Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS133296.roa
File: AS133296.roa (raw, json)
Hash identifier: PBftwvbbPNrBztKNR2I9ac0Ll1c4XGrU95Wd1fHX68s=
Subject key identifier: 92:98:78:2D:C8:96:B6:C9:48:C0:DB:8D:36:A7:98:84:E8:C4:3C:31
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 08E831A854FF5320D03796B1F786FFD808DB8773
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS133296.roa
Signing time: Fri 05 Sep 2025 08:55:00 +0000
ROA not before: Fri 05 Sep 2025 08:50:00 +0000
ROA not after: Fri 04 Sep 2026 08:55:00 +0000
asID: 133296
IP address blocks: 145.223.10.0/24 maxlen: 24
145.223.11.0/24 maxlen: 24
145.223.12.0/24 maxlen: 24
145.223.13.0/24 maxlen: 24
145.223.14.0/24 maxlen: 24
145.223.15.0/24 maxlen: 24
148.135.155.0/24 maxlen: 24
148.135.164.0/24 maxlen: 24
148.135.165.0/24 maxlen: 24
148.135.166.0/24 maxlen: 24
148.135.167.0/24 maxlen: 24
148.135.168.0/24 maxlen: 24
148.135.169.0/24 maxlen: 24
148.135.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 15:47:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:e8:31:a8:54:ff:53:20:d0:37:96:b1:f7:86:ff:d8:08:db:87:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 5 08:50:00 2025 GMT
Not After : Sep 4 08:55:00 2026 GMT
Subject: CN=9298782DC896B6C948C0DB8D36A79884E8C43C31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b1:84:c2:dd:62:b1:ba:87:ae:29:d9:89:b8:
01:15:0f:ee:fa:88:0b:89:c3:14:50:55:81:8c:4d:
0b:49:a8:cd:7e:ce:fe:5f:81:60:1d:ad:60:ff:ec:
c7:d1:d0:7b:52:02:75:73:5d:f2:7c:2e:29:e3:d2:
40:cf:d1:c9:5b:18:ba:ca:92:15:38:56:35:e8:15:
af:68:5f:f6:6f:49:49:ba:14:ca:8a:36:42:0b:30:
94:71:c8:7d:04:68:6b:57:1b:8e:8d:dd:3f:20:36:
d6:96:e6:f4:53:11:ee:af:68:ae:e4:53:6c:fc:e7:
54:59:a1:94:03:da:37:8c:a2:63:c4:cf:4c:2c:2b:
16:6b:bc:df:67:ad:35:eb:25:46:d2:68:02:eb:62:
00:fe:d9:a9:46:ee:c6:35:ed:84:c3:01:40:77:7d:
22:28:70:5e:5f:0e:0e:04:bc:16:a1:84:82:4c:40:
a5:fd:64:a8:b6:8a:fd:37:ed:72:59:0d:fe:89:f0:
5a:08:bf:5d:ec:77:78:00:91:ff:59:a9:e1:1c:a0:
19:87:db:30:af:b4:df:ec:00:3f:ea:bf:cf:8d:21:
00:3b:05:da:29:9a:9e:88:c1:42:57:89:08:f3:97:
2c:33:e9:85:35:a7:39:72:b2:4c:c6:a7:91:be:c3:
32:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:98:78:2D:C8:96:B6:C9:48:C0:DB:8D:36:A7:98:84:E8:C4:3C:31
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS133296.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.10.0-145.223.15.255
148.135.155.0/24
148.135.164.0-148.135.170.255
Signature Algorithm: sha256WithRSAEncryption
58:f7:b3:6c:5c:78:85:d4:eb:60:ab:4f:26:04:e1:e1:60:4e:
21:19:e9:af:d1:73:a0:fe:7d:d8:fc:d0:13:ba:8a:8a:9f:67:
11:e6:4f:a1:5b:ed:d4:72:3e:f9:1b:37:2a:af:a1:7a:f7:e1:
06:3a:b7:ef:80:00:2d:4a:8f:52:00:76:8e:8c:2c:a3:7e:c0:
1b:49:d1:b0:83:6a:2b:f0:3e:76:e8:da:bb:3b:3c:ea:09:d0:
59:ed:f8:e4:86:60:6d:6e:f6:a3:51:72:03:89:e6:1a:4a:74:
75:c4:4a:c1:d6:11:b4:aa:66:03:e4:51:e4:9e:ed:3b:15:12:
2a:ac:15:94:7a:7c:b7:4b:de:8f:87:12:f5:bc:9c:d4:13:5a:
24:82:1e:ba:78:22:86:43:a1:d4:b8:14:8a:6d:d2:cf:75:64:
2a:10:39:12:2a:ce:89:e2:16:25:ae:5d:d5:9a:64:ca:fb:2f:
01:66:52:9c:d7:6f:fe:0f:db:cf:94:31:53:9b:9e:b8:bb:88:
97:75:81:2a:36:31:c0:24:bc:1b:9d:13:30:b6:d1:2e:4a:11:
3b:74:cb:b1:76:80:ce:d5:f6:39:f4:74:6f:af:b5:8c:de:96:
c3:ef:aa:aa:b5:55:3a:91:e3:73:4c:37:a7:1d:c7:84:76:d9:
dc:d5:44:bc
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUCOgxqFT/UyDQN5ax94b/2Ajbh3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MDUwODUwMDBaFw0yNjA5MDQwODU1MDBaMDMxMTAvBgNV
BAMTKDkyOTg3ODJEQzg5NkI2Qzk0OEMwREI4RDM2QTc5ODg0RThDNDNDMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWsYTC3WKxuoeuKdmJuAEVD+76
iAuJwxRQVYGMTQtJqM1+zv5fgWAdrWD/7MfR0HtSAnVzXfJ8Linj0kDP0clbGLrK
khU4VjXoFa9oX/ZvSUm6FMqKNkILMJRxyH0EaGtXG46N3T8gNtaW5vRTEe6vaK7k
U2z851RZoZQD2jeMomPEz0wsKxZrvN9nrTXrJUbSaALrYgD+2alG7sY17YTDAUB3
fSIocF5fDg4EvBahhIJMQKX9ZKi2iv037XJZDf6J8FoIv13sd3gAkf9ZqeEcoBmH
2zCvtN/sAD/qv8+NIQA7Bdopmp6IwUJXiQjzlywz6YU1pzlyskzGp5G+wzJXAgMB
AAGjggImMIICIjAdBgNVHQ4EFgQUkph4LciWtslIwNuNNqeYhOjEPDEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTMzMjk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAGR
3woDBASR3wADBACUh5swDAMEApSHpAMEAJSHqjANBgkqhkiG9w0BAQsFAAOCAQEA
WPezbFx4hdTrYKtPJgTh4WBOIRnpr9FzoP592PzQE7qKip9nEeZPoVvt1HI++Rs3
Kq+hevfhBjq374AALUqPUgB2jowso37AG0nRsINqK/A+dujauzs86gnQWe345IZg
bW72o1FyA4nmGkp0dcRKwdYRtKpmA+RR5J7tOxUSKqwVlHp8t0vej4cS9byc1BNa
JIIeungihkOh1LgUim3Sz3VkKhA5EirOieIWJa5d1ZpkyvsvAWZSnNdv/g/bz5Qx
U5ueuLuIl3WBKjYxwCS8G50TMLbRLkoRO3TLsXaAztX2OfR0b6+1jN6Ww++qqrVV
OpHjc0w3px3HhHbZ3NVEvA==
-----END CERTIFICATE-----
Generated at Wed Sep 10 01:03:14 2025 by rpki-client