Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS265919.roa
File: AS265919.roa (raw, json)
Hash identifier: boal7HCyV54CfrMYI7JB7e7du4mtT2hptDwV04Hq+TM=
Subject key identifier: 1F:D9:BB:9D:4D:4E:01:47:61:F7:43:E2:87:29:B1:BB:7F:6F:D4:A2
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 19E3C42436BB20EF62C2803454F3CBD918708684
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS265919.roa
Signing time: Tue 26 Aug 2025 13:48:58 +0000
ROA not before: Tue 26 Aug 2025 13:43:58 +0000
ROA not after: Tue 25 Aug 2026 13:48:58 +0000
asID: 265919
IP address blocks: 143.14.163.0/24 maxlen: 24
143.14.165.0/24 maxlen: 24
143.14.167.0/24 maxlen: 24
143.14.168.0/24 maxlen: 24
143.14.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:e3:c4:24:36:bb:20:ef:62:c2:80:34:54:f3:cb:d9:18:70:86:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 26 13:43:58 2025 GMT
Not After : Aug 25 13:48:58 2026 GMT
Subject: CN=1FD9BB9D4D4E014761F743E28729B1BB7F6FD4A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:60:aa:d9:7a:95:a9:d6:49:e5:de:44:45:a7:
39:dc:a9:f4:7b:94:3b:1d:2d:71:e3:e8:2e:a0:fc:
58:e2:ad:62:8e:6c:c4:65:86:c1:4e:c6:10:79:e2:
de:3f:da:bf:9d:d8:40:83:89:fc:38:90:61:8c:48:
a7:c8:ee:f5:75:a4:65:25:8a:7d:a3:90:5d:de:fe:
7a:81:42:b4:97:ae:37:fe:f6:f9:93:ca:0e:49:65:
2c:93:4c:c5:bf:6e:92:d4:e2:51:38:f3:11:39:11:
9b:98:c4:47:e1:08:b7:f1:68:67:2e:e8:b1:f5:0c:
6d:de:9e:e4:f3:87:cc:d1:20:72:b9:14:a0:32:42:
cc:40:e1:c8:35:58:30:69:43:63:3f:6f:2e:81:0d:
dc:7f:a9:1c:78:54:46:35:0f:e0:14:e4:bb:02:d9:
36:54:cf:42:e1:29:46:93:32:62:c8:72:6e:db:b3:
b7:d4:66:96:17:8a:df:59:ca:fd:24:15:3f:b1:11:
08:09:d4:8a:6d:0d:1c:ab:1c:80:3c:fb:6b:54:84:
57:26:46:1f:57:a0:1e:85:67:93:31:5e:f7:7e:ed:
c7:f0:a8:45:e5:71:06:42:47:4a:2b:a9:c1:64:cf:
9f:4d:9e:67:45:64:98:fc:8b:64:b7:53:35:e1:6d:
1a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D9:BB:9D:4D:4E:01:47:61:F7:43:E2:87:29:B1:BB:7F:6F:D4:A2
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS265919.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.163.0/24
143.14.165.0/24
143.14.167.0-143.14.168.255
143.14.176.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:0e:ae:c9:c7:b9:ee:e5:ff:cf:8a:89:42:1d:dc:a0:b0:2e:
54:d3:10:e4:ea:c6:19:06:da:1f:1f:43:ab:6e:71:90:b8:72:
47:91:be:a6:72:38:2e:46:d7:89:b4:f9:a4:e9:7c:dc:a9:88:
4e:34:cf:b4:65:26:1c:30:db:85:e8:72:6a:5b:10:13:b8:5e:
ab:4f:de:bd:41:17:f2:8e:e1:93:20:04:76:7c:8b:4f:d6:21:
0a:fa:78:60:73:21:95:12:47:af:13:9a:ad:b9:3e:1c:6b:7f:
f2:c2:eb:f0:32:be:26:8d:2e:51:cf:0b:37:a6:ca:c6:6e:76:
70:45:a4:7b:3a:15:9f:3f:0b:73:07:e5:6b:8f:32:4c:10:2b:
c5:dc:0d:cd:36:a8:0b:36:e6:19:d4:a0:c2:6f:48:ce:10:0c:
23:a7:49:6c:27:fb:8e:b4:02:eb:65:15:01:c8:46:fc:8a:39:
6c:ef:1a:4d:b3:eb:88:ec:6c:dc:7d:08:0a:bb:26:97:91:6f:
ab:27:92:d7:6c:fa:b0:7e:6c:25:69:5b:71:e0:45:3e:98:c4:
0f:da:8b:e2:99:0a:65:60:82:81:59:09:aa:f7:a1:4f:eb:83:
67:9b:b6:8a:f6:1a:00:0b:0d:b5:6f:7a:2e:33:8d:7b:6f:3e:
06:24:5b:ba
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUGePEJDa7IO9iwoA0VPPL2RhwhoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjYxMzQzNThaFw0yNjA4MjUxMzQ4NThaMDMxMTAvBgNV
BAMTKDFGRDlCQjlENEQ0RTAxNDc2MUY3NDNFMjg3MjlCMUJCN0Y2RkQ0QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCYKrZepWp1knl3kRFpzncqfR7
lDsdLXHj6C6g/FjirWKObMRlhsFOxhB54t4/2r+d2ECDifw4kGGMSKfI7vV1pGUl
in2jkF3e/nqBQrSXrjf+9vmTyg5JZSyTTMW/bpLU4lE48xE5EZuYxEfhCLfxaGcu
6LH1DG3enuTzh8zRIHK5FKAyQsxA4cg1WDBpQ2M/by6BDdx/qRx4VEY1D+AU5LsC
2TZUz0LhKUaTMmLIcm7bs7fUZpYXit9Zyv0kFT+xEQgJ1IptDRyrHIA8+2tUhFcm
Rh9XoB6FZ5MxXvd+7cfwqEXlcQZCR0orqcFkz59NnmdFZJj8i2S3UzXhbRq3AgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUH9m7nU1OAUdh90Pihymxu39v1KIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjY1OTE5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAjw6j
AwQAjw6lMAwDBACPDqcDBACPDqgDBAKPDrAwDQYJKoZIhvcNAQELBQADggEBAFoO
rsnHue7l/8+KiUId3KCwLlTTEOTqxhkG2h8fQ6tucZC4ckeRvqZyOC5G14m0+aTp
fNypiE40z7RlJhww24XocmpbEBO4XqtP3r1BF/KO4ZMgBHZ8i0/WIQr6eGBzIZUS
R68Tmq25Phxrf/LC6/AyviaNLlHPCzemysZudnBFpHs6FZ8/C3MH5WuPMkwQK8Xc
Dc02qAs25hnUoMJvSM4QDCOnSWwn+460AutlFQHIRvyKOWzvGk2z64jsbNx9CAq7
JpeRb6snktds+rB+bCVpW3HgRT6YxA/ai+KZCmVggoFZCar3oU/rg2ebtor2GgAL
DbVvei4zjXtvPgYkW7o=
-----END CERTIFICATE-----
Generated at Tue Sep 9 02:24:08 2025 by rpki-client