Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS140813.roa
File: AS140813.roa (raw, json)
Hash identifier: KnmW5Utcpgozxz35ZgO4IhqPM7DSigcsEeurRGSwhiY=
Subject key identifier: 25:4F:FD:7F:46:93:C7:3F:82:88:9E:59:23:8C:30:40:1D:2C:32:64
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1A2584D6A0D69555174FFA60BEDFD397C987885D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS140813.roa
Signing time: Thu 14 Aug 2025 13:31:43 +0000
ROA not before: Thu 14 Aug 2025 13:26:43 +0000
ROA not after: Thu 13 Aug 2026 13:31:43 +0000
asID: 140813
IP address blocks: 181.214.0.0/24 maxlen: 24
181.214.4.0/24 maxlen: 24
181.214.14.0/24 maxlen: 24
181.214.41.0/24 maxlen: 24
181.214.54.0/24 maxlen: 24
181.214.58.0/24 maxlen: 24
181.214.79.0/24 maxlen: 24
181.214.91.0/24 maxlen: 24
181.214.98.0/24 maxlen: 24
181.214.101.0/24 maxlen: 24
181.214.167.0/24 maxlen: 24
181.215.3.0/24 maxlen: 24
181.215.64.0/24 maxlen: 24
181.215.95.0/24 maxlen: 24
181.215.108.0/24 maxlen: 24
181.215.109.0/24 maxlen: 24
181.215.111.0/24 maxlen: 24
181.215.113.0/24 maxlen: 24
181.215.114.0/24 maxlen: 24
181.215.115.0/24 maxlen: 24
181.215.159.0/24 maxlen: 24
181.215.189.0/24 maxlen: 24
181.215.216.0/24 maxlen: 24
181.215.225.0/24 maxlen: 24
181.215.227.0/24 maxlen: 24
181.215.237.0/24 maxlen: 24
181.215.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:25:84:d6:a0:d6:95:55:17:4f:fa:60:be:df:d3:97:c9:87:88:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 14 13:26:43 2025 GMT
Not After : Aug 13 13:31:43 2026 GMT
Subject: CN=254FFD7F4693C73F82889E59238C30401D2C3264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:dc:f5:1e:d4:c4:b0:1b:47:a3:ff:a0:6c:8f:
0e:67:d9:d3:ad:35:b5:5b:f9:0b:8f:f8:a9:7c:6f:
7f:55:e5:94:82:66:bc:13:eb:ec:b8:b3:f1:d5:8c:
40:ed:90:2e:79:7f:9a:ca:40:95:a0:5f:e2:0a:43:
36:d7:66:17:7e:10:2e:35:58:46:83:0b:37:d6:ad:
1e:d9:16:a5:be:a1:a7:ea:39:5b:18:4d:5b:4d:d7:
f0:93:33:0e:ed:db:15:d7:90:71:de:bb:96:0c:24:
de:a3:f6:06:71:dc:1c:68:22:c4:8e:6d:a4:fc:0b:
da:bd:0b:bc:8c:f5:10:86:46:08:c4:5e:83:85:1a:
b4:64:f0:54:69:fb:ec:f1:b9:e3:34:8c:17:df:21:
f2:92:b7:07:33:34:12:ad:48:55:02:9b:9c:8f:8e:
a6:76:94:dd:5c:e6:d5:b0:65:dd:2c:92:31:aa:b4:
f6:60:b2:2f:c9:d8:4a:eb:04:8b:92:49:b1:1e:4a:
28:92:09:de:c6:df:a6:6f:c4:51:20:39:ab:b8:fe:
d6:bc:1c:fe:f2:42:4c:c0:b3:15:de:b4:aa:f2:77:
1d:fc:1a:23:1c:3b:8d:6a:02:b1:cb:5a:df:99:53:
1e:bf:0b:8e:6e:af:6b:11:cd:2f:a3:12:e8:bc:29:
6b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4F:FD:7F:46:93:C7:3F:82:88:9E:59:23:8C:30:40:1D:2C:32:64
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS140813.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.0.0/24
181.214.4.0/24
181.214.14.0/24
