbxel0kheO2bIpqxxE6J2IEE+iSnq0T76xWs0LAgMB
AAGjggI4MIICNDAdBgNVHQ4EFgQUy30gE5LLMc/8XbWkWlVb2EErdwkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTIzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAI8OPgME
AI8OwQMEAI8O3wMEAJt1AAMEAJt1ZgMEAJt1uQMEAJt1vAMEAKKNeQMEAKeU0jAN
BgkqhkiG9w0BAQsFAAOCAQEAIqDaLEk2CWFham0RViaJDw7i9cT0o6q0gJlDMit/
nnfxqaLbCmp5BnxvYQH8CFDDr25hBeX0PVQe1U5hto3lm1XtG9qbpuAs8uvWiax8
JAlltXfmw5kvhpccRoJEAMpyYPBPekuYR1GqRLdUwFzVa2g52Yp6d3ZnQYSVna63
2k3xAWYKIvf7lC5yIAPK+2eNlh0f/jZo1RIdDbCXp19gFjv7g2TrtEw2RPCBhkY6
ew0SYAxsAgqq6AnqXNKCoML8/Gt5ct0iP8etKZbljC2o0Rc2J2QNSY3T3nTj45D0
c1HtvNHdjYne9VDE08jDEQegTjcgo8nmSX5GKFOgMHfuhQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:56:26 2025 by rpki-client