Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS148996.roa
File: AS148996.roa (raw, json)
Hash identifier: vpy4Fq/eh6l6nZRZbQ2Y5qJdbuoOL/pzwPR6q1yZMdU=
Subject key identifier: 34:29:3A:00:F3:27:DB:B8:29:B2:5D:59:CB:67:E2:B0:E3:FA:5E:C3
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 544E9F749EE177968920E01E6138ABE1DB5DE4FF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS148996.roa
Signing time: Fri 22 Aug 2025 10:54:13 +0000
ROA not before: Fri 22 Aug 2025 10:49:13 +0000
ROA not after: Fri 21 Aug 2026 10:54:13 +0000
asID: 148996
IP address blocks: 181.214.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:4e:9f:74:9e:e1:77:96:89:20:e0:1e:61:38:ab:e1:db:5d:e4:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 22 10:49:13 2025 GMT
Not After : Aug 21 10:54:13 2026 GMT
Subject: CN=34293A00F327DBB829B25D59CB67E2B0E3FA5EC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0d:9a:d0:70:f9:2b:06:1f:8d:81:a6:42:d0:
58:09:af:9a:dd:8e:3d:75:dd:21:76:6c:35:63:fe:
4d:bf:b0:d4:a4:64:39:0a:5e:12:68:7b:4c:77:11:
a9:4c:99:95:c8:de:92:c1:9c:fb:2c:ef:6e:5d:e2:
e8:4e:b5:0e:f8:b8:ab:a7:a8:45:6e:27:f1:26:61:
36:1f:d4:77:19:d9:55:79:5f:ce:a8:57:52:96:90:
ce:c1:f3:38:fe:c8:18:d7:83:ba:1b:86:95:cb:db:
8d:35:c3:cf:59:01:da:94:dc:60:89:94:d9:c0:b7:
3e:f0:ea:76:8e:4f:7c:39:c2:46:07:74:2c:19:ea:
f5:fd:e1:5e:41:5c:10:e7:57:26:ef:9f:7b:ba:5a:
a9:6a:45:30:e4:d5:28:43:0d:b2:17:e5:4e:27:2b:
dc:96:22:09:cc:ca:4e:cb:5e:a5:6f:dc:6f:30:70:
fd:a4:33:1a:47:18:8a:7a:d4:28:79:b0:76:3d:cc:
89:3a:f1:ba:4d:21:7d:a8:0c:d8:0c:e6:42:21:e2:
28:4e:ee:45:2e:5e:16:c0:0b:58:df:75:39:ab:46:
1b:80:46:80:2a:f0:ce:e9:6f:07:54:a5:e2:45:9e:
ab:98:bf:b9:45:27:d5:8c:a6:0d:2d:db:38:8d:60:
8e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:29:3A:00:F3:27:DB:B8:29:B2:5D:59:CB:67:E2:B0:E3:FA:5E:C3
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS148996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.33.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:ec:da:59:ac:0a:21:08:b6:76:38:81:0e:9c:f0:da:e1:1b:
1c:a3:dd:f2:df:ff:f4:b8:fa:70:f1:3c:57:4f:83:75:3f:0b:
84:b5:c0:c5:2a:88:d2:74:2a:b7:ce:77:a3:88:e9:6f:67:1e:
1a:83:66:96:a1:58:e3:1a:80:a1:5e:97:7e:99:0d:86:68:51:
0f:b9:32:cc:1f:86:30:d2:e2:bb:1d:13:51:94:cd:59:ec:ff:
e7:13:43:a3:54:b2:e6:fa:55:40:ac:ba:c7:57:4d:94:f2:60:
aa:25:a4:d1:64:24:29:76:8f:06:8b:dc:17:a6:11:7f:d6:06:
b4:f3:74:9c:1e:bb:32:7c:fd:9b:ad:27:b9:87:0d:73:fb:19:
df:2c:2a:53:ae:d1:be:fe:be:75:c2:14:60:c9:a6:05:38:1f:
9c:8a:8c:37:76:b4:96:46:5e:50:2a:85:28:1f:f5:a5:7c:07:
b5:fb:bb:37:ec:4e:a7:f4:60:0f:2c:e6:27:d2:d3:6d:81:dc:
da:d5:ba:6f:b4:7b:64:a9:66:a8:e5:35:eb:ec:5e:66:f2:8e:
3e:74:0f:a6:19:08:8c:4b:a7:3a:92:13:f1:be:6c:73:79:e5:
5c:cd:00:ec:7e:3d:77:e2:52:ca:b5:29:60:a6:5e:13:96:8e:
13:e7:e1:b2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVE6fdJ7hd5aJIOAeYTir4dtd5P8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MjIxMDQ5MTNaFw0yNjA4MjExMDU0MTNaMDMxMTAvBgNV
BAMTKDM0MjkzQTAwRjMyN0RCQjgyOUIyNUQ1OUNCNjdFMkIwRTNGQTVFQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdDZrQcPkrBh+NgaZC0FgJr5rd
jj113SF2bDVj/k2/sNSkZDkKXhJoe0x3EalMmZXI3pLBnPss725d4uhOtQ74uKun
qEVuJ/EmYTYf1HcZ2VV5X86oV1KWkM7B8zj+yBjXg7obhpXL2401w89ZAdqU3GCJ
lNnAtz7w6naOT3w5wkYHdCwZ6vX94V5BXBDnVybvn3u6WqlqRTDk1ShDDbIX5U4n
K9yWIgnMyk7LXqVv3G8wcP2kMxpHGIp61Ch5sHY9zIk68bpNIX2oDNgM5kIh4ihO
7kUuXhbAC1jfdTmrRhuARoAq8M7pbwdUpeJFnquYv7lFJ9WMpg0t2ziNYI7nAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUNCk6APMn27gpsl1Zy2fisOP6XsMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ4OTk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdYh
MA0GCSqGSIb3DQEBCwUAA4IBAQAc7NpZrAohCLZ2OIEOnPDa4Rsco93y3//0uPpw
8TxXT4N1PwuEtcDFKojSdCq3znejiOlvZx4ag2aWoVjjGoChXpd+mQ2GaFEPuTLM
H4Yw0uK7HRNRlM1Z7P/nE0OjVLLm+lVArLrHV02U8mCqJaTRZCQpdo8Gi9wXphF/
1ga083ScHrsyfP2brSe5hw1z+xnfLCpTrtG+/r51whRgyaYFOB+ciow3drSWRl5Q
KoUoH/WlfAe1+7s37E6n9GAPLOYn0tNtgdza1bpvtHtkqWao5TXr7F5m8o4+dA+m
GQiMS6c6khPxvmxzeeVczQDsfj134lLKtSlgpl4Tlo4T5+Gy
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:49:44 2025 by rpki-client