Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS399073.roa
File: AS399073.roa (raw, json)
Hash identifier: 1lpOzkJupfvR21uU3N1b6qioGL+TVv0DAvg4dBloNb8=
Subject key identifier: B6:0A:D7:5C:A0:CF:DA:4B:12:B9:D9:8E:06:DD:86:9F:8F:D9:06:7B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 634B4AE238574E08D1149304C90C6A44222CEDFD
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS399073.roa
Signing time: Mon 26 May 2025 08:30:29 +0000
ROA not before: Mon 26 May 2025 08:25:29 +0000
ROA not after: Mon 25 May 2026 08:30:29 +0000
asID: 399073
IP address blocks: 140.233.188.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:4b:4a:e2:38:57:4e:08:d1:14:93:04:c9:0c:6a:44:22:2c:ed:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 26 08:25:29 2025 GMT
Not After : May 25 08:30:29 2026 GMT
Subject: CN=B60AD75CA0CFDA4B12B9D98E06DD869F8FD9067B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:fa:b6:c2:9a:49:78:8b:fc:8f:70:a5:9b:4f:
91:9a:3e:c0:96:f4:56:b9:60:45:3f:e8:74:3b:42:
2f:95:71:10:70:e7:9b:a0:9d:f6:44:a3:16:7b:57:
50:2c:ee:81:fd:a3:01:39:ab:36:4f:f7:9b:48:71:
75:e8:97:3b:af:54:3f:a0:9d:41:39:dc:ab:36:b3:
74:73:86:a3:4e:2a:3a:45:0a:b8:ac:4f:bc:a7:4a:
52:c5:ff:10:59:9f:6c:ec:2e:1a:66:61:9e:a5:95:
c7:d2:80:e5:98:e4:07:70:a9:35:39:3a:32:23:eb:
27:c0:bb:18:04:56:03:71:80:21:ba:ee:cc:d9:c0:
69:a9:c5:59:c6:e8:20:d9:ac:a3:43:8e:c2:cf:40:
bc:1e:f9:a9:fa:00:f5:de:80:8d:39:b0:7e:80:a0:
11:60:ec:e4:1f:4b:33:b4:41:c9:c8:18:ef:24:c8:
02:83:b9:d0:4f:20:67:e8:be:62:1d:a2:70:26:84:
56:d0:67:21:b3:5a:24:9b:a5:8d:6d:c4:11:5b:2c:
9e:67:f5:58:fb:4b:3e:a2:99:72:f7:1a:86:07:db:
71:21:70:04:6c:3a:12:b6:c8:d4:d2:9b:f0:c8:d9:
7d:5b:9b:30:7d:01:9b:08:0b:33:a2:24:89:58:8b:
ca:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0A:D7:5C:A0:CF:DA:4B:12:B9:D9:8E:06:DD:86:9F:8F:D9:06:7B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS399073.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.188.0/23
Signature Algorithm: sha256WithRSAEncryption
35:80:3d:7b:35:06:71:19:9e:e5:c4:d9:37:7b:8a:4f:05:98:
2b:71:f2:d5:9f:04:61:5b:66:a6:4d:63:dc:0c:2e:bb:03:c3:
25:86:9f:98:c7:96:8f:bf:83:a0:42:ca:4c:de:fb:c4:f5:6f:
f3:71:e1:9f:5a:2a:78:61:7e:fc:22:db:3b:c1:45:90:cd:a1:
ac:22:81:c7:50:21:88:ac:12:a6:83:ab:ab:8b:b2:b6:e2:97:
ec:12:a6:17:e4:dc:31:53:47:26:ee:d1:72:df:f5:5a:6f:c2:
c7:20:d3:77:ff:3c:90:fa:5e:1f:c8:29:3f:f4:b7:cd:a0:cf:
30:bd:74:3c:a0:70:61:68:8c:e6:e0:6c:85:de:26:84:fe:7f:
2b:eb:9d:6b:43:5f:70:17:29:d3:6f:23:bf:29:c3:05:06:1b:
9c:c4:df:25:12:ff:1d:69:46:fd:96:d3:ae:46:8f:b2:3d:d5:
9e:59:01:ef:e9:81:63:74:cc:8a:a5:2e:08:f3:6d:35:ec:ea:
26:68:6b:c6:ea:3e:28:83:24:ec:a8:07:de:2a:c0:45:1e:89:
12:e2:e6:e8:5f:36:0d:2f:ce:02:2c:15:d8:fa:b9:8a:d7:93:
fa:29:64:56:6f:9d:62:3d:04:99:8b:aa:5e:33:ff:3d:1f:ed:
b1:32:1f:f3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUY0tK4jhXTgjRFJMEyQxqRCIs7f0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MjYwODI1MjlaFw0yNjA1MjUwODMwMjlaMDMxMTAvBgNV
BAMTKEI2MEFENzVDQTBDRkRBNEIxMkI5RDk4RTA2REQ4NjlGOEZEOTA2N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb+rbCmkl4i/yPcKWbT5GaPsCW
9Fa5YEU/6HQ7Qi+VcRBw55ugnfZEoxZ7V1As7oH9owE5qzZP95tIcXXolzuvVD+g
nUE53Ks2s3RzhqNOKjpFCrisT7ynSlLF/xBZn2zsLhpmYZ6llcfSgOWY5AdwqTU5
OjIj6yfAuxgEVgNxgCG67szZwGmpxVnG6CDZrKNDjsLPQLwe+an6APXegI05sH6A
oBFg7OQfSzO0QcnIGO8kyAKDudBPIGfovmIdonAmhFbQZyGzWiSbpY1txBFbLJ5n
9Vj7Sz6imXL3GoYH23EhcARsOhK2yNTSm/DI2X1bmzB9AZsICzOiJIlYi8olAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUtgrXXKDP2ksSudmOBt2Gn4/ZBnswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk5MDczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjOm8
MA0GCSqGSIb3DQEBCwUAA4IBAQA1gD17NQZxGZ7lxNk3e4pPBZgrcfLVnwRhW2am
TWPcDC67A8Mlhp+Yx5aPv4OgQspM3vvE9W/zceGfWip4YX78Its7wUWQzaGsIoHH
UCGIrBKmg6uri7K24pfsEqYX5NwxU0cm7tFy3/Vab8LHINN3/zyQ+l4fyCk/9LfN
oM8wvXQ8oHBhaIzm4GyF3iaE/n8r651rQ19wFynTbyO/KcMFBhucxN8lEv8daUb9
ltOuRo+yPdWeWQHv6YFjdMyKpS4I82017OomaGvG6j4ogyTsqAfeKsBFHokS4ubo
XzYNL84CLBXY+rmK15P6KWRWb51iPQSZi6peM/89H+2xMh/z
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:38:53 2025 by rpki-client