
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS147060.roa
File: AS147060.roa (raw, json)
Hash identifier: +s+d+mTgjVOlc+3nHE+CqJgPCyX28iDzWO6NohhVpHI=
Subject key identifier: B9:95:E3:34:05:6D:3F:B8:54:13:A6:0B:37:49:89:E9:F8:22:AD:23
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 545B44D29EFE1FFC42D25472F673433C225B9DB1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS147060.roa
Signing time: Wed 01 Oct 2025 08:25:15 +0000
ROA not before: Wed 01 Oct 2025 08:20:15 +0000
ROA not after: Wed 30 Sep 2026 08:25:15 +0000
asID: 147060
IP address blocks: 147.79.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 18:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:5b:44:d2:9e:fe:1f:fc:42:d2:54:72:f6:73:43:3c:22:5b:9d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 1 08:20:15 2025 GMT
Not After : Sep 30 08:25:15 2026 GMT
Subject: CN=B995E334056D3FB85413A60B374989E9F822AD23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bf:20:53:f2:ae:aa:a9:26:5b:a8:86:5f:5c:
5c:6c:a7:39:50:a6:d6:8d:69:fb:f1:b9:88:ee:21:
48:7b:53:2f:7f:c2:8d:3f:7b:f9:ef:42:0b:68:51:
39:58:a5:e7:64:31:cc:ae:b6:22:7c:65:3d:94:07:
e5:54:e3:c8:f3:4e:98:ec:45:53:90:b2:52:d2:20:
54:27:d5:02:a9:22:1d:36:3b:d7:67:ce:55:4d:a2:
12:76:7f:2a:0b:43:7e:fa:6e:af:f0:97:08:8d:b3:
1b:dd:97:0f:48:eb:6d:23:72:da:5f:c0:76:ef:41:
1d:ba:d5:ec:00:83:a5:fe:2d:56:14:af:7e:3e:bc:
6a:01:ee:a8:25:8b:3d:7e:9b:ce:02:16:0a:06:5a:
0c:4c:d4:19:79:14:ed:30:c8:b2:1a:d9:29:cc:6a:
38:c4:3e:31:b6:79:fa:d7:85:d3:c4:6b:b4:fd:c6:
19:3d:9c:d7:de:c3:2f:bb:f5:e3:b7:6e:b9:19:9a:
6b:70:39:65:d1:55:41:3f:6b:f7:e2:44:2a:94:0b:
7a:1d:8c:ae:c4:e6:e6:b3:91:79:23:1b:bf:cc:ae:
40:90:85:da:ae:8f:93:c8:94:9a:64:b3:73:b5:c6:
c6:8a:de:c0:dc:83:24:a0:68:20:11:89:aa:e4:56:
8c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:95:E3:34:05:6D:3F:B8:54:13:A6:0B:37:49:89:E9:F8:22:AD:23
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS147060.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.3.0/24
Signature Algorithm: sha256WithRSAEncryption
54:5e:8f:0e:4e:04:c4:7d:29:2e:38:d0:5b:05:4f:d0:98:fb:
73:05:a1:74:a4:c0:c7:aa:22:bd:66:91:d2:76:78:3c:9b:30:
bf:c6:33:0e:97:71:7c:48:19:30:00:ae:90:b9:37:75:9c:bb:
c7:47:be:79:b4:a8:86:6f:cb:17:90:ab:f0:71:d0:e9:f9:3a:
b0:eb:8e:92:94:63:27:49:fe:73:ec:9e:d3:b7:18:ff:54:27:
62:2c:27:cd:1b:4d:30:29:64:a1:07:4e:b9:d6:bb:13:8c:0c:
88:b0:03:d2:a2:a8:9a:9d:b9:ae:e6:26:bb:b3:d9:10:51:94:
2f:35:5b:aa:78:44:59:a0:5d:71:81:34:63:bb:a5:dd:7b:8c:
c8:2d:9e:94:dc:ba:12:1a:33:a3:ac:21:5a:97:d1:4c:97:73:
e6:e7:6e:bc:9a:b2:91:3b:ac:20:8c:70:12:36:5a:1c:f9:79:
02:48:e0:e8:4b:68:aa:ad:1b:40:30:f2:1b:a2:6f:d0:ac:60:
43:e7:c7:24:db:ed:8d:f5:ba:67:ee:96:fb:83:76:9d:51:cb:
17:a6:30:45:bf:b5:9e:f6:9d:0a:32:57:43:2e:2c:7b:b0:91:
1b:bd:1a:1b:ec:6c:e3:1d:06:89:b9:9a:d1:07:40:6c:b7:4a:
cc:32:76:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVFtE0p7+H/xC0lRy9nNDPCJbnbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMDEwODIwMTVaFw0yNjA5MzAwODI1MTVaMDMxMTAvBgNV
BAMTKEI5OTVFMzM0MDU2RDNGQjg1NDEzQTYwQjM3NDk4OUU5RjgyMkFEMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIvyBT8q6qqSZbqIZfXFxspzlQ
ptaNafvxuYjuIUh7Uy9/wo0/e/nvQgtoUTlYpedkMcyutiJ8ZT2UB+VU48jzTpjs
RVOQslLSIFQn1QKpIh02O9dnzlVNohJ2fyoLQ376bq/wlwiNsxvdlw9I620jctpf
wHbvQR261ewAg6X+LVYUr34+vGoB7qgliz1+m84CFgoGWgxM1Bl5FO0wyLIa2SnM
ajjEPjG2efrXhdPEa7T9xhk9nNfewy+79eO3brkZmmtwOWXRVUE/a/fiRCqUC3od
jK7E5uazkXkjG7/MrkCQhdquj5PIlJpks3O1xsaK3sDcgySgaCARiarkVozBAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUuZXjNAVtP7hUE6YLN0mJ6fgirSMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ3MDYwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk08D
MA0GCSqGSIb3DQEBCwUAA4IBAQBUXo8OTgTEfSkuONBbBU/QmPtzBaF0pMDHqiK9
ZpHSdng8mzC/xjMOl3F8SBkwAK6QuTd1nLvHR755tKiGb8sXkKvwcdDp+Tqw646S
lGMnSf5z7J7Ttxj/VCdiLCfNG00wKWShB0651rsTjAyIsAPSoqianbmu5ia7s9kQ
UZQvNVuqeERZoF1xgTRju6Xde4zILZ6U3LoSGjOjrCFal9FMl3Pm5268mrKRO6wg
jHASNloc+XkCSODoS2iqrRtAMPIbom/QrGBD58ck2+2N9bpn7pb7g3adUcsXpjBF
v7We9p0KMldDLix7sJEbvRob7GzjHQaJuZrRB0Bst0rMMnZb
-----END CERTIFICATE-----
Generated at Tue Oct 21 11:01:42 2025 by rpki-client