Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS140224.roa
File: AS140224.roa (raw, json)
Hash identifier: fSsd93d5Ewg2rw4ueCuI1iZ91ae9o3tghByNeOwLd1o=
Subject key identifier: 44:E4:9E:6A:1F:EB:E9:D3:3B:52:29:CD:41:77:3B:71:E9:0C:47:27
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 43A5568BDD922BE8D6C9D3FE5F3C3EBC35435BD3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS140224.roa
Signing time: Tue 14 Oct 2025 10:36:29 +0000
ROA not before: Tue 14 Oct 2025 10:31:29 +0000
ROA not after: Tue 13 Oct 2026 10:36:29 +0000
asID: 140224
IP address blocks: 96.62.222.0/24 maxlen: 24
140.233.171.0/24 maxlen: 24
143.14.145.0/24 maxlen: 24
155.117.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:a5:56:8b:dd:92:2b:e8:d6:c9:d3:fe:5f:3c:3e:bc:35:43:5b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 14 10:31:29 2025 GMT
Not After : Oct 13 10:36:29 2026 GMT
Subject: CN=44E49E6A1FEBE9D33B5229CD41773B71E90C4727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ae:dd:65:be:0b:40:1d:65:94:fe:b1:a2:4f:
b9:71:66:07:ab:2e:ae:ec:d4:ad:0d:f2:0e:f9:cf:
50:78:d2:bc:1d:7b:62:ba:23:0b:a3:bd:7a:a1:2f:
19:28:1d:10:3f:41:86:bd:ba:34:ce:fb:43:da:25:
8c:33:f0:c1:3b:a4:5e:8e:3d:ce:4e:f4:fd:2d:d5:
0f:67:3b:60:ad:a3:44:a0:0e:27:22:b5:c3:12:b3:
dd:1b:aa:f5:a2:f5:24:60:b9:77:9c:6a:f9:c9:5a:
04:ae:cb:ac:b3:2b:e4:7d:aa:bc:9f:4a:c9:ef:b6:
5b:e9:8d:d3:73:b0:ab:01:61:1b:56:b3:50:6d:44:
d6:ca:74:45:c8:35:69:53:56:d2:e8:47:81:ed:5b:
56:44:2d:9b:19:6f:8d:08:a1:e8:1f:03:21:02:61:
d5:f1:e9:4a:b2:3d:cf:24:81:2d:5c:41:cd:14:ea:
51:0b:0a:31:ee:7e:3f:6d:f4:04:38:cb:03:4f:1c:
11:a9:56:2d:c8:00:fc:02:c9:08:72:0b:74:d6:61:
70:13:3a:c1:3b:97:66:28:59:11:b9:1b:5c:e7:54:
99:51:f7:d1:f5:d5:dd:9f:ae:df:b2:25:38:b3:40:
b1:ab:fc:50:a8:b8:2c:81:0d:34:f1:df:a2:d5:ea:
b1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E4:9E:6A:1F:EB:E9:D3:3B:52:29:CD:41:77:3B:71:E9:0C:47:27
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS140224.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.222.0/24
140.233.171.0/24
143.14.145.0/24
155.117.15.0/24
Signature Algorithm: sha256WithRSAEncryption
28:8c:ba:5c:f3:4f:fe:f5:a2:b8:a2:86:3d:6e:26:2f:ac:e5:
48:ab:65:35:17:11:41:52:20:3d:10:aa:02:96:63:6d:64:fb:
5a:28:9d:2a:4f:bf:59:1c:a5:94:4d:a7:51:6f:1a:a2:5c:85:
28:67:fa:e6:74:20:4a:d2:e5:7c:95:da:f6:80:01:b2:a1:3f:
5f:dd:81:8b:7d:d1:36:18:39:29:68:69:5b:a9:9b:27:5a:e2:
cb:4b:98:ad:96:80:34:80:2d:c0:c5:99:38:da:36:d1:2d:dd:
6f:ac:1c:43:5b:e2:bb:5d:0d:b4:34:73:0e:0a:1c:3e:91:92:
a8:7e:35:78:54:e4:ca:c6:81:90:29:74:23:2a:38:4a:1b:0e:
d5:be:81:4e:82:42:09:5c:5c:b3:17:ad:27:19:38:04:6a:05:
82:c7:a8:55:cb:8f:eb:54:3e:78:ce:8a:4f:d5:4a:6f:63:eb:
b3:fd:3c:9c:fb:c5:5b:4b:7d:b5:bc:37:32:f5:b9:01:75:47:
82:97:cf:f5:da:da:3d:3e:26:25:fb:4b:6f:c4:3a:af:54:51:
26:5e:f4:56:f2:51:5f:c7:61:69:e1:09:c6:43:0b:a0:4b:2b:
14:18:ba:c3:20:66:43:40:fe:c4:c3:d1:91:c7:70:bb:74:96:
fb:db:bc:46
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUQ6VWi92SK+jWydP+Xzw+vDVDW9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMTQxMDMxMjlaFw0yNjEwMTMxMDM2MjlaMDMxMTAvBgNV
BAMTKDQ0RTQ5RTZBMUZFQkU5RDMzQjUyMjlDRDQxNzczQjcxRTkwQzQ3MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDirt1lvgtAHWWU/rGiT7lxZger
Lq7s1K0N8g75z1B40rwde2K6IwujvXqhLxkoHRA/QYa9ujTO+0PaJYwz8ME7pF6O
Pc5O9P0t1Q9nO2Cto0SgDicitcMSs90bqvWi9SRguXecavnJWgSuy6yzK+R9qryf
SsnvtlvpjdNzsKsBYRtWs1BtRNbKdEXINWlTVtLoR4HtW1ZELZsZb40IoegfAyEC
YdXx6UqyPc8kgS1cQc0U6lELCjHufj9t9AQ4ywNPHBGpVi3IAPwCyQhyC3TWYXAT
OsE7l2YoWRG5G1znVJlR99H11d2frt+yJTizQLGr/FCouCyBDTTx36LV6rHXAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUROSeah/r6dM7UinNQXc7cekMRycwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQwMjI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAYD7e
AwQAjOmrAwQAjw6RAwQAm3UPMA0GCSqGSIb3DQEBCwUAA4IBAQAojLpc80/+9aK4
ooY9biYvrOVIq2U1FxFBUiA9EKoClmNtZPtaKJ0qT79ZHKWUTadRbxqiXIUoZ/rm
dCBK0uV8ldr2gAGyoT9f3YGLfdE2GDkpaGlbqZsnWuLLS5itloA0gC3AxZk42jbR
Ld1vrBxDW+K7XQ20NHMOChw+kZKofjV4VOTKxoGQKXQjKjhKGw7VvoFOgkIJXFyz
F60nGTgEagWCx6hVy4/rVD54zopP1UpvY+uz/Tyc+8VbS321vDcy9bkBdUeCl8/1
2to9PiYl+0tvxDqvVFEmXvRW8lFfx2Fp4QnGQwugSysUGLrDIGZDQP7Ew9GRx3C7
dJb727xG
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:08:31 2025 by rpki-client