Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS138997.roa
File: AS138997.roa (raw, json)
Hash identifier: 6a9i4qPlN+/dWCaxUO8bY504qoU65RkTmlvGJ4xNo7E=
Subject key identifier: D8:DA:7A:21:80:51:38:E1:5F:29:D3:11:24:00:60:71:74:5B:89:8A
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 143785A91BDBC11828BFF2E6212B266159AB383D
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS138997.roa
Signing time: Tue 05 Aug 2025 04:32:48 +0000
ROA not before: Tue 05 Aug 2025 04:27:48 +0000
ROA not after: Tue 04 Aug 2026 04:32:48 +0000
asID: 138997
IP address blocks: 193.150.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:25:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:37:85:a9:1b:db:c1:18:28:bf:f2:e6:21:2b:26:61:59:ab:38:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Aug 5 04:27:48 2025 GMT
Not After : Aug 4 04:32:48 2026 GMT
Subject: CN=D8DA7A21805138E15F29D31124006071745B898A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:75:46:44:b9:77:74:2d:92:88:9d:33:6e:d9:
ce:69:ba:ec:90:c5:89:79:fb:8b:51:ae:7b:c6:79:
bb:44:e0:5b:d0:23:6e:a5:5b:8b:e3:f5:42:70:29:
32:69:84:6d:e2:fc:5b:5a:f6:c1:1b:81:cf:a3:30:
05:d2:4f:ae:17:b4:74:f1:77:3e:95:b3:99:f1:b7:
5c:a3:3d:31:c8:bc:04:98:46:c5:dd:fc:3e:f3:ee:
17:2b:6e:bc:c8:cf:b7:ec:09:07:44:4a:64:5c:96:
b1:1b:84:13:38:e0:a4:55:9b:d9:d9:95:1e:c0:27:
8d:e4:99:78:14:25:5c:2b:75:af:30:e2:04:d6:ed:
b3:1b:3a:e6:0c:57:ed:a8:48:1c:9b:98:14:8b:17:
c8:c8:f5:ce:b0:34:e2:f7:6b:11:cc:1e:b0:50:0e:
b6:ec:45:c5:77:1b:b3:3f:52:e5:47:88:85:97:e2:
52:8c:ac:0d:0e:d9:d0:8d:95:79:9b:ba:52:19:fd:
2e:9d:be:89:52:2d:11:bf:ba:a7:c9:d0:14:b2:99:
90:86:b2:c3:02:f5:fb:ad:31:54:99:3a:e6:c2:78:
37:2f:c4:a7:88:15:8e:3d:48:2a:96:12:27:a4:b1:
47:be:bc:b6:4e:9a:4b:7d:a4:bd:76:89:9e:5e:9e:
39:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DA:7A:21:80:51:38:E1:5F:29:D3:11:24:00:60:71:74:5B:89:8A
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS138997.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:86:91:f0:26:5b:1b:42:b7:fc:0c:24:e9:c6:48:cf:75:64:
72:7b:ee:da:2b:ca:37:03:8d:a9:e7:ea:57:4a:c5:b9:3a:f6:
ee:ca:62:d4:0f:42:89:eb:e5:9b:9f:d5:82:9e:98:46:28:5f:
91:76:11:79:21:3b:51:9f:7a:fb:36:42:67:81:fa:3a:28:50:
cd:a4:bf:e2:3d:36:24:9e:7e:7c:00:e7:98:ed:a1:36:23:0a:
38:03:dd:1c:69:65:9e:f9:97:12:f9:46:65:4e:e0:9f:0d:2d:
1e:11:92:02:0b:dd:36:08:38:f3:b8:dc:95:b5:55:9f:a8:18:
42:2c:fc:b3:fc:49:16:f5:5a:b3:1e:74:6e:e0:9c:28:a8:29:
c8:f9:e2:31:cc:52:76:e8:45:ac:c4:99:b7:5a:4d:12:cb:4a:
2f:ac:01:60:f9:d5:25:af:9b:25:94:aa:f7:a9:7a:db:28:12:
d6:a4:5d:08:9c:7e:76:c9:a8:71:0d:6b:56:94:cd:43:d2:ca:
92:01:50:32:94:da:a4:b1:c4:f2:b5:20:1a:13:06:06:c6:52:
60:8a:8d:d6:5c:fe:e9:2f:00:f0:64:01:e8:0b:19:7d:02:0b:
00:63:f8:93:0e:86:f7:1c:a5:c7:86:5c:6d:fc:a2:0e:5d:46:
59:c9:57:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUFDeFqRvbwRgov/LmISsmYVmrOD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTA4MDUwNDI3NDhaFw0yNjA4MDQwNDMyNDhaMDMxMTAvBgNV
BAMTKEQ4REE3QTIxODA1MTM4RTE1RjI5RDMxMTI0MDA2MDcxNzQ1Qjg5OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNdUZEuXd0LZKInTNu2c5puuyQ
xYl5+4tRrnvGebtE4FvQI26lW4vj9UJwKTJphG3i/Fta9sEbgc+jMAXST64XtHTx
dz6Vs5nxt1yjPTHIvASYRsXd/D7z7hcrbrzIz7fsCQdESmRclrEbhBM44KRVm9nZ
lR7AJ43kmXgUJVwrda8w4gTW7bMbOuYMV+2oSBybmBSLF8jI9c6wNOL3axHMHrBQ
DrbsRcV3G7M/UuVHiIWX4lKMrA0O2dCNlXmbulIZ/S6dvolSLRG/uqfJ0BSymZCG
ssMC9futMVSZOubCeDcvxKeIFY49SCqWEieksUe+vLZOmkt9pL12iZ5enjnHAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU2Np6IYBROOFfKdMRJABgcXRbiYowHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMTM4OTk3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwZYo
MA0GCSqGSIb3DQEBCwUAA4IBAQAehpHwJlsbQrf8DCTpxkjPdWRye+7aK8o3A42p
5+pXSsW5OvbuymLUD0KJ6+Wbn9WCnphGKF+RdhF5ITtRn3r7NkJngfo6KFDNpL/i
PTYknn58AOeY7aE2Iwo4A90caWWe+ZcS+UZlTuCfDS0eEZICC902CDjzuNyVtVWf
qBhCLPyz/EkW9VqzHnRu4JwoqCnI+eIxzFJ26EWsxJm3Wk0Sy0ovrAFg+dUlr5sl
lKr3qXrbKBLWpF0InH52yahxDWtWlM1D0sqSAVAylNqkscTytSAaEwYGxlJgio3W
XP7pLwDwZAHoCxl9AgsAY/iTDob3HKXHhlxt/KIOXUZZyVdq
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:39:39 2025 by rpki-client