Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
File: AS135402.roa (raw, json)
Hash identifier: 13FqXSYD3k/IL2QyVyz29JF5Fri0DkzuFcYRDmiNecA=
Subject key identifier: A3:B2:42:90:9C:AD:D0:70:C0:C6:0B:0B:3C:09:28:0F:2A:29:5A:F6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 706072AC96149758DB8CC83CC90A1DC2D1E37178
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
Signing time: Tue 26 Aug 2025 04:00:39 +0000
ROA not before: Tue 26 Aug 2025 03:55:39 +0000
ROA not after: Tue 25 Aug 2026 04:00:39 +0000
asID: 135402
IP address blocks: 143.14.141.0/24 maxlen: 24
143.14.159.0/24 maxlen: 24
146.103.0.0/24 maxlen: 24
162.141.11.0/24 maxlen: 24
162.141.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 00:55:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:60:72:ac:96:14:97:58:db:8c:c8:3c:c9:0a:1d:c2:d1:e3:71:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 26 03:55:39 2025 GMT
Not After : Aug 25 04:00:39 2026 GMT
Subject: CN=A3B242909CADD070C0C60B0B3C09280F2A295AF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:25:26:5b:9d:34:fd:01:bd:7f:7e:07:37:
50:ac:87:eb:b0:51:f4:93:97:cf:7a:85:39:95:70:
2a:9a:08:d5:99:cf:3e:31:b3:e2:fd:8e:b3:07:ed:
03:c8:d9:8f:c3:91:83:f4:48:c9:3c:bf:45:91:ae:
bc:0a:db:0d:ac:9f:29:fe:37:81:d7:95:41:19:af:
52:90:0f:00:50:d8:b3:03:a8:20:f9:9a:4c:87:db:
c1:c9:6b:5e:06:5d:3e:83:ee:ce:a1:91:cf:41:5f:
ed:11:bb:ab:a1:3d:44:13:58:6d:22:9e:f9:1e:f6:
6b:c3:f0:97:f9:4b:4f:d3:63:db:62:a5:a2:95:89:
8b:8b:97:a9:13:79:2d:96:ee:39:7c:e5:2a:06:27:
71:14:29:2d:f8:e1:5e:25:f5:74:db:ab:2a:ba:93:
1b:17:45:d8:29:fc:56:36:45:7d:b6:de:f9:be:1e:
d6:7c:16:5e:c0:bb:88:9c:57:85:92:cb:d1:f4:9e:
e8:47:54:7e:cd:00:cf:c4:4a:60:fe:b6:3e:6c:f5:
23:60:70:71:33:27:50:cc:7d:5f:01:06:ab:fc:46:
00:2c:15:5d:b4:fc:ac:d8:67:d6:b3:65:77:e1:b7:
78:94:de:1e:21:bc:e3:bd:ac:a5:6b:99:94:69:ee:
7c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B2:42:90:9C:AD:D0:70:C0:C6:0B:0B:3C:09:28:0F:2A:29:5A:F6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.141.0/24
143.14.159.0/24
146.103.0.0/24
162.141.11.0/24
162.141.94.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:ba:b2:30:99:18:00:c1:9c:5e:92:4c:e4:17:9a:16:b2:a7:
66:ae:bf:35:68:51:6d:df:27:db:f1:43:ec:77:a5:72:a8:b6:
2c:13:a3:3c:6a:eb:37:6d:70:1e:34:7f:c8:b9:69:4d:7c:b9:
1c:d5:8b:9a:2a:74:32:29:67:71:66:10:cb:2d:fa:93:da:32:
22:81:55:64:dc:26:18:34:00:32:22:7e:67:b7:0e:92:ca:67:
96:e6:0c:e2:a5:e2:2c:6e:96:96:cd:0d:c6:52:2f:44:1c:8f:
91:63:e0:52:8a:79:b2:4a:e6:ca:92:fa:bf:ce:64:f5:9d:04:
6e:b9:34:4a:e0:48:bd:75:35:c6:97:61:0d:3f:47:05:53:02:
f7:fd:33:1d:c9:bd:05:60:58:ad:0f:ad:73:45:8c:bc:93:93:
9f:73:f0:1a:1b:f8:b7:76:d5:8d:9b:34:5e:c8:30:d9:b8:ec:
4b:fc:f7:0f:59:26:b4:43:b9:99:e5:d6:90:09:db:3e:3e:10:
28:1b:01:0f:cb:97:da:8d:34:ac:88:b5:a0:22:c9:be:5f:a4:
1f:9c:9e:52:9b:f7:44:0c:c5:2c:85:b0:7b:50:0d:d7:3f:f3:
38:a5:24:1b:7e:30:a8:b1:25:e2:7d:4d:da:52:a8:fa:7d:96:
8d:3b:92:4a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUcGByrJYUl1jbjMg8yQodwtHjcXgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjYwMzU1MzlaFw0yNjA4MjUwNDAwMzlaMDMxMTAvBgNV
BAMTKEEzQjI0MjkwOUNBREQwNzBDMEM2MEIwQjNDMDkyODBGMkEyOTVBRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1LSUmW500/QG9f34HN1Csh+uw
UfSTl896hTmVcCqaCNWZzz4xs+L9jrMH7QPI2Y/DkYP0SMk8v0WRrrwK2w2snyn+
N4HXlUEZr1KQDwBQ2LMDqCD5mkyH28HJa14GXT6D7s6hkc9BX+0Ru6uhPUQTWG0i
nvke9mvD8Jf5S0/TY9tipaKViYuLl6kTeS2W7jl85SoGJ3EUKS344V4l9XTbqyq6
kxsXRdgp/FY2RX223vm+HtZ8Fl7Au4icV4WSy9H0nuhHVH7NAM/ESmD+tj5s9SNg
cHEzJ1DMfV8BBqv8RgAsFV20/KzYZ9azZXfht3iU3h4hvOO9rKVrmZRp7nw7AgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUo7JCkJyt0HDAxgsLPAkoDyopWvYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1NDAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAjw6N
AwQAjw6fAwQAkmcAAwQAoo0LAwQAoo1eMA0GCSqGSIb3DQEBCwUAA4IBAQCkurIw
mRgAwZxekkzkF5oWsqdmrr81aFFt3yfb8UPsd6VyqLYsE6M8aus3bXAeNH/IuWlN
fLkc1YuaKnQyKWdxZhDLLfqT2jIigVVk3CYYNAAyIn5ntw6SymeW5gzipeIsbpaW
zQ3GUi9EHI+RY+BSinmySubKkvq/zmT1nQRuuTRK4Ei9dTXGl2ENP0cFUwL3/TMd
yb0FYFitD61zRYy8k5Ofc/AaG/i3dtWNmzReyDDZuOxL/PcPWSa0Q7mZ5daQCds+
PhAoGwEPy5fajTSsiLWgIsm+X6QfnJ5Sm/dEDMUshbB7UA3XP/M4pSQbfjCosSXi
fU3aUqj6fZaNO5JK
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:34:36 2025 by rpki-client