Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS62240.roa
File: AS62240.roa (raw, json)
Hash identifier: tIWcU2fDg8AuyK+SlKcBmtPAZxP9T8Z2EZo0zlehJso=
Subject key identifier: CF:42:E1:F6:F3:80:9E:EA:AD:C7:F7:C2:96:78:75:01:99:E2:06:95
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 71F3250781E46E6BBD45CD68B55F4AB7A8C67A4D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS62240.roa
Signing time: Sun 04 May 2025 02:18:23 +0000
ROA not before: Sun 04 May 2025 02:13:23 +0000
ROA not after: Sun 03 May 2026 02:18:23 +0000
asID: 62240
IP address blocks: 140.150.236.0/22 maxlen: 22
146.103.28.0/22 maxlen: 22
147.79.2.0/23 maxlen: 23
150.241.174.0/23 maxlen: 23
155.117.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:f3:25:07:81:e4:6e:6b:bd:45:cd:68:b5:5f:4a:b7:a8:c6:7a:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 4 02:13:23 2025 GMT
Not After : May 3 02:18:23 2026 GMT
Subject: CN=CF42E1F6F3809EEAADC7F7C29678750199E20695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:50:1b:b5:b6:31:36:b9:78:73:3f:28:b2:06:
6e:01:17:4e:1c:87:a0:98:ae:f9:43:24:50:bf:3f:
43:46:b8:b5:16:62:49:13:3f:10:dc:83:62:72:b1:
d6:fd:72:e6:79:25:d2:11:56:90:31:5f:d6:b4:7d:
42:69:61:0e:0d:46:09:91:ee:06:84:e2:f7:eb:24:
cb:3b:c2:65:ed:1b:89:be:59:64:18:6d:24:1b:a7:
00:63:35:e5:25:9d:0b:cb:6d:e3:ee:89:5f:79:ec:
7d:76:b7:b1:7f:95:66:1d:65:35:57:12:b5:c3:3b:
25:1f:c8:03:8d:32:e4:95:0f:60:b6:ed:aa:98:7f:
01:02:ea:3d:c3:8e:59:18:c4:d0:98:8c:75:3a:18:
d3:bd:39:0c:18:84:02:40:53:c6:02:b7:4d:3f:2b:
36:bf:c5:6d:3a:b5:a7:2c:9d:c2:a7:b7:8e:05:52:
1b:23:2d:53:b2:02:73:f6:ab:32:f8:7f:7e:67:da:
1d:8a:56:f2:bc:ed:64:ae:92:18:81:21:87:8e:9d:
d6:5e:27:f5:c4:07:3b:22:1a:a7:c9:c7:bd:3c:a2:
dd:29:16:89:98:13:b4:43:cc:e1:95:19:81:05:df:
ca:25:1a:2d:39:8c:ca:f9:9c:17:e4:01:60:b4:b6:
e9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:42:E1:F6:F3:80:9E:EA:AD:C7:F7:C2:96:78:75:01:99:E2:06:95
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS62240.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.236.0/22
146.103.28.0/22
147.79.2.0/23
150.241.174.0/23
155.117.40.0/22
Signature Algorithm: sha256WithRSAEncryption
63:0b:74:22:26:d0:53:a6:74:16:42:78:4d:8b:fd:e6:25:11:
c1:b8:1c:17:64:ac:3b:0d:fd:0c:96:3b:0c:16:4f:2b:9b:42:
d0:47:40:5c:f1:52:db:0d:c2:ca:2e:6b:b4:b3:cb:8b:63:e2:
d1:68:d5:21:5d:23:e2:77:df:ba:be:8f:3e:f6:95:03:12:b0:
4d:5e:aa:88:6d:a9:a1:2f:72:fc:3f:39:8e:a7:e6:1f:94:0b:
79:85:18:c1:e3:6a:2b:b7:6d:37:ad:ba:7a:c3:0e:9a:a3:62:
13:53:74:af:aa:d7:0c:9b:1f:ab:c1:af:60:09:7e:64:2c:b3:
13:97:4f:4c:50:fc:51:51:da:5d:63:b7:c1:2c:de:8e:c5:1c:
31:ca:42:e4:88:a8:5f:d3:6b:36:58:cd:08:bf:cb:cf:c2:f7:
f5:f3:9d:8b:1f:62:25:44:7c:0d:0f:76:58:e9:84:2a:a2:83:
36:68:ff:aa:fc:c5:22:d8:84:dc:6f:0d:fa:4c:b4:95:21:f6:
20:f2:8b:d0:cc:75:33:d1:23:dd:14:8e:20:0a:20:99:c9:a3:
91:3e:fa:52:73:23:08:65:04:97:20:89:31:e7:e6:aa:3b:6a:
a4:b3:98:64:a8:87:b3:70:da:f2:18:81:24:9d:88:81:9f:2d:
2e:11:4f:22
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUcfMlB4Hkbmu9Rc1otV9Kt6jGek0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDQwMjEzMjNaFw0yNjA1MDMwMjE4MjNaMDMxMTAvBgNV
BAMTKENGNDJFMUY2RjM4MDlFRUFBREM3RjdDMjk2Nzg3NTAxOTlFMjA2OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJUBu1tjE2uXhzPyiyBm4BF04c
h6CYrvlDJFC/P0NGuLUWYkkTPxDcg2Jysdb9cuZ5JdIRVpAxX9a0fUJpYQ4NRgmR
7gaE4vfrJMs7wmXtG4m+WWQYbSQbpwBjNeUlnQvLbePuiV957H12t7F/lWYdZTVX
ErXDOyUfyAONMuSVD2C27aqYfwEC6j3DjlkYxNCYjHU6GNO9OQwYhAJAU8YCt00/
Kza/xW06tacsncKnt44FUhsjLVOyAnP2qzL4f35n2h2KVvK87WSukhiBIYeOndZe
J/XEBzsiGqfJx708ot0pFomYE7RDzOGVGYEF38olGi05jMr5nBfkAWC0tuk7AgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUz0Lh9vOAnuqtx/fClnh1AZniBpUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjIyNDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAKMluwD
BAKSZxwDBAGTTwIDBAGW8a4DBAKbdSgwDQYJKoZIhvcNAQELBQADggEBAGMLdCIm
0FOmdBZCeE2L/eYlEcG4HBdkrDsN/QyWOwwWTyubQtBHQFzxUtsNwsoua7Szy4tj
4tFo1SFdI+J337q+jz72lQMSsE1eqohtqaEvcvw/OY6n5h+UC3mFGMHjaiu3bTet
unrDDpqjYhNTdK+q1wybH6vBr2AJfmQssxOXT0xQ/FFR2l1jt8Es3o7FHDHKQuSI
qF/TazZYzQi/y8/C9/XznYsfYiVEfA0PdljphCqigzZo/6r8xSLYhNxvDfpMtJUh
9iDyi9DMdTPRI90UjiAKIJnJo5E++lJzIwhlBJcgiTHn5qo7aqSzmGSoh7Nw2vIY
gSSdiIGfLS4RTyI=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:15:08 2025 by rpki-client