Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
File: AS135402.roa (raw, json)
Hash identifier: nE27eX84G2qy9F3Xaas54quz2ykJ4MHXfU9a7DY+SnA=
Subject key identifier: 36:1F:AF:F3:D0:E5:C2:42:1E:56:35:11:74:F7:A2:F0:F4:AC:65:BF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 61398A452D6A39B6E8C8245E65D9B36590E57051
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
Signing time: Fri 06 Jun 2025 01:58:38 +0000
ROA not before: Fri 06 Jun 2025 01:53:38 +0000
ROA not after: Fri 05 Jun 2026 01:58:38 +0000
asID: 135402
IP address blocks: 143.14.159.0/24 maxlen: 24
143.14.253.0/24 maxlen: 24
146.103.0.0/24 maxlen: 24
155.117.242.0/24 maxlen: 24
162.141.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:39:8a:45:2d:6a:39:b6:e8:c8:24:5e:65:d9:b3:65:90:e5:70:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 01:53:38 2025 GMT
Not After : Jun 5 01:58:38 2026 GMT
Subject: CN=361FAFF3D0E5C2421E56351174F7A2F0F4AC65BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:24:29:97:31:c7:1b:a0:67:e5:bf:f1:63:48:
b0:d4:89:88:4c:fd:ec:ee:52:97:3e:41:41:cc:67:
36:77:ae:a7:52:c5:44:37:92:54:5a:50:e8:3b:8e:
dc:49:1c:5f:3c:8b:5e:4b:ec:54:f5:45:6a:a4:7e:
72:39:a8:7c:cb:5d:05:0f:15:2b:cf:25:38:41:03:
3c:84:07:e6:a2:3c:a8:ea:36:7e:12:e3:ad:cd:d1:
91:47:64:89:bc:8c:ee:05:19:74:75:21:c8:9c:99:
74:c9:e4:fa:46:f9:98:1d:4d:2f:e6:d6:36:22:0f:
ec:ed:3f:0f:18:c3:d3:30:9d:aa:f4:cb:17:84:16:
41:cd:fd:d2:c9:f9:f6:1d:1c:61:51:0a:4f:94:87:
ad:e1:47:94:4c:91:d4:c2:4e:eb:b3:39:0a:cc:60:
f6:8f:10:7c:c4:d5:3a:be:9a:98:74:0c:43:14:98:
28:08:d6:42:9e:f1:4e:29:93:30:f9:9f:06:ef:fa:
27:a0:56:df:cb:73:7e:e4:e3:14:31:3b:a7:ef:b4:
83:f7:3b:a4:3d:8b:14:92:ee:e1:f8:51:90:c9:ee:
9a:70:62:ba:54:c4:0d:66:1b:e8:3e:e5:9c:32:5d:
2f:c1:2c:5b:03:49:d3:e4:a4:37:2c:f0:23:40:e0:
ca:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1F:AF:F3:D0:E5:C2:42:1E:56:35:11:74:F7:A2:F0:F4:AC:65:BF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.159.0/24
143.14.253.0/24
146.103.0.0/24
155.117.242.0/24
162.141.94.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:3f:94:21:4c:a9:9e:5d:e1:f8:e5:15:c7:75:39:3a:40:65:
92:86:d9:ad:fb:9e:fc:f2:38:91:eb:14:2c:a2:82:33:4e:69:
f9:ab:83:b5:f5:fd:4d:2a:4d:d3:18:06:10:7d:39:4c:8b:0b:
df:99:1f:16:e8:78:77:ce:13:9d:d4:f1:f2:24:60:fa:ba:4e:
d9:f9:01:97:a8:8b:5e:e6:a6:a4:0d:f4:f9:5b:57:84:34:01:
44:44:3c:81:36:75:88:ee:3e:fc:db:21:17:ea:7e:18:bf:d3:
12:85:71:2d:3a:4e:92:eb:30:c9:44:1e:58:42:f2:53:27:ef:
ae:a8:06:33:92:8a:35:fa:a8:ec:ea:06:ad:d1:16:3f:48:05:
31:5e:15:ce:5e:4f:65:6d:4a:e8:a0:ee:f0:3d:ca:19:7d:cf:
12:36:7c:af:fb:9d:1a:cb:04:a6:4f:0c:51:d6:6f:0d:c4:cd:
ec:bd:6d:fa:b4:9e:39:da:3a:2e:08:14:29:d1:a9:3c:c8:10:
b8:64:0b:3b:8e:61:63:71:cf:ca:7d:00:b6:76:b1:cb:86:9f:
c1:4f:e2:4f:62:a2:b3:f1:75:3b:15:69:88:2f:9c:2a:5e:ab:
1c:dd:31:ba:be:e0:96:8f:31:78:97:31:74:85:d1:c7:06:7d:
64:31:11:d5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUYTmKRS1qObboyCReZdmzZZDlcFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDYwMTUzMzhaFw0yNjA2MDUwMTU4MzhaMDMxMTAvBgNV
BAMTKDM2MUZBRkYzRDBFNUMyNDIxRTU2MzUxMTc0RjdBMkYwRjRBQzY1QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcJCmXMccboGflv/FjSLDUiYhM
/ezuUpc+QUHMZzZ3rqdSxUQ3klRaUOg7jtxJHF88i15L7FT1RWqkfnI5qHzLXQUP
FSvPJThBAzyEB+aiPKjqNn4S463N0ZFHZIm8jO4FGXR1IcicmXTJ5PpG+ZgdTS/m
1jYiD+ztPw8Yw9Mwnar0yxeEFkHN/dLJ+fYdHGFRCk+Uh63hR5RMkdTCTuuzOQrM
YPaPEHzE1Tq+mph0DEMUmCgI1kKe8U4pkzD5nwbv+iegVt/Lc37k4xQxO6fvtIP3
O6Q9ixSS7uH4UZDJ7ppwYrpUxA1mG+g+5ZwyXS/BLFsDSdPkpDcs8CNA4MqjAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUNh+v89DlwkIeVjURdPei8PSsZb8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1NDAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAjw6f
AwQAjw79AwQAkmcAAwQAm3XyAwQAoo1eMA0GCSqGSIb3DQEBCwUAA4IBAQBuP5Qh
TKmeXeH45RXHdTk6QGWShtmt+5788jiR6xQsooIzTmn5q4O19f1NKk3TGAYQfTlM
iwvfmR8W6Hh3zhOd1PHyJGD6uk7Z+QGXqIte5qakDfT5W1eENAFERDyBNnWI7j78
2yEX6n4Yv9MShXEtOk6S6zDJRB5YQvJTJ++uqAYzkoo1+qjs6gat0RY/SAUxXhXO
Xk9lbUrooO7wPcoZfc8SNnyv+50aywSmTwxR1m8NxM3svW36tJ452jouCBQp0ak8
yBC4ZAs7jmFjcc/KfQC2drHLhp/BT+JPYqKz8XU7FWmIL5wqXqsc3TG6vuCWjzF4
lzF0hdHHBn1kMRHV
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:22:12 2025 by rpki-client