Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: U1M8rIzq3Nc39XEDneiFaVw0xqDE52pECVAGly5KS5E=
Subject key identifier: 94:94:0E:F1:FD:A5:EE:F2:21:E0:40:A2:5E:58:21:38:EC:55:DC:BD
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 79EAFFA94931FFEFE681442043886CBE01F923BC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
Signing time: Fri 06 Jun 2025 01:57:50 +0000
ROA not before: Fri 06 Jun 2025 01:52:50 +0000
ROA not after: Fri 05 Jun 2026 01:57:50 +0000
asID: 137235
IP address blocks: 143.14.71.0/24 maxlen: 24
143.14.162.0/24 maxlen: 24
155.117.243.0/24 maxlen: 24
155.117.244.0/24 maxlen: 24
162.141.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:ea:ff:a9:49:31:ff:ef:e6:81:44:20:43:88:6c:be:01:f9:23:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 01:52:50 2025 GMT
Not After : Jun 5 01:57:50 2026 GMT
Subject: CN=94940EF1FDA5EEF221E040A25E582138EC55DCBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a9:2f:4b:3b:bd:44:25:7c:5d:bc:fe:2c:94:
68:20:44:6f:05:56:98:77:98:4c:4f:b5:04:0c:64:
98:ba:dc:e9:3d:84:5e:16:5f:5e:e5:9e:3e:52:6a:
28:d4:95:0b:1b:f6:74:0f:14:f8:20:da:0f:bd:41:
32:1f:91:a4:f8:80:e9:7a:8b:36:95:69:95:3c:cf:
8c:7c:1d:42:46:b3:77:13:8c:c5:0d:a0:e8:0f:0d:
ea:99:ad:dc:53:27:66:30:83:e6:92:97:f4:9e:33:
88:98:ad:dc:f0:f0:df:93:20:bd:81:68:2a:a2:ac:
41:a7:d0:ef:5b:fa:fa:95:a0:24:db:a5:0d:0a:57:
eb:80:b0:83:06:e8:6f:4f:ee:14:1d:2b:3c:81:0c:
23:bc:19:19:d4:d8:25:3e:ad:c0:e5:eb:1e:6f:b8:
e0:cd:03:55:8b:ce:60:a6:90:02:2f:03:7b:de:cf:
45:13:cf:e2:54:19:28:db:9f:77:37:c0:2f:19:13:
21:c6:17:af:c5:7a:98:b4:72:5a:4c:31:c3:4d:de:
96:ed:44:6d:66:dd:c0:d5:69:4a:d1:46:ee:2b:44:
eb:c8:f3:48:87:9d:f4:75:10:f6:90:79:93:80:e7:
13:8b:2f:7d:9c:d0:56:d3:f8:85:af:6b:4f:fc:75:
4b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:94:0E:F1:FD:A5:EE:F2:21:E0:40:A2:5E:58:21:38:EC:55:DC:BD
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.71.0/24
143.14.162.0/24
155.117.243.0-155.117.244.255
162.141.114.0/24
Signature Algorithm: sha256WithRSAEncryption
96:33:0f:6c:74:3e:95:4f:d7:9e:05:11:b6:fc:9a:4f:56:54:
ca:ac:24:48:2a:71:aa:d5:b1:6c:af:47:4c:ba:52:dc:18:5d:
58:19:89:95:56:a8:69:27:d9:a3:85:ad:ab:65:dc:26:59:91:
ef:2a:c9:fa:e9:40:65:ca:13:15:0c:f1:16:fd:eb:cc:e0:f6:
09:16:4c:4e:96:44:4b:18:87:e1:6b:ae:62:8e:9f:6a:de:83:
c4:da:30:3d:91:60:34:b9:79:b4:9f:cf:af:cb:b3:71:72:76:
de:27:5a:59:9c:80:a8:a8:cb:ca:78:39:be:01:9a:ed:3a:3f:
23:38:cd:7e:9d:2e:4a:ff:06:ca:98:ad:ba:b2:72:77:d8:15:
a3:25:0a:eb:b0:5f:10:08:f9:bd:25:ff:68:8c:8b:20:68:27:
05:f6:32:3e:1c:99:46:c5:16:db:9c:dd:ae:02:97:37:b2:a6:
16:8d:7c:e5:75:92:b5:1f:ff:73:86:6f:9f:73:25:c8:d8:14:
6d:86:e1:79:0a:20:9c:36:0a:8a:a2:17:23:d7:b6:c6:17:76:
77:f3:39:04:ef:48:4e:26:ba:5a:7c:68:8d:b7:49:ba:66:ba:
27:4c:11:49:cf:b1:7a:9d:15:11:a0:f7:bf:ef:d9:2b:99:00:
9b:90:25:69
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUeer/qUkx/+/mgUQgQ4hsvgH5I7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDYwMTUyNTBaFw0yNjA2MDUwMTU3NTBaMDMxMTAvBgNV
BAMTKDk0OTQwRUYxRkRBNUVFRjIyMUUwNDBBMjVFNTgyMTM4RUM1NURDQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoqS9LO71EJXxdvP4slGggRG8F
Vph3mExPtQQMZJi63Ok9hF4WX17lnj5SaijUlQsb9nQPFPgg2g+9QTIfkaT4gOl6
izaVaZU8z4x8HUJGs3cTjMUNoOgPDeqZrdxTJ2Ywg+aSl/SeM4iYrdzw8N+TIL2B
aCqirEGn0O9b+vqVoCTbpQ0KV+uAsIMG6G9P7hQdKzyBDCO8GRnU2CU+rcDl6x5v
uODNA1WLzmCmkAIvA3vez0UTz+JUGSjbn3c3wC8ZEyHGF6/Fepi0clpMMcNN3pbt
RG1m3cDVaUrRRu4rROvI80iHnfR1EPaQeZOA5xOLL32c0FbT+IWva0/8dUt5AgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUlJQO8f2l7vIh4ECiXlghOOxV3L0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAjw5H
AwQAjw6iMAwDBACbdfMDBACbdfQDBACijXIwDQYJKoZIhvcNAQELBQADggEBAJYz
D2x0PpVP154FEbb8mk9WVMqsJEgqcarVsWyvR0y6UtwYXVgZiZVWqGkn2aOFratl
3CZZke8qyfrpQGXKExUM8Rb968zg9gkWTE6WREsYh+FrrmKOn2reg8TaMD2RYDS5
ebSfz6/Ls3Fydt4nWlmcgKioy8p4Ob4Bmu06PyM4zX6dLkr/BsqYrbqycnfYFaMl
CuuwXxAI+b0l/2iMiyBoJwX2Mj4cmUbFFtuc3a4ClzeyphaNfOV1krUf/3OGb59z
JcjYFG2G4XkKIJw2CoqiFyPXtsYXdnfzOQTvSE4mulp8aI23SbpmuidMEUnPsXqd
FRGg97/v2SuZAJuQJWk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:04:50 2025 by rpki-client