Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS138195.roa
File: AS138195.roa (raw, json)
Hash identifier: QhjfL3H0kIx3QcVzUFt9LwuIxqP66aJmw9s7r51/PsU=
Subject key identifier: C9:9A:2E:06:D0:BF:44:DD:6E:AA:26:4C:4C:0D:38:94:E3:94:70:17
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6F0B672EDC84C0103814AD467B81A0A4826AF211
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS138195.roa
Signing time: Sat 19 Jul 2025 09:57:18 +0000
ROA not before: Sat 19 Jul 2025 09:52:18 +0000
ROA not after: Sat 18 Jul 2026 09:57:18 +0000
asID: 138195
IP address blocks: 143.14.143.0/24 maxlen: 24
162.141.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:0b:67:2e:dc:84:c0:10:38:14:ad:46:7b:81:a0:a4:82:6a:f2:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 19 09:52:18 2025 GMT
Not After : Jul 18 09:57:18 2026 GMT
Subject: CN=C99A2E06D0BF44DD6EAA264C4C0D3894E3947017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3e:56:f8:75:b6:d8:59:b3:e8:76:09:d6:79:
64:8e:2a:53:20:6b:97:ba:fc:11:2e:3d:5c:d6:66:
a9:3a:b1:1b:c4:29:ff:b0:14:1d:2e:94:86:92:f7:
e9:69:bb:23:2d:95:13:a7:fe:df:f5:df:32:21:25:
dd:ef:0e:2e:2b:b3:c5:74:b9:36:ab:9f:93:50:c4:
bf:1d:59:2c:a2:39:a4:b8:b9:2c:9e:0f:b7:dd:55:
84:7c:33:79:a1:66:69:b4:4b:08:56:3c:9a:af:7d:
7c:3b:99:01:65:cb:51:e5:6c:31:b3:da:61:f2:83:
56:b7:49:05:5e:43:2d:c5:92:ca:df:f7:4d:21:39:
c0:db:e4:8a:f9:9c:e7:32:05:96:99:a1:37:45:d0:
c3:18:ff:b8:13:a6:59:df:be:2f:65:0d:26:16:e2:
2c:5a:43:0e:7c:a8:ae:b0:10:5b:0a:10:e8:97:9f:
15:49:a9:51:2b:7e:eb:43:23:41:a7:89:07:e6:03:
1a:ff:92:64:30:54:c3:14:a8:2a:aa:8a:05:fe:21:
3f:80:1d:14:cc:5a:c5:e2:36:e6:ea:b3:f1:98:a1:
25:e2:cc:d8:54:24:46:25:af:14:ea:f6:ad:10:5d:
b0:eb:aa:41:93:e8:f9:d3:0b:7a:50:e8:80:15:46:
5b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:9A:2E:06:D0:BF:44:DD:6E:AA:26:4C:4C:0D:38:94:E3:94:70:17
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS138195.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.143.0/24
162.141.84.0/22
Signature Algorithm: sha256WithRSAEncryption
49:fd:32:64:82:69:31:10:88:23:2b:44:94:28:e0:78:53:ca:
94:d3:6d:f0:ae:86:6c:c8:26:a9:92:9c:aa:1d:ed:32:22:da:
e2:c6:c6:1b:0f:ba:97:70:c3:27:e0:86:0a:14:a7:2b:12:e6:
d6:b7:df:bf:3c:cb:42:17:77:15:56:7e:9c:b4:1a:5e:c0:66:
5f:4f:21:7b:1f:b8:db:05:b4:30:fb:48:60:be:ee:51:c1:ab:
93:9b:67:de:3d:b3:37:ed:74:63:53:74:4a:c7:05:fc:50:e8:
65:32:0b:ad:9d:a4:de:d5:91:87:48:2f:09:c1:0f:49:bb:cf:
56:c2:5f:95:a1:53:99:90:86:f3:37:61:ab:d9:9b:ac:44:13:
31:76:2a:53:b8:90:f5:ef:85:db:cb:13:e9:b5:3a:8d:5e:c7:
33:5c:c3:3b:eb:b9:a1:b9:6b:dd:9d:b9:fb:09:71:39:55:b0:
2d:b9:72:57:da:c3:f8:2d:86:e1:4a:b8:0e:fa:4f:22:1e:82:
c1:c6:af:7f:13:69:3a:5a:65:a1:ca:f2:71:2b:6e:a7:b9:a7:
a9:ed:df:31:ce:24:f2:3a:ec:80:5b:4c:6d:df:55:89:1e:70:
6e:d6:ff:31:42:b2:bb:45:32:dc:06:05:4d:9f:ab:6b:42:2f:
f2:59:b5:73
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUbwtnLtyEwBA4FK1Ge4GgpIJq8hEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTkwOTUyMThaFw0yNjA3MTgwOTU3MThaMDMxMTAvBgNV
BAMTKEM5OUEyRTA2RDBCRjQ0REQ2RUFBMjY0QzRDMEQzODk0RTM5NDcwMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Plb4dbbYWbPodgnWeWSOKlMg
a5e6/BEuPVzWZqk6sRvEKf+wFB0ulIaS9+lpuyMtlROn/t/13zIhJd3vDi4rs8V0
uTarn5NQxL8dWSyiOaS4uSyeD7fdVYR8M3mhZmm0SwhWPJqvfXw7mQFly1HlbDGz
2mHyg1a3SQVeQy3Fksrf900hOcDb5Ir5nOcyBZaZoTdF0MMY/7gTplnfvi9lDSYW
4ixaQw58qK6wEFsKEOiXnxVJqVErfutDI0GniQfmAxr/kmQwVMMUqCqqigX+IT+A
HRTMWsXiNubqs/GYoSXizNhUJEYlrxTq9q0QXbDrqkGT6PnTC3pQ6IAVRlvvAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUyZouBtC/RN1uqiZMTA04lOOUcBcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM4MTk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjw6P
AwQCoo1UMA0GCSqGSIb3DQEBCwUAA4IBAQBJ/TJkgmkxEIgjK0SUKOB4U8qU023w
roZsyCapkpyqHe0yItrixsYbD7qXcMMn4IYKFKcrEubWt9+/PMtCF3cVVn6ctBpe
wGZfTyF7H7jbBbQw+0hgvu5RwauTm2fePbM37XRjU3RKxwX8UOhlMgutnaTe1ZGH
SC8JwQ9Ju89Wwl+VoVOZkIbzN2Gr2ZusRBMxdipTuJD174XbyxPptTqNXsczXMM7
67mhuWvdnbn7CXE5VbAtuXJX2sP4LYbhSrgO+k8iHoLBxq9/E2k6WmWhyvJxK26n
uaep7d8xziTyOuyAW0xt31WJHnBu1v8xQrK7RTLcBgVNn6trQi/yWbVz
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:57:45 2025 by rpki-client