Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: KLOHlNbapLhQjhpI8wukK59s0e2If8wFjgDf0GrZu20=
Subject key identifier: 6E:92:FA:58:EA:F7:9F:8A:60:0F:A1:59:2D:02:24:B9:CB:97:A9:C9
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 1F8B7EB4CC7EA00344438012D32081AD9B944593
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS137235.roa
Signing time: Fri 24 Apr 2026 01:50:24 +0000
ROA not before: Fri 24 Apr 2026 01:45:24 +0000
ROA not after: Fri 23 Apr 2027 01:50:24 +0000
asID: 137235
IP address blocks: 143.20.89.0/24 maxlen: 24
143.20.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:8b:7e:b4:cc:7e:a0:03:44:43:80:12:d3:20:81:ad:9b:94:45:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Apr 24 01:45:24 2026 GMT
Not After : Apr 23 01:50:24 2027 GMT
Subject: CN=6E92FA58EAF79F8A600FA1592D0224B9CB97A9C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e2:8f:70:7f:ca:90:f5:f5:08:20:12:24:69:
cd:f8:53:59:e4:83:f9:3a:fa:da:45:c9:80:2f:34:
c2:3d:b7:c9:ad:9d:7c:bf:74:71:00:37:e4:fe:fd:
4e:04:df:e8:8b:69:2e:7c:8b:d6:1a:08:bf:bb:4b:
61:00:a7:f2:38:60:26:17:2c:c3:5d:70:d5:55:c1:
7d:60:5a:d9:d1:31:d9:5a:a1:31:6f:5b:07:d6:16:
2a:ef:b5:ab:ee:91:89:f8:e1:47:f2:5f:4c:1e:5c:
3e:4d:2d:c1:fd:70:f7:c3:83:22:03:b3:fa:c1:ea:
9f:d0:45:09:1d:41:d8:b3:10:eb:e7:94:fb:15:cd:
99:84:79:7b:1a:f8:2b:fd:16:36:cd:a2:13:77:8f:
c3:9f:aa:f6:13:d3:02:e8:81:90:5d:b0:76:11:91:
2f:9e:39:68:0d:45:dc:75:d3:a9:6c:8b:d7:04:dd:
be:50:97:4b:88:12:a9:db:d3:a0:af:7b:d3:67:d2:
43:d0:c7:17:43:65:d1:d8:47:34:78:56:5a:15:f6:
ee:f0:d9:7d:16:aa:4b:b0:e1:46:5a:ff:bb:07:2f:
11:2f:df:b0:c3:0f:05:a5:30:58:7f:f8:7d:f1:c7:
9b:c4:0f:62:69:a0:c0:17:5d:1f:4a:47:9f:ed:24:
a1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:92:FA:58:EA:F7:9F:8A:60:0F:A1:59:2D:02:24:B9:CB:97:A9:C9
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.89.0/24
143.20.98.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:e8:4c:d9:e6:20:cb:03:c7:d9:8e:2d:71:c5:63:6b:a4:a0:
b0:8a:e6:83:81:66:fd:ef:52:9f:c0:81:93:ff:ff:ab:f0:a4:
3d:f4:34:d4:01:77:1a:f4:64:3e:90:9f:8c:e3:e0:fc:ec:50:
ba:97:b4:d3:3f:9a:4b:33:64:c3:1d:53:3a:b3:0f:69:ee:e5:
29:84:02:3a:1e:87:f8:47:9d:e2:f8:94:33:6f:3c:bb:d5:1d:
26:47:bf:ff:88:52:b7:f5:7e:60:ce:34:bb:9f:37:ba:e0:3d:
63:58:6d:7e:7c:d0:d3:a1:ad:fd:4f:db:97:45:4e:f3:6c:9b:
76:f5:fb:30:ac:e1:15:06:53:71:78:1f:05:6c:ce:22:5d:b5:
1e:7d:29:94:53:8a:90:24:81:40:53:20:10:c0:95:91:d3:66:
80:1b:26:f3:b5:b1:d8:45:6d:67:31:42:94:2a:a6:eb:e0:cf:
55:de:c4:a2:28:61:dc:10:b2:07:c8:ab:3b:03:60:c1:05:9d:
26:b9:90:d7:50:c6:2d:1a:14:7c:32:55:47:91:e4:4e:d4:98:
fe:b1:f6:1f:44:d7:1f:fa:57:da:62:37:ca:2a:53:f8:77:ac:
a9:f5:1f:cd:98:5b:b2:7e:dd:09:40:a1:86:88:4c:21:49:66:
7d:b2:6d:3f
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUH4t+tMx+oANEQ4AS0yCBrZuURZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA0MjQwMTQ1MjRaFw0yNzA0MjMwMTUwMjRaMDMxMTAvBgNV
BAMTKDZFOTJGQTU4RUFGNzlGOEE2MDBGQTE1OTJEMDIyNEI5Q0I5N0E5QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCB4o9wf8qQ9fUIIBIkac34U1nk
g/k6+tpFyYAvNMI9t8mtnXy/dHEAN+T+/U4E3+iLaS58i9YaCL+7S2EAp/I4YCYX
LMNdcNVVwX1gWtnRMdlaoTFvWwfWFirvtavukYn44UfyX0weXD5NLcH9cPfDgyID
s/rB6p/QRQkdQdizEOvnlPsVzZmEeXsa+Cv9FjbNohN3j8OfqvYT0wLogZBdsHYR
kS+eOWgNRdx106lsi9cE3b5Ql0uIEqnb06Cve9Nn0kPQxxdDZdHYRzR4VloV9u7w
2X0Wqkuw4UZa/7sHLxEv37DDDwWlMFh/+H3xx5vED2JpoMAXXR9KR5/tJKGVAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUbpL6WOr3n4pgD6FZLQIkucuXqckwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjxRZ
AwQAjxRiMA0GCSqGSIb3DQEBCwUAA4IBAQCi6EzZ5iDLA8fZji1xxWNrpKCwiuaD
gWb971KfwIGT//+r8KQ99DTUAXca9GQ+kJ+M4+D87FC6l7TTP5pLM2TDHVM6sw9p
7uUphAI6Hof4R53i+JQzbzy71R0mR7//iFK39X5gzjS7nze64D1jWG1+fNDToa39
T9uXRU7zbJt29fswrOEVBlNxeB8FbM4iXbUefSmUU4qQJIFAUyAQwJWR02aAGybz
tbHYRW1nMUKUKqbr4M9V3sSiKGHcELIHyKs7A2DBBZ0muZDXUMYtGhR8MlVHkeRO
1Jj+sfYfRNcf+lfaYjfKKlP4d6yp9R/NmFuyft0JQKGGiEwhSWZ9sm0/
-----END CERTIFICATE-----
Generated at Wed May 13 01:05:15 2026 by rpki-client