Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS47690.roa
File: AS47690.roa (raw, json)
Hash identifier: G/msnnEL2PkSXzhTle/BqB+ithuPkRSCAUx6mPKwIJ8=
Subject key identifier: FF:E0:41:5D:B0:6D:62:9B:C0:E3:21:30:DE:0E:B2:91:13:35:78:E0
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 3FEBC407276142CF0A6FA4D951D75B57C53FC11D
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS47690.roa
Signing time: Wed 02 Jul 2025 13:16:38 +0000
ROA not before: Wed 02 Jul 2025 13:11:38 +0000
ROA not after: Wed 01 Jul 2026 13:16:38 +0000
asID: 47690
IP address blocks: 143.20.140.0/24 maxlen: 24
143.20.152.0/24 maxlen: 24
143.20.168.0/24 maxlen: 24
143.20.173.0/24 maxlen: 24
143.20.185.0/24 maxlen: 24
143.20.194.0/24 maxlen: 24
143.20.212.0/24 maxlen: 24
143.20.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 11:24:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:eb:c4:07:27:61:42:cf:0a:6f:a4:d9:51:d7:5b:57:c5:3f:c1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jul 2 13:11:38 2025 GMT
Not After : Jul 1 13:16:38 2026 GMT
Subject: CN=FFE0415DB06D629BC0E32130DE0EB291133578E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ba:e4:83:f5:4c:88:35:60:7b:b9:fd:61:d4:
c4:16:67:bd:65:bc:89:1e:51:0e:ce:7c:fb:04:6a:
eb:03:6c:1d:d3:bd:a1:33:1c:2d:e4:7c:54:8a:48:
1c:97:4a:be:57:71:18:15:38:65:4a:cb:35:3e:d9:
b5:1c:8e:90:1c:e1:d0:e9:06:b4:21:3b:bd:83:94:
41:38:65:80:c1:c4:31:84:2a:eb:44:7a:09:3d:01:
37:14:92:df:69:b8:23:8a:3d:3c:71:2f:64:eb:dc:
a5:e9:0c:e3:f3:cb:2f:89:71:98:6b:1a:da:8b:ed:
b5:1c:4e:05:f6:f3:ca:66:ff:eb:f7:b5:20:27:34:
b5:92:74:ac:8c:ab:6c:1a:df:f9:ab:22:d8:12:06:
a8:01:36:0c:df:92:2f:82:35:f0:ae:f9:1e:09:a7:
fd:f8:cf:c0:37:70:89:cf:50:3f:4b:c3:8f:cf:4d:
5e:dd:e9:91:f9:49:9e:85:43:d5:c2:93:66:3a:97:
23:17:11:39:41:1c:01:86:53:de:55:ae:d7:9f:7e:
bc:28:cb:ef:1d:39:b6:c7:51:a0:5f:f7:06:ca:90:
8d:a5:0b:df:3a:20:7a:a6:a3:69:07:66:25:f1:06:
ac:33:57:37:83:f8:41:d5:ce:07:5d:e1:47:db:ef:
40:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E0:41:5D:B0:6D:62:9B:C0:E3:21:30:DE:0E:B2:91:13:35:78:E0
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS47690.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.140.0/24
143.20.152.0/24
143.20.168.0/24
143.20.173.0/24
143.20.185.0/24
143.20.194.0/24
143.20.212.0/24
143.20.220.0/24
Signature Algorithm: sha256WithRSAEncryption
60:9b:63:26:43:a5:a7:31:9f:4c:ec:49:1a:d3:ea:ce:a1:b5:
28:ef:4e:96:74:49:d7:92:7a:6e:88:91:4a:f3:5f:3b:44:00:
6e:73:13:fd:2a:bf:0e:f3:15:df:83:71:a3:ec:02:87:50:80:
72:14:73:b0:6e:8b:3c:a4:be:2b:07:3d:33:27:62:06:2e:7f:
f5:09:4b:1f:02:a5:68:97:cb:2e:ba:7d:03:26:bf:24:7f:89:
e3:86:0f:a5:22:6c:be:83:51:b5:66:21:da:94:70:f2:92:28:
de:c0:93:0a:23:d7:85:09:3c:d5:88:11:08:65:7c:ad:0b:f9:
63:9b:e5:13:5f:9e:6c:8e:7c:f5:ac:d9:2e:8f:da:26:f1:7a:
7d:30:7d:ba:38:13:80:65:b1:2b:e1:27:b7:b6:7b:98:4a:d7:
4c:a7:6b:18:22:a8:1d:42:c3:06:d9:ad:93:ec:14:de:f8:47:
51:96:7a:f1:05:98:19:52:ed:51:ec:a3:e6:78:f9:60:60:13:
56:2d:c6:f8:6e:4c:0a:c3:08:8f:e5:1f:45:ae:3c:aa:ea:83:
29:42:7d:d8:46:bb:0c:95:a3:87:ec:64:d2:97:4b:ee:49:54:
26:a7:21:15:94:2d:3d:18:13:c1:d7:27:33:eb:e2:3d:1c:67:
88:d6:97:a0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUP+vEBydhQs8Kb6TZUddbV8U/wR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA3MDIxMzExMzhaFw0yNjA3MDExMzE2MzhaMDMxMTAvBgNV
BAMTKEZGRTA0MTVEQjA2RDYyOUJDMEUzMjEzMERFMEVCMjkxMTMzNTc4RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEuuSD9UyINWB7uf1h1MQWZ71l
vIkeUQ7OfPsEausDbB3TvaEzHC3kfFSKSByXSr5XcRgVOGVKyzU+2bUcjpAc4dDp
BrQhO72DlEE4ZYDBxDGEKutEegk9ATcUkt9puCOKPTxxL2Tr3KXpDOPzyy+JcZhr
GtqL7bUcTgX288pm/+v3tSAnNLWSdKyMq2wa3/mrItgSBqgBNgzfki+CNfCu+R4J
p/34z8A3cInPUD9Lw4/PTV7d6ZH5SZ6FQ9XCk2Y6lyMXETlBHAGGU95Vrteffrwo
y+8dObbHUaBf9wbKkI2lC986IHqmo2kHZiXxBqwzVzeD+EHVzgdd4Ufb70DLAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU/+BBXbBtYpvA4yEw3g6ykRM1eOAwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNDc2OTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBACPFIwD
BACPFJgDBACPFKgDBACPFK0DBACPFLkDBACPFMIDBACPFNQDBACPFNwwDQYJKoZI
hvcNAQELBQADggEBAGCbYyZDpacxn0zsSRrT6s6htSjvTpZ0SdeSem6IkUrzXztE
AG5zE/0qvw7zFd+DcaPsAodQgHIUc7BuizykvisHPTMnYgYuf/UJSx8CpWiXyy66
fQMmvyR/ieOGD6UibL6DUbVmIdqUcPKSKN7Akwoj14UJPNWIEQhlfK0L+WOb5RNf
nmyOfPWs2S6P2ibxen0wfbo4E4BlsSvhJ7e2e5hK10ynaxgiqB1CwwbZrZPsFN74
R1GWevEFmBlS7VHso+Z4+WBgE1YtxvhuTArDCI/lH0WuPKrqgylCfdhGuwyVo4fs
ZNKXS+5JVCanIRWULT0YE8HXJzPr4j0cZ4jWl6A=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:36 2025 by rpki-client