Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1257.roa
File: AS1257.roa (raw, json)
Hash identifier: q4ZnmRZNdAq75sTJWNC9K7ab4pcT6aCYqz03xUBkCUs=
Subject key identifier: F3:98:6F:F2:48:BC:F3:CB:38:7A:B4:D8:80:B5:10:F4:3F:51:AE:67
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6C7148E8EF1FE963627F76EDE5FD1B0AA1C48E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1257.roa
Signing time: Wed 02 Jul 2025 14:27:23 +0000
ROA not before: Wed 02 Jul 2025 14:22:23 +0000
ROA not after: Wed 01 Jul 2026 14:27:23 +0000
asID: 1257
IP address blocks: 96.62.194.0/24 maxlen: 24
96.62.195.0/24 maxlen: 24
96.62.253.0/24 maxlen: 24
150.241.196.0/24 maxlen: 24
150.241.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:71:48:e8:ef:1f:e9:63:62:7f:76:ed:e5:fd:1b:0a:a1:c4:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 2 14:22:23 2025 GMT
Not After : Jul 1 14:27:23 2026 GMT
Subject: CN=F3986FF248BCF3CB387AB4D880B510F43F51AE67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:03:07:b3:75:c6:51:46:77:10:2a:57:75:4f:
9e:d7:f9:34:d1:89:58:24:d7:19:f5:ee:20:b8:b7:
bd:ca:ea:7e:b5:2a:7b:34:f8:6d:a0:5d:34:95:57:
b2:6a:9b:65:59:d7:de:04:7c:d8:28:64:a6:68:4a:
72:d5:c1:c9:2d:0b:08:9e:ae:71:55:39:3f:94:a1:
b1:03:bc:d8:e4:cd:56:1f:87:1f:1f:ad:ef:e4:91:
55:a4:0e:12:92:20:4d:85:75:11:f3:41:65:6a:4d:
38:2f:e0:c7:c1:77:a2:26:a0:2b:8a:8d:29:d1:9a:
78:8a:95:b4:c8:a9:c3:a4:fc:0c:ac:f0:a9:d1:f9:
06:7a:b0:3c:28:b2:79:fb:c2:6f:18:47:63:0b:21:
b3:ba:58:2e:b9:43:24:54:b6:d4:4e:60:07:be:a0:
ac:19:7b:89:31:52:97:da:1c:53:c1:58:d3:41:55:
d5:83:ac:c6:5c:64:43:6d:61:d8:c3:2a:c1:55:ef:
5f:0a:4f:df:79:0d:33:86:70:1b:9a:80:cf:b6:9e:
3f:19:6a:21:d6:97:d5:91:ee:5a:84:22:1a:df:21:
64:8a:f6:81:ce:1f:69:19:d9:52:e5:3b:b5:1a:ba:
fe:ca:eb:d9:a6:4b:b8:a8:12:cc:5c:09:87:d0:4e:
0f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:98:6F:F2:48:BC:F3:CB:38:7A:B4:D8:80:B5:10:F4:3F:51:AE:67
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.194.0/23
96.62.253.0/24
150.241.196.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:41:56:b4:a9:18:36:b0:cf:a7:c9:be:c6:71:73:ca:ca:76:
64:1e:5a:81:a9:ad:0d:24:fe:dc:5e:51:08:24:b6:14:f2:d4:
fa:02:66:fa:35:9f:bb:e5:31:46:65:c6:e6:7f:ca:4d:90:76:
ae:ea:4a:c2:dd:be:02:19:1d:67:24:80:36:51:59:77:90:48:
55:23:b8:62:5c:2a:5b:75:80:6d:81:53:70:d1:77:02:34:e7:
