Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20115.roa
File: AS20115.roa (raw, json)
Hash identifier: uSD3BEmoN/keODg8QeaPB0HThA/GpbI+KtnItVxGa/Y=
Subject key identifier: 1B:16:31:A0:F8:A4:58:2C:1E:02:B5:47:19:63:16:E7:51:F4:E1:D0
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3AEFED3A3506C02EA82A806C75801FF0FACBB13D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20115.roa
Signing time: Wed 04 Jun 2025 07:00:15 +0000
ROA not before: Wed 04 Jun 2025 06:55:15 +0000
ROA not after: Wed 03 Jun 2026 07:00:15 +0000
asID: 20115
IP address blocks: 143.14.16.0/21 maxlen: 24
143.14.232.0/21 maxlen: 24
155.117.64.0/21 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
162.141.192.0/21 maxlen: 24
162.141.200.0/21 maxlen: 24
162.141.208.0/21 maxlen: 24
162.141.216.0/21 maxlen: 24
162.141.224.0/21 maxlen: 24
162.141.232.0/21 maxlen: 24
162.141.240.0/21 maxlen: 24
162.141.248.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.120.0/22 maxlen: 24
167.148.224.0/21 maxlen: 24
167.148.232.0/21 maxlen: 24
167.148.240.0/21 maxlen: 24
167.148.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:53:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:ef:ed:3a:35:06:c0:2e:a8:2a:80:6c:75:80:1f:f0:fa:cb:b1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 4 06:55:15 2025 GMT
Not After : Jun 3 07:00:15 2026 GMT
Subject: CN=1B1631A0F8A4582C1E02B547196316E751F4E1D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1d:9e:99:b7:81:e1:d2:ab:85:9d:26:8c:84:
15:ec:84:0f:ff:09:13:84:bc:30:f5:e0:0e:06:a2:
04:3f:e1:4a:ed:fd:ed:b2:90:23:dd:e3:d4:ca:5d:
00:05:70:9a:00:07:77:32:03:6a:a1:ca:7b:ec:17:
b3:07:bf:49:d9:65:ed:3f:de:7e:5d:2c:db:1b:d2:
1d:26:c2:2f:34:33:44:8e:cf:4a:ed:02:ef:a9:c1:
6d:fb:20:e2:42:0d:99:31:d8:0c:84:d4:d9:0e:cd:
f7:bc:53:5d:8a:90:95:70:84:f5:20:c2:fe:49:39:
bb:01:fb:1b:71:95:7c:fb:0e:a6:bf:ef:59:b0:3d:
fc:05:f9:3c:7f:36:3d:f3:70:6e:fe:0b:fe:b7:4d:
84:b6:16:cf:6a:8f:99:fb:f1:32:5b:bb:42:d5:0f:
ef:59:03:6c:ae:0d:eb:c8:1a:e0:fa:57:30:60:60:
fb:72:97:2e:b3:69:c8:0a:b1:9b:5c:53:7f:e0:f1:
f0:87:ba:b2:07:17:69:d0:1a:69:1c:ca:90:b6:95:
b2:d6:f3:59:7a:ea:c5:05:50:03:ed:76:82:e4:d9:
80:57:07:87:02:96:d2:1f:7d:5b:86:db:55:d8:db:
08:cc:80:9e:ba:66:ff:c0:1c:1f:03:97:20:6b:9a:
3a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:16:31:A0:F8:A4:58:2C:1E:02:B5:47:19:63:16:E7:51:F4:E1:D0
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20115.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.16.0/21
143.14.232.0/21
155.117.64.0/21
162.141.24.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.144.0/21
