Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: TJ4kg15YL8XV1S/C/DrW6Pdsg2W6hPlTtyZOGv+RWYQ=
Subject key identifier: 59:62:31:BC:57:4E:9B:B9:10:8D:06:06:BB:74:20:17:68:D4:BB:78
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 55504DE82C7ED7ED3DA32DB10DB31152D9E8AB7C
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS137235.roa
Signing time: Thu 14 Aug 2025 00:00:09 +0000
ROA not before: Wed 13 Aug 2025 23:55:09 +0000
ROA not after: Thu 13 Aug 2026 00:00:09 +0000
asID: 137235
IP address blocks: 143.20.89.0/24 maxlen: 24
143.20.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:50:4d:e8:2c:7e:d7:ed:3d:a3:2d:b1:0d:b3:11:52:d9:e8:ab:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Aug 13 23:55:09 2025 GMT
Not After : Aug 13 00:00:09 2026 GMT
Subject: CN=596231BC574E9BB9108D0606BB74201768D4BB78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:23:7c:e6:33:01:ae:c1:45:68:3b:f1:ea:51:
68:93:ba:2a:02:87:73:3c:c2:6c:f5:6f:1d:5e:a5:
eb:f5:6a:01:8f:5d:b7:89:36:0b:4c:f7:51:54:1d:
dd:91:14:ac:b8:ee:ea:e3:00:79:61:72:c3:00:20:
a1:6a:1f:94:b8:e0:f3:d2:5d:8f:b0:4a:f7:91:d2:
73:70:1a:b0:5e:da:bf:95:41:08:40:9b:75:60:0f:
73:90:c4:1c:65:37:7c:7b:a4:7c:fb:e9:8b:b5:f2:
96:11:5b:21:d4:04:cf:91:2b:12:75:f3:71:8f:3f:
d9:e3:cb:98:6b:6e:13:60:c1:21:89:52:34:83:40:
fe:da:1e:02:a0:5d:ca:4e:2b:e2:5d:b2:1d:ec:91:
bd:b8:ff:19:30:bc:e5:01:33:24:88:20:46:e6:cc:
05:fc:50:10:74:cc:90:44:71:79:28:b7:f0:0d:a5:
ad:21:88:80:df:7c:c9:99:da:90:db:cf:d0:51:64:
ca:0c:95:65:5a:52:90:ea:5a:fc:92:40:1c:eb:55:
e4:1c:ff:26:8f:00:05:48:ff:1d:f9:c7:41:1a:83:
1e:ea:5f:58:b6:c8:4d:6a:f7:a3:f6:0b:dc:15:f4:
09:79:68:03:77:91:fd:7a:a2:8a:92:be:6b:a0:4a:
f1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:62:31:BC:57:4E:9B:B9:10:8D:06:06:BB:74:20:17:68:D4:BB:78
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.89.0/24
143.20.98.0/24
Signature Algorithm: sha256WithRSAEncryption
48:2a:ea:ce:74:7e:a6:24:17:3b:78:df:f6:ab:4c:ca:8d:fc:
b5:f1:d7:54:c1:e1:24:f4:5a:22:24:6b:87:f0:b1:5d:47:35:
35:6f:d4:57:4a:ac:91:a2:49:08:38:24:00:da:97:8a:1b:40:
16:26:42:02:61:79:46:5e:6d:b0:b7:4d:63:c4:7c:b2:c9:38:
63:0a:ca:24:17:72:ad:46:c1:be:00:de:02:4b:6c:be:6e:26:
14:9e:99:74:cd:9c:59:64:99:6d:a5:8c:2a:35:54:ac:df:10:
14:59:ad:39:95:9b:e2:76:d4:05:a8:ba:87:c7:53:79:f8:47:
72:43:b8:ed:9d:19:48:fb:0c:87:a8:21:8a:c9:ad:ea:97:7a:
3d:a7:df:bc:b4:b2:be:4c:50:7d:02:27:f6:21:75:e1:d0:58:
7c:84:ee:5f:73:89:c2:80:2c:99:82:da:dc:3c:c4:13:b7:df:
65:5c:5e:cb:82:26:a0:b3:b1:7b:14:90:25:da:67:b6:35:0d:
ba:97:3d:06:6c:87:a5:d2:10:55:ee:f6:9a:36:a9:a4:e1:66:
25:e0:57:5c:04:8c:23:88:08:41:7b:d4:73:ae:e1:f6:8d:ff:
4e:2a:64:95:64:1b:7f:d4:28:e5:90:5d:1f:39:ec:6a:f4:c0:
5c:bf:1f:10
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUVVBN6Cx+1+09oy2xDbMRUtnoq3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA4MTMyMzU1MDlaFw0yNjA4MTMwMDAwMDlaMDMxMTAvBgNV
BAMTKDU5NjIzMUJDNTc0RTlCQjkxMDhEMDYwNkJCNzQyMDE3NjhENEJCNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDI3zmMwGuwUVoO/HqUWiTuioC
h3M8wmz1bx1epev1agGPXbeJNgtM91FUHd2RFKy47urjAHlhcsMAIKFqH5S44PPS
XY+wSveR0nNwGrBe2r+VQQhAm3VgD3OQxBxlN3x7pHz76Yu18pYRWyHUBM+RKxJ1
83GPP9njy5hrbhNgwSGJUjSDQP7aHgKgXcpOK+Jdsh3skb24/xkwvOUBMySIIEbm
zAX8UBB0zJBEcXkot/ANpa0hiIDffMmZ2pDbz9BRZMoMlWVaUpDqWvySQBzrVeQc
/yaPAAVI/x35x0Eagx7qX1i2yE1q96P2C9wV9Al5aAN3kf16ooqSvmugSvHXAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUWWIxvFdOm7kQjQYGu3QgF2jUu3gwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjxRZ
AwQAjxRiMA0GCSqGSIb3DQEBCwUAA4IBAQBIKurOdH6mJBc7eN/2q0zKjfy18ddU
weEk9FoiJGuH8LFdRzU1b9RXSqyRokkIOCQA2peKG0AWJkICYXlGXm2wt01jxHyy
yThjCsokF3KtRsG+AN4CS2y+biYUnpl0zZxZZJltpYwqNVSs3xAUWa05lZvidtQF
qLqHx1N5+EdyQ7jtnRlI+wyHqCGKya3ql3o9p9+8tLK+TFB9Aif2IXXh0Fh8hO5f
c4nCgCyZgtrcPMQTt99lXF7Lgiags7F7FJAl2me2NQ26lz0GbIel0hBV7vaaNqmk
4WYl4FdcBIwjiAhBe9RzruH2jf9OKmSVZBt/1CjlkF0fOexq9MBcvx8Q
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:37:49 2025 by rpki-client