Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3257.roa
File: AS3257.roa (raw, json)
Hash identifier: XcWnBnjLIcj2gfT1ZypZRP0PfMmsiv7B3/THkoYIPkI=
Subject key identifier: 35:77:45:CE:5D:83:51:8D:F0:E6:FB:4A:8B:FF:E0:FC:8C:54:CF:C8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6B37D8B91CD3AAD69C18F824E5A6739447E47080
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3257.roa
Signing time: Thu 10 Jul 2025 06:57:35 +0000
ROA not before: Thu 10 Jul 2025 06:52:35 +0000
ROA not after: Thu 09 Jul 2026 06:57:35 +0000
asID: 3257
IP address blocks: 143.14.37.0/24 maxlen: 24
143.14.127.0/24 maxlen: 24
155.117.162.0/24 maxlen: 24
162.141.49.0/24 maxlen: 24
162.141.64.0/24 maxlen: 24
162.141.95.0/24 maxlen: 24
162.141.122.0/24 maxlen: 24
162.141.165.0/24 maxlen: 24
167.148.1.0/24 maxlen: 24
167.148.4.0/24 maxlen: 24
167.148.5.0/24 maxlen: 24
167.148.10.0/24 maxlen: 24
167.148.12.0/24 maxlen: 24
167.148.14.0/24 maxlen: 24
167.148.29.0/24 maxlen: 24
167.148.30.0/24 maxlen: 24
167.148.35.0/24 maxlen: 24
167.148.70.0/24 maxlen: 24
167.148.100.0/24 maxlen: 24
167.148.102.0/24 maxlen: 24
167.148.106.0/24 maxlen: 24
167.148.116.0/24 maxlen: 24
167.148.127.0/24 maxlen: 24
167.148.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:37:d8:b9:1c:d3:aa:d6:9c:18:f8:24:e5:a6:73:94:47:e4:70:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 10 06:52:35 2025 GMT
Not After : Jul 9 06:57:35 2026 GMT
Subject: CN=357745CE5D83518DF0E6FB4A8BFFE0FC8C54CFC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3d:92:77:35:64:41:53:8d:78:af:87:ee:dd:
71:2e:c4:f2:19:e4:4a:a5:a9:c0:f6:c2:b4:6f:3b:
df:58:58:ed:47:a0:9e:b6:52:78:e7:2d:22:48:e2:
88:c6:99:91:9c:71:cb:0b:ff:f5:dd:2f:49:77:4e:
04:4e:f2:03:c0:f2:1d:49:e0:4a:21:74:01:e2:d9:
59:64:5e:72:a8:04:03:d0:42:0e:b9:fb:8d:24:bf:
19:dc:2a:ff:09:83:e7:10:5c:82:e4:3d:0a:fc:a9:
01:b5:4a:15:fd:e3:3f:f6:bd:6b:6e:1b:dd:10:e2:
79:f2:81:e3:e1:b2:5d:38:18:dd:99:37:1d:c7:b6:
03:56:63:0e:fb:7a:ec:dd:07:6d:ff:94:f3:4e:8d:
1d:7b:b7:fc:c6:5c:81:17:bb:ec:04:85:a9:40:12:
7b:94:2b:28:c6:22:6f:39:2c:cd:6b:74:f0:86:2e:
63:89:a8:6d:28:64:aa:4c:8a:fb:3a:1e:98:13:66:
ec:23:06:8d:1a:d0:0b:8a:85:da:11:c5:58:12:d2:
fc:6c:92:0d:42:cd:c0:97:04:ec:5e:4b:52:39:ba:
08:e3:bb:17:a1:a1:20:c6:28:a3:50:a0:60:c6:a0:
a5:5c:87:60:ac:f0:b7:a7:f7:56:46:57:2a:e1:ba:
69:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:77:45:CE:5D:83:51:8D:F0:E6:FB:4A:8B:FF:E0:FC:8C:54:CF:C8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.37.0/24
143.14.127.0/24
155.117.162.0/24
162.141.49.0/24
162.141.64.0/24
162.141.95.0/24
