Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa
File: AS135391.roa (raw, json)
Hash identifier: srTT2+9tJEfXgCjHOBDi8iOxqxqzjcipmBmG9SCTOEk=
Subject key identifier: 86:BF:1C:6E:53:66:4E:59:DE:CA:CA:70:04:DD:26:7C:37:F7:E0:9C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 13337952AB5DF7A318D57D28A060433C12E9A2F0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa
Signing time: Fri 06 Jun 2025 02:03:39 +0000
ROA not before: Fri 06 Jun 2025 01:58:39 +0000
ROA not after: Fri 05 Jun 2026 02:03:39 +0000
asID: 135391
IP address blocks: 147.79.56.0/24 maxlen: 24
155.117.1.0/24 maxlen: 24
162.141.39.0/24 maxlen: 24
162.141.65.0/24 maxlen: 24
162.141.140.0/24 maxlen: 24
162.141.179.0/24 maxlen: 24
162.141.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:33:79:52:ab:5d:f7:a3:18:d5:7d:28:a0:60:43:3c:12:e9:a2:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 01:58:39 2025 GMT
Not After : Jun 5 02:03:39 2026 GMT
Subject: CN=86BF1C6E53664E59DECACA7004DD267C37F7E09C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b9:6f:ff:34:67:4d:a1:09:66:42:1d:06:44:
67:9c:82:58:03:0b:29:8e:41:b1:af:2f:0f:d9:11:
02:68:4b:2d:da:58:87:b3:9a:62:13:cb:0c:12:c0:
d8:93:72:ef:2d:fb:5a:e4:b2:93:2a:87:19:54:f5:
50:a1:d7:26:99:57:4e:d3:d6:69:f2:c0:ee:08:74:
c0:b3:ec:9e:95:12:e1:10:e8:ea:ea:cc:06:96:f7:
1f:60:3f:e2:d5:84:7d:59:c9:b9:82:7e:36:2a:ef:
82:89:03:b9:76:73:e6:aa:79:e9:e4:cb:1b:e1:54:
44:17:12:72:ff:71:f6:eb:50:56:ac:94:da:2c:0b:
4d:0c:06:9e:b7:71:28:f7:be:6f:a3:04:fc:2a:e1:
ee:8e:03:a0:e4:4a:3c:f4:cb:93:bb:f1:f6:2c:75:
d3:f1:ce:0a:88:18:f6:d2:0f:a9:40:5b:78:f3:e2:
4b:5c:11:b0:3b:b6:eb:47:6d:f7:a5:dd:4f:05:4b:
78:2b:97:13:07:04:68:96:4a:a2:a0:87:38:23:23:
43:39:01:1b:2d:43:c8:ff:54:69:11:37:2f:c6:dd:
af:51:4a:37:97:2c:b9:67:f5:9d:13:9e:af:d0:de:
d8:33:ea:24:e6:78:c9:84:43:4c:69:fa:d1:1e:7c:
be:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BF:1C:6E:53:66:4E:59:DE:CA:CA:70:04:DD:26:7C:37:F7:E0:9C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.56.0/24
155.117.1.0/24
162.141.39.0/24
162.141.65.0/24
162.141.140.0/24
162.141.179.0/24
162.141.183.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:1e:62:7d:5c:b1:f1:15:0d:07:46:ba:48:30:d4:36:d5:0b:
b3:8e:0b:6e:4b:73:9c:ba:39:ff:e0:16:43:60:f7:75:8e:27:
63:c1:45:7c:00:d5:f4:d7:f1:03:d1:c5:78:a9:f1:2c:46:f5:
3a:84:f5:f0:fa:b5:d9:4f:bc:6f:13:a4:71:f2:34:6f:60:e0:
13:10:58:38:3f:15:20:9c:bd:e1:91:db:19:c7:11:c6:c9:36:
7e:7d:60:eb:1b:7e:4d:f9:73:2e:90:65:4a:00:3e:58:28:f0:
7f:5b:31:2b:84:ae:ee:45:85:35:46:c7:62:97:17:8a:64:04:
c6:69:7b:bc:61:61:f3:94:54:cb:88:2e:cc:60:ca:3a:51:d3:
ec:7a:f8:f5:23:55:72:ae:2e:e9:1a:be:15:4f:51:a8:84:8e:
1f:f3:ba:1c:5f:32:b4:44:fa:31:e2:9b:ae:49:20:cb:3d:ed:
fb:c1:91:f1:21:91:f1:2e:28:5e:c1:a4:e7:d6:94:ba:6c:67:
f5:18:8a:14:b5:2a:2c:b0:9b:f7:c3:86:3b:30:98:45:25:6a:
fb:ef:38:1d:c7:f3:43:a8:87:31:48:79:d2:ac:2e:74:4c:72:
04:d4:d3:1e:3a:cc:32:e4:a5:66:38:f6:07:5c:43:71:ad:69:
b5:52:69:25
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUEzN5Uqtd96MY1X0ooGBDPBLpovAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDYwMTU4MzlaFw0yNjA2MDUwMjAzMzlaMDMxMTAvBgNV
BAMTKDg2QkYxQzZFNTM2NjRFNTlERUNBQ0E3MDA0REQyNjdDMzdGN0UwOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMuW//NGdNoQlmQh0GRGecglgD
CymOQbGvLw/ZEQJoSy3aWIezmmITywwSwNiTcu8t+1rkspMqhxlU9VCh1yaZV07T
1mnywO4IdMCz7J6VEuEQ6OrqzAaW9x9gP+LVhH1ZybmCfjYq74KJA7l2c+aqeenk
yxvhVEQXEnL/cfbrUFaslNosC00MBp63cSj3vm+jBPwq4e6OA6DkSjz0y5O78fYs
ddPxzgqIGPbSD6lAW3jz4ktcEbA7tutHbfel3U8FS3grlxMHBGiWSqKghzgjI0M5
ARstQ8j/VGkRNy/G3a9RSjeXLLln9Z0Tnq/Q3tgz6iTmeMmEQ0xp+tEefL7fAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUhr8cblNmTlneyspwBN0mfDf34JwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1MzkxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAk084
AwQAm3UBAwQAoo0nAwQAoo1BAwQAoo2MAwQAoo2zAwQAoo23MA0GCSqGSIb3DQEB
CwUAA4IBAQCgHmJ9XLHxFQ0HRrpIMNQ21QuzjgtuS3Ocujn/4BZDYPd1jidjwUV8
ANX01/ED0cV4qfEsRvU6hPXw+rXZT7xvE6Rx8jRvYOATEFg4PxUgnL3hkdsZxxHG
yTZ+fWDrG35N+XMukGVKAD5YKPB/WzErhK7uRYU1RsdilxeKZATGaXu8YWHzlFTL
iC7MYMo6UdPsevj1I1Vyri7pGr4VT1GohI4f87ocXzK0RPox4puuSSDLPe37wZHx
IZHxLihewaTn1pS6bGf1GIoUtSossJv3w4Y7MJhFJWr77zgdx/NDqIcxSHnSrC50
THIE1NMeOswy5KVmOPYHXENxrWm1Umkl
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:11:00 2025 by rpki-client