Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154049.roa
File: AS154049.roa (raw, json)
Hash identifier: 3wtWT7Xv0jQHplyC56XvYU5uzJ0RIg9kU+H5MJJ+0Bk=
Subject key identifier: DE:63:01:D2:DA:70:64:8A:6F:30:D9:1E:15:03:13:B0:7F:6B:11:DA
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 32FD00C79C71D7E9964A9CD68707A0D7F44E8F0D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154049.roa
Signing time: Tue 09 Sep 2025 03:38:55 +0000
ROA not before: Tue 09 Sep 2025 03:33:55 +0000
ROA not after: Tue 08 Sep 2026 03:38:55 +0000
asID: 154049
IP address blocks: 96.62.219.0/24 maxlen: 24
140.233.172.0/24 maxlen: 24
143.14.253.0/24 maxlen: 24
147.79.63.0/24 maxlen: 24
155.117.238.0/24 maxlen: 24
162.141.91.0/24 maxlen: 24
167.148.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:fd:00:c7:9c:71:d7:e9:96:4a:9c:d6:87:07:a0:d7:f4:4e:8f:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 9 03:33:55 2025 GMT
Not After : Sep 8 03:38:55 2026 GMT
Subject: CN=DE6301D2DA70648A6F30D91E150313B07F6B11DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:18:ea:f0:fe:05:0c:9d:39:50:16:b8:ba:81:
11:a5:bb:0a:ee:0f:c1:45:8b:dd:62:a4:35:8e:9d:
18:35:b4:1a:5d:c2:82:11:84:9c:40:a0:9c:8a:17:
d4:e2:08:1b:b2:c1:f5:b3:05:ae:93:45:55:74:c5:
ce:8c:4b:45:f5:9a:b6:77:ea:1b:ba:01:64:66:75:
89:af:86:93:12:93:f5:4b:ad:e2:bc:e9:e6:f5:4a:
f0:3d:11:fd:04:3a:3d:7a:73:94:cf:97:a2:8b:6c:
cd:18:7f:09:7a:92:2b:35:0b:bd:ba:f1:05:ef:6b:
5b:b8:76:68:86:2c:6c:28:18:55:40:a1:fa:cb:c2:
fc:3d:0a:1c:52:77:41:7a:e7:7d:1c:5a:4d:fc:f2:
85:8f:05:78:fb:ff:12:c8:bb:94:e6:13:9a:85:18:
25:4b:f2:29:e4:7b:a0:1d:53:0c:ba:d5:66:08:0c:
72:1e:28:97:1e:69:04:e7:cd:c9:57:a2:a9:c5:88:
2c:4f:83:dc:2b:83:ce:4c:95:d4:0a:d6:85:f5:d8:
2f:46:5e:a3:56:4f:8d:d0:57:f0:bf:e3:bb:c0:b7:
26:27:bf:0b:17:72:b8:2f:38:63:9c:e9:2d:9b:7a:
54:68:67:89:f0:d8:9c:5e:56:3d:c2:05:01:ba:4e:
86:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:63:01:D2:DA:70:64:8A:6F:30:D9:1E:15:03:13:B0:7F:6B:11:DA
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154049.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.219.0/24
140.233.172.0/24
143.14.253.0/24
147.79.63.0/24
155.117.238.0/24
162.141.91.0/24
167.148.222.0/24
Signature Algorithm: sha256WithRSAEncryption
10:c6:84:b5:ff:51:cc:6c:62:77:58:82:d1:2c:04:64:5e:9c:
96:98:8e:fc:e7:35:57:d0:36:8c:37:42:e7:f2:69:1c:e8:c0:
ec:f6:02:a6:31:e2:f4:a6:dc:b9:e0:b9:35:2e:37:08:98:2e:
22:d2:b2:ba:23:87:e0:88:f4:4f:80:83:ec:e6:04:f1:a5:0d:
19:66:8c:9a:4b:33:b7:28:40:77:ef:35:f1:69:bf:f8:d0:62:
0e:e9:50:3c:e6:bc:3e:8a:cd:25:21:ca:94:07:bc:90:a0:d6:
6f:c8:f0:32:71:ce:95:c1:9b:78:4e:91:74:b3:a6:f8:b8:32:
8c:81:32:66:dc:3b:b9:16:ba:15:b0:43:66:f7:07:61:2c:4d:
84:21:32:18:28:06:c1:68:68:ab:80:04:84:ca:be:81:40:44:
72:9c:bf:a2:f0:3d:7e:bc:38:9d:81:3c:6f:a0:26:ff:7a:cd:
82:df:25:5b:53:7f:e7:ed:34:c5:ea:9f:2c:19:71:48:a5:52:
e6:59:00:c9:3a:c1:a5:0f:d7:bc:36:67:cb:b4:02:20:be:4b:
2a:b9:cb:a7:78:28:09:57:65:2d:2b:e4:11:7f:d4:67:67:da:
db:74:d1:7a:c6:2a:ac:94:fe:8f:39:95:b4:98:44:10:08:a9:
2a:42:fd:40
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUMv0Ax5xx1+mWSpzWhweg1/ROjw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MDkwMzMzNTVaFw0yNjA5MDgwMzM4NTVaMDMxMTAvBgNV
BAMTKERFNjMwMUQyREE3MDY0OEE2RjMwRDkxRTE1MDMxM0IwN0Y2QjExREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCGOrw/gUMnTlQFri6gRGluwru
D8FFi91ipDWOnRg1tBpdwoIRhJxAoJyKF9TiCBuywfWzBa6TRVV0xc6MS0X1mrZ3
6hu6AWRmdYmvhpMSk/VLreK86eb1SvA9Ef0EOj16c5TPl6KLbM0Yfwl6kis1C726
8QXva1u4dmiGLGwoGFVAofrLwvw9ChxSd0F6530cWk388oWPBXj7/xLIu5TmE5qF
GCVL8inke6AdUwy61WYIDHIeKJceaQTnzclXoqnFiCxPg9wrg85MldQK1oX12C9G
XqNWT43QV/C/47vAtyYnvwsXcrgvOGOc6S2belRoZ4nw2JxeVj3CBQG6TobHAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQU3mMB0tpwZIpvMNkeFQMTsH9rEdowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTU0MDQ5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAYD7b
AwQAjOmsAwQAjw79AwQAk08/AwQAm3XuAwQAoo1bAwQAp5TeMA0GCSqGSIb3DQEB
CwUAA4IBAQAQxoS1/1HMbGJ3WILRLARkXpyWmI785zVX0DaMN0Ln8mkc6MDs9gKm
MeL0pty54Lk1LjcImC4i0rK6I4fgiPRPgIPs5gTxpQ0ZZoyaSzO3KEB37zXxab/4
0GIO6VA85rw+is0lIcqUB7yQoNZvyPAycc6VwZt4TpF0s6b4uDKMgTJm3Du5FroV
sENm9wdhLE2EITIYKAbBaGirgASEyr6BQERynL+i8D1+vDidgTxvoCb/es2C3yVb
U3/n7TTF6p8sGXFIpVLmWQDJOsGlD9e8NmfLtAIgvksqucuneCgJV2UtK+QRf9Rn
Z9rbdNF6xiqslP6POZW0mEQQCKkqQv1A
-----END CERTIFICATE-----
Generated at Thu Oct 9 06:15:55 2025 by rpki-client