Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9232.roa
File: AS9232.roa (raw, json)
Hash identifier: SC5jcGgDWJeKfLnJ9fjvAHwahh3dZ2EwttqOUNbJ5Jw=
Subject key identifier: 35:B0:E4:7E:4D:FB:2C:F3:4E:95:57:94:2E:A8:5D:AE:90:C0:B7:34
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 59C1EB0DCD55D5A9606AFFBCDBAB17255E5AE6E2
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9232.roa
Signing time: Mon 28 Apr 2025 12:30:13 +0000
ROA not before: Mon 28 Apr 2025 12:25:13 +0000
ROA not after: Mon 27 Apr 2026 12:30:13 +0000
asID: 9232
IP address blocks: 143.14.128.0/24 maxlen: 24
143.14.137.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.8.0/24 maxlen: 24
155.117.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:c1:eb:0d:cd:55:d5:a9:60:6a:ff:bc:db:ab:17:25:5e:5a:e6:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 28 12:25:13 2025 GMT
Not After : Apr 27 12:30:13 2026 GMT
Subject: CN=35B0E47E4DFB2CF34E9557942EA85DAE90C0B734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:33:0c:4a:56:05:89:b1:10:ce:b2:41:35:e1:
4b:43:73:9c:65:6a:68:1e:d9:42:64:b3:33:43:ad:
43:25:6e:e7:19:52:32:34:52:49:4c:9c:94:eb:3a:
1a:29:00:00:cf:1f:2b:92:b0:4f:ed:f9:bb:c7:d0:
a7:fa:66:fe:44:a5:22:d9:73:90:f0:0a:10:27:71:
0a:e3:51:20:e3:2b:0b:f3:44:70:7a:ea:88:44:20:
5e:74:9b:7f:6b:00:d5:41:ae:3a:7c:09:71:a9:87:
78:28:4c:1f:01:35:b4:ef:01:6a:3a:9e:13:17:cb:
1d:bf:bd:bd:57:ba:14:58:67:d3:44:d0:4d:7f:3c:
84:37:ce:2f:84:84:05:75:9f:9e:4a:45:ee:af:7e:
26:52:e5:7d:76:88:70:f6:36:c0:c0:b6:87:35:b3:
cc:a5:cf:34:c8:bf:85:b8:92:1d:b2:54:8d:43:c9:
e2:c4:ac:cd:99:a7:c2:50:07:6b:fd:01:df:59:c9:
93:50:c8:ed:9f:7d:15:ed:eb:83:b3:35:ca:de:17:
05:c2:ac:88:c8:a3:fe:2b:71:58:14:bf:27:3e:db:
0b:28:01:ae:b2:0c:2c:bc:d1:b3:41:18:23:5c:1d:
ca:15:3e:dd:77:05:96:ff:a9:cb:32:a8:10:8d:db:
b3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B0:E4:7E:4D:FB:2C:F3:4E:95:57:94:2E:A8:5D:AE:90:C0:B7:34
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.128.0/24
143.14.137.0/24
155.117.0.0/24
155.117.8.0/24
155.117.16.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:03:25:2e:cf:cf:d5:91:ad:e7:05:d2:b7:04:f2:f3:3c:d1:
bd:8d:1d:83:1a:40:80:67:69:eb:6b:dd:99:db:4b:4d:13:a9:
66:0e:1a:53:a6:05:3e:29:1b:5f:0e:02:ec:7e:05:4f:93:5c:
3a:d3:59:de:72:23:38:b2:32:90:51:2f:ee:30:81:c0:67:9b:
7f:04:fa:e5:dd:99:b8:8b:f4:b5:d8:64:a4:a8:da:39:54:22:
e8:64:6f:35:42:62:4f:9d:dd:dd:87:12:fa:e3:f3:a6:9b:23:
5f:a6:39:0e:ca:3f:80:e9:72:82:a0:e3:80:16:35:ff:75:4b:
bf:61:3e:6a:41:7e:b7:02:66:c9:8c:f0:fa:be:a2:60:8f:7f:
81:32:73:01:e9:ef:8c:a2:57:6d:92:86:c7:ee:5b:3b:41:f2:
e6:59:e1:9b:85:f9:08:fa:45:97:af:e6:de:33:f2:2c:d0:75:
c5:41:d3:13:7a:2c:b4:b7:0b:8f:b6:c6:85:5b:55:3f:47:ab:
9b:8a:c2:89:f8:f4:d8:7e:06:69:9f:04:a7:ee:cf:d5:9f:63:
b6:ed:d7:43:d1:3c:95:fa:35:f4:0a:ef:cc:10:ff:c1:55:82:
dd:39:7d:d8:de:d1:ea:78:19:b8:9b:c0:b9:a2:63:36:f9:5a:
04:4a:d4:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUWcHrDc1V1algav+826sXJV5a5uIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MjgxMjI1MTNaFw0yNjA0MjcxMjMwMTNaMDMxMTAvBgNV
BAMTKDM1QjBFNDdFNERGQjJDRjM0RTk1NTc5NDJFQTg1REFFOTBDMEI3MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpMwxKVgWJsRDOskE14UtDc5xl
amge2UJkszNDrUMlbucZUjI0UklMnJTrOhopAADPHyuSsE/t+bvH0Kf6Zv5EpSLZ
c5DwChAncQrjUSDjKwvzRHB66ohEIF50m39rANVBrjp8CXGph3goTB8BNbTvAWo6
nhMXyx2/vb1XuhRYZ9NE0E1/PIQ3zi+EhAV1n55KRe6vfiZS5X12iHD2NsDAtoc1
s8ylzzTIv4W4kh2yVI1DyeLErM2Zp8JQB2v9Ad9ZyZNQyO2ffRXt64OzNcreFwXC
rIjIo/4rcVgUvyc+2wsoAa6yDCy80bNBGCNcHcoVPt13BZb/qcsyqBCN27PzAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUNbDkfk37LPNOlVeULqhdrpDAtzQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTIzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAI8OgAME
AI8OiQMEAJt1AAMEAJt1CAMEAJt1EDANBgkqhkiG9w0BAQsFAAOCAQEApwMlLs/P
1ZGt5wXStwTy8zzRvY0dgxpAgGdp62vdmdtLTROpZg4aU6YFPikbXw4C7H4FT5Nc
OtNZ3nIjOLIykFEv7jCBwGebfwT65d2ZuIv0tdhkpKjaOVQi6GRvNUJiT53d3YcS
+uPzppsjX6Y5Dso/gOlygqDjgBY1/3VLv2E+akF+twJmyYzw+r6iYI9/gTJzAenv
jKJXbZKGx+5bO0Hy5lnhm4X5CPpFl6/m3jPyLNB1xUHTE3ostLcLj7bGhVtVP0er
m4rCifj02H4GaZ8Ep+7P1Z9jtu3XQ9E8lfo19ArvzBD/wVWC3Tl92N7R6ngZuJvA
uaJjNvlaBErUVQ==
-----END CERTIFICATE-----
Generated at Tue May 6 17:06:08 2025 by rpki-client