162.141.122.0/24
162.141.165.0/24
167.148.1.0/24
167.148.4.0/23
167.148.10.0/24
167.148.12.0/24
167.148.14.0/24
167.148.29.0-167.148.30.255
167.148.35.0/24
167.148.70.0/24
167.148.100.0/24
167.148.102.0/24
167.148.106.0/24
167.148.116.0/24
167.148.127.0/24
167.148.191.0/24
Signature Algorithm: sha256WithRSAEncryption
36:fb:27:43:92:e2:dd:99:5a:86:9f:1a:89:7a:71:b5:fb:45:
b5:59:f8:0a:df:88:70:50:1c:c2:6e:9a:0a:53:7c:b2:4a:01:
81:b0:51:0a:51:78:b7:7f:44:22:85:5a:0c:da:eb:09:88:e3:
c6:17:ca:1a:ee:c1:42:cb:1b:a1:c4:28:48:26:4d:53:e6:82:
73:ae:b8:af:a7:5e:46:e8:c0:5c:5e:cc:ef:57:cc:76:5f:68:
c5:12:10:c8:9f:fa:5c:d2:e5:d3:61:ef:29:d2:bf:33:57:3b:
67:6a:d6:04:6c:29:c8:56:01:7e:9d:8e:eb:73:b9:11:9b:8e:
ac:e0:95:dd:be:ef:70:8b:71:16:56:64:15:79:3e:f5:74:ff:
f6:ee:8f:22:be:33:1d:16:ac:65:22:4f:f4:08:74:a8:d3:93:
c3:2e:35:11:c3:71:94:d9:23:bc:2c:af:91:3a:4b:69:54:03:
bc:6b:28:f8:1b:35:62:c8:86:d3:9f:54:5c:2d:a2:86:48:b7:
28:84:a8:eb:e0:b1:6c:f7:d9:f5:a5:17:c2:e8:9e:14:35:69:
7c:29:e6:63:e4:f0:1a:5e:bd:a9:ea:84:23:ab:ba:7f:0b:26:
2d:7f:fe:db:19:2a:eb:fe:a4:6c:15:0f:a4:86:42:e1:73:07:
23:ef:57:c0
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUazfYuRzTqtacGPgk5aZzlEfkcIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTAwNjUyMzVaFw0yNjA3MDkwNjU3MzVaMDMxMTAvBgNV
BAMTKDM1Nzc0NUNFNUQ4MzUxOERGMEU2RkI0QThCRkZFMEZDOEM1NENGQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjPZJ3NWRBU414r4fu3XEuxPIZ
5EqlqcD2wrRvO99YWO1HoJ62UnjnLSJI4ojGmZGcccsL//XdL0l3TgRO8gPA8h1J
4EohdAHi2VlkXnKoBAPQQg65+40kvxncKv8Jg+cQXILkPQr8qQG1ShX94z/2vWtu
G90Q4nnygePhsl04GN2ZNx3HtgNWYw77euzdB23/lPNOjR17t/zGXIEXu+wEhalA
EnuUKyjGIm85LM1rdPCGLmOJqG0oZKpMivs6HpgTZuwjBo0a0AuKhdoRxVgS0vxs
kg1CzcCXBOxeS1I5ugjjuxehoSDGKKNQoGDGoKVch2Cs8Len91ZGVyrhummHAgMB
AAGjggKTMIICjzAdBgNVHQ4EFgQUNXdFzl2DUY3w5vtKi//g/IxUz8gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBqQYIKwYBBQUHAQcBAf8EgZkwgZYwgZMEAgABMIGMAwQA
jw4lAwQAjw5/AwQAm3WiAwQAoo0xAwQAoo1AAwQAoo1fAwQAoo16AwQAoo2lAwQA
p5QBAwQBp5QEAwQAp5QKAwQAp5QMAwQAp5QOMAwDBACnlB0DBACnlB4DBACnlCMD
BACnlEYDBACnlGQDBACnlGYDBACnlGoDBACnlHQDBACnlH8DBACnlL8wDQYJKoZI
hvcNAQELBQADggEBADb7J0OS4t2ZWoafGol6cbX7RbVZ+ArfiHBQHMJumgpTfLJK
AYGwUQpReLd/RCKFWgza6wmI48YXyhruwULLG6HEKEgmTVPmgnOuuK+nXkbowFxe
zO9XzHZfaMUSEMif+lzS5dNh7ynSvzNXO2dq1gRsKchWAX6djutzuRGbjqzgld2+
73CLcRZWZBV5PvV0//bujyK+Mx0WrGUiT/QIdKjTk8MuNRHDcZTZI7wsr5E6S2lU
A7xrKPgbNWLIhtOfVFwtooZItyiEqOvgsWz32fWlF8LonhQ1aXwp5mPk8Bpevanq
hCOrun8LJi1//tsZKuv+pGwVD6SGQuFzByPvV8A=
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:57:52 2025 by rpki-client