162.141.168.0/21
162.141.184.0-162.141.255.255
167.148.16.0-167.148.27.255
167.148.36.0/22
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.108.0/22
167.148.120.0/22
167.148.224.0/19
Signature Algorithm: sha256WithRSAEncryption
56:a7:99:8e:3d:98:36:92:10:9f:9f:69:05:8d:51:ff:19:b8:
86:a3:ca:05:60:d2:47:ae:1a:7a:ab:c4:cf:07:9a:a5:31:f8:
93:48:e2:ca:52:78:1b:15:e2:e0:64:24:78:dc:48:0f:f7:c3:
58:df:f8:c3:75:44:64:a8:a5:c4:75:23:5d:7e:f2:63:ea:f2:
65:7a:43:1a:62:50:5b:ea:75:e2:66:24:19:0f:f5:a9:3c:07:
fc:dc:bd:54:c2:34:d8:5f:e2:cb:5f:f4:7c:65:f6:f1:df:3e:
14:bf:7c:4e:2c:aa:3b:56:b0:43:c2:e3:e4:8a:5e:55:90:09:
81:00:09:39:67:8a:eb:32:7f:26:ce:ba:8a:62:d7:8b:02:18:
d0:7f:b1:7a:c2:82:17:bc:d3:18:23:de:28:e0:25:0c:42:99:
aa:c3:c2:36:51:35:4e:1b:7d:bc:e6:9f:7d:e2:f0:ef:61:26:
7c:61:9c:0e:9b:b3:3e:c5:8a:29:34:9d:7b:92:d7:f0:89:cc:
f3:81:b1:0d:b4:b2:b8:40:9c:8d:76:5f:7e:95:c2:7a:82:b6:
a5:b4:8b:4d:47:ce:a3:e2:08:97:bd:9a:1a:90:0a:4b:f0:61:
db:6b:00:21:a5:5e:9c:33:f3:c3:10:b9:73:c0:5a:07:b4:91:
1c:06:1a:4e
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIUOu/tOjUGwC6oKoBsdYAf8PrLsT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDQwNjU1MTVaFw0yNjA2MDMwNzAwMTVaMDMxMTAvBgNV
BAMTKDFCMTYzMUEwRjhBNDU4MkMxRTAyQjU0NzE5NjMxNkU3NTFGNEUxRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRHZ6Zt4Hh0quFnSaMhBXshA//
CROEvDD14A4GogQ/4Urt/e2ykCPd49TKXQAFcJoAB3cyA2qhynvsF7MHv0nZZe0/
3n5dLNsb0h0mwi80M0SOz0rtAu+pwW37IOJCDZkx2AyE1NkOzfe8U12KkJVwhPUg
wv5JObsB+xtxlXz7Dqa/71mwPfwF+Tx/Nj3zcG7+C/63TYS2Fs9qj5n78TJbu0LV
D+9ZA2yuDevIGuD6VzBgYPtyly6zacgKsZtcU3/g8fCHurIHF2nQGmkcypC2lbLW
81l66sUFUAPtdoLk2YBXB4cCltIffVuG21XY2wjMgJ66Zv/AHB8DlyBrmjpHAgMB
AAGjggKZMIIClTAdBgNVHQ4EFgQUGxYxoPikWCweArVHGWMW51H04dAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAxMTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwga4GCCsGAQUFBwEHAQH/BIGeMIGbMIGYBAIAATCBkQME
A48OEAMEA48O6AMEA5t1QDAMAwQDoo0YAwQCoo0gAwQCoo0oAwQDoo04AwQCoo1I
AwQDoo2QAwQDoo2oMAsDBAOijbgDAwGijDAMAwQEp5QQAwQCp5QYAwQCp5QkMAwD
BASnlDADBAKnlDgDBAKnlEADBAKnlEwDBAOnlFgDBAKnlGwDBAKnlHgDBAWnlOAw
DQYJKoZIhvcNAQELBQADggEBAFanmY49mDaSEJ+faQWNUf8ZuIajygVg0keuGnqr
xM8HmqUx+JNI4spSeBsV4uBkJHjcSA/3w1jf+MN1RGSopcR1I11+8mPq8mV6Qxpi
UFvqdeJmJBkP9ak8B/zcvVTCNNhf4stf9Hxl9vHfPhS/fE4sqjtWsEPC4+SKXlWQ
CYEACTlniusyfybOuopi14sCGNB/sXrCghe80xgj3ijgJQxCmarDwjZRNU4bfbzm
n33i8O9hJnxhnA6bsz7Fiik0nXuS1/CJzPOBsQ20srhAnI12X36VwnqCtqW0i01H
zqPiCJe9mhqQCkvwYdtrACGlXpwz88MQuXPAWge0kRwGGk4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:45:24 2025 by rpki-client