Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9318.roa
File: AS9318.roa (raw, json)
Hash identifier: t6C0XZYlFv3LWrPWwTk8qhjpaoR6cf61nmEV3NiS62w=
Subject key identifier: 49:BF:7B:86:BB:84:48:E4:EF:FE:D6:4D:A7:DC:53:01:93:14:3C:4B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5B3159E527F5C8078106BC3CDC9C469FBE407D26
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9318.roa
Signing time: Mon 19 May 2025 07:07:30 +0000
ROA not before: Mon 19 May 2025 07:02:30 +0000
ROA not after: Mon 18 May 2026 07:07:30 +0000
asID: 9318
IP address blocks: 140.233.171.0/24 maxlen: 24
143.14.93.0/24 maxlen: 24
143.14.136.0/24 maxlen: 24
143.14.173.0/24 maxlen: 24
147.79.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:53:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:31:59:e5:27:f5:c8:07:81:06:bc:3c:dc:9c:46:9f:be:40:7d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 19 07:02:30 2025 GMT
Not After : May 18 07:07:30 2026 GMT
Subject: CN=49BF7B86BB8448E4EFFED64DA7DC530193143C4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:58:fe:bc:ef:c6:39:52:2c:ee:ff:02:94:31:
4d:3d:35:36:7b:00:00:02:63:75:5f:67:bd:49:9a:
d5:96:ea:71:fb:3b:78:37:8f:4e:ba:ac:c3:bd:f8:
92:3b:a5:76:ec:5c:64:f6:a6:c4:89:08:4b:1e:f4:
7d:4a:6a:95:2a:1e:c3:21:17:01:75:c2:6d:a6:29:
20:c9:c3:fa:fb:5b:40:d1:1c:bd:13:da:d0:c2:07:
a7:84:87:cb:b6:70:c4:a5:b3:70:e4:2c:5a:7f:06:
ba:26:5c:0b:71:07:76:15:28:5c:2f:ac:a8:cc:c6:
9f:8b:b2:3c:1d:13:7f:cb:ff:4b:93:48:1e:ac:4a:
7e:51:87:bb:a8:d3:8d:e2:a0:b2:f7:27:2d:d7:3e:
20:3c:9f:05:63:ac:1f:1f:1c:ff:10:ea:53:0b:7f:
a9:d7:96:f5:54:e4:2f:46:63:b2:df:04:9f:a7:6b:
b0:7c:1b:fb:5a:a4:5b:6b:ea:d0:f0:b7:ad:e5:0e:
96:ce:3b:ad:ad:f2:eb:bf:dd:71:eb:10:27:85:0d:
13:97:9d:ac:a7:cf:61:72:5e:1e:e4:df:99:96:c0:
dc:78:97:9b:f2:50:7d:dd:73:67:49:8e:0e:e4:69:
17:40:4a:cc:9c:56:46:b0:b1:76:40:6e:2e:d9:f0:
c2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BF:7B:86:BB:84:48:E4:EF:FE:D6:4D:A7:DC:53:01:93:14:3C:4B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9318.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.171.0/24
143.14.93.0/24
143.14.136.0/24
143.14.173.0/24
147.79.26.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:07:dc:35:cf:20:e2:d6:e8:c1:99:c6:92:17:93:08:4b:61:
c7:f2:61:ab:73:38:f9:35:3e:14:e2:80:53:cc:55:8f:e8:2c:
b4:59:0a:1c:d4:25:2f:50:28:95:0b:36:86:60:4f:b1:91:0f:
06:91:e4:b1:10:80:11:7d:20:b6:c8:db:17:9b:26:dd:e7:e1:
52:17:05:a8:cd:b7:4b:7d:f5:fd:63:c3:d9:f4:03:71:f3:10:
10:ef:07:dd:c6:89:9e:31:b9:05:f0:e1:a4:e5:7c:b9:95:a7:
f1:57:d6:f3:22:8c:b5:b5:e1:56:9f:2f:9e:63:9e:f4:c7:54:
44:af:70:c3:7e:0d:25:75:da:81:6a:fb:d3:94:c2:e4:e4:a5:
15:12:c8:6b:f7:cd:70:5b:12:65:10:71:2c:cb:1d:44:97:ba:
a9:b9:fc:84:21:47:6f:81:b5:c5:c7:ef:d2:1b:d3:3a:49:fa:
39:ab:c8:91:3a:85:64:c9:5c:f3:79:da:62:5d:57:42:bc:aa:
6f:85:d9:e4:23:10:01:88:1d:87:f0:de:2c:d6:a9:cd:ea:ad:
d6:e9:e9:59:6d:1e:fe:f5:3d:b3:82:58:85:41:f7:2a:14:32:
d2:a9:60:c9:9a:b2:98:8c:48:13:5a:ce:8f:a0:11:68:9d:45:
dc:16:48:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUWzFZ5Sf1yAeBBrw83JxGn75AfSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MTkwNzAyMzBaFw0yNjA1MTgwNzA3MzBaMDMxMTAvBgNV
BAMTKDQ5QkY3Qjg2QkI4NDQ4RTRFRkZFRDY0REE3REM1MzAxOTMxNDNDNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtWP6878Y5Uizu/wKUMU09NTZ7
AAACY3VfZ71JmtWW6nH7O3g3j066rMO9+JI7pXbsXGT2psSJCEse9H1KapUqHsMh
FwF1wm2mKSDJw/r7W0DRHL0T2tDCB6eEh8u2cMSls3DkLFp/BromXAtxB3YVKFwv
rKjMxp+LsjwdE3/L/0uTSB6sSn5Rh7uo043ioLL3Jy3XPiA8nwVjrB8fHP8Q6lML
f6nXlvVU5C9GY7LfBJ+na7B8G/tapFtr6tDwt63lDpbOO62t8uu/3XHrECeFDROX
naynz2FyXh7k35mWwNx4l5vyUH3dc2dJjg7kaRdASsycVkawsXZAbi7Z8MIfAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUSb97hruESOTv/tZNp9xTAZMUPEswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAIzpqwME
AI8OXQMEAI8OiAMEAI8OrQMEAJNPGjANBgkqhkiG9w0BAQsFAAOCAQEACgfcNc8g
4tbowZnGkheTCEthx/Jhq3M4+TU+FOKAU8xVj+gstFkKHNQlL1AolQs2hmBPsZEP
BpHksRCAEX0gtsjbF5sm3efhUhcFqM23S331/WPD2fQDcfMQEO8H3caJnjG5BfDh
pOV8uZWn8VfW8yKMtbXhVp8vnmOe9MdURK9ww34NJXXagWr705TC5OSlFRLIa/fN
cFsSZRBxLMsdRJe6qbn8hCFHb4G1xcfv0hvTOkn6OavIkTqFZMlc83naYl1XQryq
b4XZ5CMQAYgdh/DeLNapzeqt1unpWW0e/vU9s4JYhUH3KhQy0qlgyZqymIxIE1rO
j6ARaJ1F3BZIXw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:43:14 2025 by rpki-client