181.214.41.0/24
181.214.54.0/24
181.214.58.0/24
181.214.79.0/24
181.214.91.0/24
181.214.98.0/24
181.214.101.0/24
181.214.167.0/24
181.215.3.0/24
181.215.64.0/24
181.215.95.0/24
181.215.108.0/23
181.215.111.0/24
181.215.113.0-181.215.115.255
181.215.159.0/24
181.215.189.0/24
181.215.216.0/24
181.215.225.0/24
181.215.227.0/24
181.215.237.0/24
181.215.240.0/24
Signature Algorithm: sha256WithRSAEncryption
35:37:15:2c:5e:bb:11:c3:c5:6e:e6:0e:3e:af:69:c2:0d:e3:
7d:e5:d4:12:09:71:64:01:ca:c1:a7:a4:89:d5:21:da:84:77:
a5:6b:4f:7a:1c:53:ad:a7:fe:b3:e9:39:59:e4:5e:d0:73:f4:
bb:33:a9:62:f8:82:94:68:96:7b:41:6a:3f:bb:da:55:3c:c4:
11:63:ea:dc:29:3f:1a:4f:c8:c9:3a:1e:85:0b:a6:52:9f:56:
d5:8c:ff:3c:f0:17:6b:a9:c5:34:a5:70:17:aa:61:ea:48:d8:
d8:88:d0:7c:c9:26:5c:fb:3c:ac:21:c4:09:f1:56:4e:48:43:
77:da:e9:64:1e:1d:05:5e:20:26:0b:60:05:2e:b0:ea:51:f6:
45:c4:61:93:68:6a:cc:18:54:71:6a:6f:fa:97:a6:7b:5a:33:
34:f2:98:24:8e:fc:c5:c3:7f:f8:0f:99:41:7d:cb:3d:0a:bc:
25:64:ad:4b:88:3f:56:91:85:2c:71:0f:ac:3c:1d:09:1c:86:
82:e6:92:a7:94:b7:9a:8a:0b:95:55:f0:03:f6:d4:f8:1f:f0:
f0:87:93:5a:3f:93:c6:3a:4e:61:15:40:f8:e8:a6:3b:be:02:
0d:4f:7f:a6:46:4a:ac:13:ea:51:b8:51:21:ee:58:75:c1:12:
6c:21:c9:c2
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIUGiWE1qDWlVUXT/pgvt/Tl8mHiF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MTQxMzI2NDNaFw0yNjA4MTMxMzMxNDNaMDMxMTAvBgNV
BAMTKDI1NEZGRDdGNDY5M0M3M0Y4Mjg4OUU1OTIzOEMzMDQwMUQyQzMyNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU3PUe1MSwG0ej/6Bsjw5n2dOt
NbVb+QuP+Kl8b39V5ZSCZrwT6+y4s/HVjEDtkC55f5rKQJWgX+IKQzbXZhd+EC41
WEaDCzfWrR7ZFqW+oafqOVsYTVtN1/CTMw7t2xXXkHHeu5YMJN6j9gZx3BxoIsSO
baT8C9q9C7yM9RCGRgjEXoOFGrRk8FRp++zxueM0jBffIfKStwczNBKtSFUCm5yP
jqZ2lN1c5tWwZd0skjGqtPZgsi/J2ErrBIuSSbEeSiiSCd7G36ZvxFEgOau4/ta8
HP7yQkzAsxXetKrydx38GiMcO41qArHLWt+ZUx6/C45ur2sRzS+jEui8KWv/AgMB
AAGjggKhMIICnTAdBgNVHQ4EFgQUJU/9f0aTxz+CiJ5ZI4wwQB0sMmQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQwODEzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgD
BAC11gADBAC11gQDBAC11g4DBAC11ikDBAC11jYDBAC11joDBAC11k8DBAC11lsD
BAC11mIDBAC11mUDBAC11qcDBAC11wMDBAC110ADBAC1118DBAG112wDBAC1128w
DAMEALXXcQMEArXXcAMEALXXnwMEALXXvQMEALXX2AMEALXX4QMEALXX4wMEALXX
7QMEALXX8DANBgkqhkiG9w0BAQsFAAOCAQEANTcVLF67EcPFbuYOPq9pwg3jfeXU
EglxZAHKwaekidUh2oR3pWtPehxTraf+s+k5WeRe0HP0uzOpYviClGiWe0FqP7va
VTzEEWPq3Ck/Gk/IyToehQumUp9W1Yz/PPAXa6nFNKVwF6ph6kjY2IjQfMkmXPs8
rCHECfFWTkhDd9rpZB4dBV4gJgtgBS6w6lH2RcRhk2hqzBhUcWpv+peme1ozNPKY
JI78xcN/+A+ZQX3LPQq8JWStS4g/VpGFLHEPrDwdCRyGguaSp5S3mooLlVXwA/bU
+B/w8IeTWj+TxjpOYRVA+OimO74CDU9/pkZKrBPqUbhRIe5YdcESbCHJwg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:04:15 2025 by rpki-client