57:d1:53:45:1f:89:28:ab:e4:9e:76:f4:9e:8b:1a:22:08:fe:
e6:49:e9:94:48:71:96:66:6e:ed:04:5f:89:7e:5e:0d:d1:f6:
54:d5:70:b7:a1:05:e8:95:e8:c4:61:6e:27:fa:bf:42:dd:47:
dc:89:8a:bd:ba:7a:89:6f:cf:49:cb:d5:98:f1:c1:ba:88:16:
6d:a4:71:12:ea:6e:af:9f:f6:3e:99:5a:2a:f2:cb:47:e8:66:
d8:9c:c2:8a:d6:ba:07:d2:2d:c3:e4:0d:af:97:5e:a6:a8:24:
a8:e9:33:33:23:fb:93:38:ba:cf:63:e5:a1:0b:a9:f1:51:15:
0d:0f:c2:36:2f:83:f0:b5:f6:60:93:90:54:a6:a2:2e:4d:0e:
1e:bd:6d:e4:c4:49:38:c7:49:fb:7c:b7:a9:98:18:54:95:05:
03:af:c4:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgITbHFI6O8f6WNif3bt5f0bCqHEjjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0ZmMzMzZiZjlmM2RlNWNlNDE0MTRiZDE5NzE5NDVmNGIy
NDZiZmNjMB4XDTI1MDcwMjE0MjIyM1oXDTI2MDcwMTE0MjcyM1owMzExMC8GA1UE
AxMoRjM5ODZGRjI0OEJDRjNDQjM4N0FCNEQ4ODBCNTEwRjQzRjUxQUU2NzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIDB7N1xlFGdxAqV3VPntf5NNGJ
WCTXGfXuILi3vcrqfrUqezT4baBdNJVXsmqbZVnX3gR82ChkpmhKctXByS0LCJ6u
cVU5P5ShsQO82OTNVh+HHx+t7+SRVaQOEpIgTYV1EfNBZWpNOC/gx8F3oiagK4qN
KdGaeIqVtMipw6T8DKzwqdH5BnqwPCiyefvCbxhHYwshs7pYLrlDJFS21E5gB76g
rBl7iTFSl9ocU8FY00FV1YOsxlxkQ21h2MMqwVXvXwpP33kNM4ZwG5qAz7aePxlq
IdaX1ZHuWoQiGt8hZIr2gc4faRnZUuU7tRq6/srr2aZLuKgSzFwJh9BOD18CAwEA
AaOCAhQwggIQMB0GA1UdDgQWBBTzmG/ySLzzyzh6tNiAtRD0P1GuZzAfBgNVHSME
GDAWgBRPwza/nz3lzkFBS9GXGUX0ska/zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS8wOWJlM2FhZS1hZWExLTQxZGMtYjFiOS05NWFjNTkxODI0
NGQvMC80RkMzMzZCRjlGM0RFNUNFNDE0MTRCRDE5NzE5NDVGNEIyNDZCRkNDLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVDhNMnY1ODk1YzVCUVV2Umx4bEY5TEpH
djh3LmNlcjB5BggrBgEFBQcBCwRtMGswaQYIKwYBBQUHMAuGXXJzeW5jOi8vcnN5
bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00
MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvQVMxMjU3LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBYD7CAwQA
YD79AwQBlvHEMA0GCSqGSIb3DQEBCwUAA4IBAQBLQVa0qRg2sM+nyb7GcXPKynZk
HlqBqa0NJP7cXlEIJLYU8tT6Amb6NZ+75TFGZcbmf8pNkHau6krC3b4CGR1nJIA2
UVl3kEhVI7hiXCpbdYBtgVNw0XcCNOdX0VNFH4koq+SedvSeixoiCP7mSemUSHGW
Zm7tBF+Jfl4N0fZU1XC3oQXolejEYW4n+r9C3UfciYq9unqJb89Jy9WY8cG6iBZt
pHES6m6vn/Y+mVoq8stH6GbYnMKK1roH0i3D5A2vl16mqCSo6TMzI/uTOLrPY+Wh
C6nxURUND8I2L4PwtfZgk5BUpqIuTQ4evW3kxEk4x0n7fLepmBhUlQUDr8Rh
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:58:53 2025 by rpki-client