Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS133296.roa
File: AS133296.roa (raw, json)
Hash identifier: RYyChPjcNQ1LwLdsI1VMkA2BGfFa08309mKbqCPto3k=
Subject key identifier: 48:22:2A:EF:8E:DC:0F:0D:AA:F8:62:AA:FF:27:94:D2:30:D7:3C:B8
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2F5547422D4749AD487D4D8380C1BA4BED979E2D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS133296.roa
Signing time: Fri 05 Sep 2025 08:55:00 +0000
ROA not before: Fri 05 Sep 2025 08:50:00 +0000
ROA not after: Fri 04 Sep 2026 08:55:00 +0000
asID: 133296
IP address blocks: 181.215.36.0/24 maxlen: 24
181.215.57.0/24 maxlen: 24
181.215.59.0/24 maxlen: 24
181.215.67.0/24 maxlen: 24
181.215.90.0/24 maxlen: 24
181.215.166.0/24 maxlen: 24
181.215.173.0/24 maxlen: 24
181.215.194.0/24 maxlen: 24
181.215.233.0/24 maxlen: 24
181.215.255.0/24 maxlen: 24
191.96.0.0/24 maxlen: 24
191.96.10.0/24 maxlen: 24
191.96.12.0/24 maxlen: 24
191.96.26.0/24 maxlen: 24
191.96.28.0/24 maxlen: 24
191.96.34.0/24 maxlen: 24
191.96.66.0/24 maxlen: 24
191.96.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:55:47:42:2d:47:49:ad:48:7d:4d:83:80:c1:ba:4b:ed:97:9e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 5 08:50:00 2025 GMT
Not After : Sep 4 08:55:00 2026 GMT
Subject: CN=48222AEF8EDC0F0DAAF862AAFF2794D230D73CB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e6:d8:53:bd:c4:56:ef:74:65:36:03:b7:9a:
af:37:ee:48:e5:d1:82:5e:5e:ab:bd:59:cf:0d:3a:
f0:0c:ee:11:99:a8:81:14:93:c8:ba:89:07:e2:60:
b9:7e:c5:36:50:8a:ec:05:68:a0:50:54:4f:e8:7e:
60:2c:94:1b:dc:4e:49:6c:e5:81:79:86:5a:84:ca:
31:2a:e7:14:ca:04:d2:37:60:08:61:fd:d1:de:f7:
2e:75:91:38:b7:17:80:85:64:35:04:63:de:e0:84:
e1:90:f9:dd:b4:e9:14:da:f2:f4:0d:6b:ac:fc:28:
e8:cc:ca:bc:b4:f9:6d:88:0e:65:01:35:d8:ab:6c:
5d:70:a2:fb:83:bb:f2:44:73:4e:75:73:46:42:15:
3d:8d:b0:06:0c:e9:9a:14:54:07:ae:d9:3e:a9:77:
83:1b:48:3c:e4:12:99:39:4c:84:17:73:61:4d:6b:
66:2a:29:86:c4:f1:69:f6:e0:57:ad:75:81:c9:0a:
2b:aa:1c:db:ef:21:42:9f:9a:47:f0:66:8b:b6:ed:
19:43:8b:59:83:2b:23:62:66:62:05:1a:27:0e:e6:
f8:31:58:50:d6:32:1c:ce:07:51:b5:23:7b:20:08:
10:a9:83:3c:73:eb:8e:75:2b:5c:d2:5f:9a:25:92:
ff:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:22:2A:EF:8E:DC:0F:0D:AA:F8:62:AA:FF:27:94:D2:30:D7:3C:B8
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS133296.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.36.0/24
181.215.57.0/24
181.215.59.0/24
181.215.67.0/24
181.215.90.0/24
181.215.166.0/24
181.215.173.0/24
181.215.194.0/24
181.215.233.0/24
181.215.255.0/24
191.96.0.0/24
191.96.10.0/24
191.96.12.0/24
191.96.26.0/24
191.96.28.0/24
191.96.34.0/24
191.96.66.0/24
191.96.75.0/24
Signature Algorithm: sha256WithRSAEncryption
76:a8:6f:13:46:bb:7e:67:fd:c2:c9:e8:48:bb:3d:ae:93:5b:
8e:55:21:30:82:52:f7:5e:68:5a:2c:3a:49:88:00:ba:08:37:
e0:cc:c3:da:5d:60:83:34:b9:95:b7:d0:5f:e4:b6:1f:4c:9f:
aa:1b:76:b5:de:83:c1:c0:e9:cb:bb:be:e8:b5:f6:e7:ba:6e:
82:63:f5:f6:e7:4e:d2:07:4d:94:6c:33:04:66:5a:ac:d4:d8:
ec:34:80:9a:05:78:44:70:a4:fc:95:45:37:d1:d5:92:99:8a:
f4:79:65:7c:64:2d:1e:5f:9f:12:bc:44:63:d5:72:d4:81:62:
4a:c4:64:d0:60:a7:cd:8d:d9:f2:86:4d:bb:49:5f:41:8c:b7:
fa:ee:68:07:b5:96:15:05:37:85:f9:1d:fb:f1:b3:28:2e:23:
e8:b7:5d:6d:67:ff:4f:37:7f:11:cb:93:6c:2e:87:40:8a:b0:
34:bd:3b:79:fc:2d:b5:34:ad:78:30:4f:16:a5:52:90:d7:94:
9b:c1:74:e3:e8:ad:cb:c2:f8:9e:ac:37:8f:67:a8:ae:3c:ff:
90:2b:ea:1b:d4:a4:67:d5:00:37:a2:bd:92:15:6d:89:7d:04:
62:38:49:9f:ac:61:49:33:08:de:4a:f1:7b:6c:c1:33:40:13:
49:84:c6:9a
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIUL1VHQi1HSa1IfU2DgMG6S+2Xni0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA5MDUwODUwMDBaFw0yNjA5MDQwODU1MDBaMDMxMTAvBgNV
BAMTKDQ4MjIyQUVGOEVEQzBGMERBQUY4NjJBQUZGMjc5NEQyMzBENzNDQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC5thTvcRW73RlNgO3mq837kjl
0YJeXqu9Wc8NOvAM7hGZqIEUk8i6iQfiYLl+xTZQiuwFaKBQVE/ofmAslBvcTkls
5YF5hlqEyjEq5xTKBNI3YAhh/dHe9y51kTi3F4CFZDUEY97ghOGQ+d206RTa8vQN
a6z8KOjMyry0+W2IDmUBNdirbF1wovuDu/JEc051c0ZCFT2NsAYM6ZoUVAeu2T6p
d4MbSDzkEpk5TIQXc2FNa2YqKYbE8Wn24FetdYHJCiuqHNvvIUKfmkfwZou27RlD
i1mDKyNiZmIFGicO5vgxWFDWMhzOB1G1I3sgCBCpgzxz6451K1zSX5olkv9jAgMB
AAGjggJxMIICbTAdBgNVHQ4EFgQUSCIq747cDw2q+GKq/yeU0jDXPLgwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTMzMjk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEALXX
JAMEALXXOQMEALXXOwMEALXXQwMEALXXWgMEALXXpgMEALXXrQMEALXXwgMEALXX
6QMEALXX/wMEAL9gAAMEAL9gCgMEAL9gDAMEAL9gGgMEAL9gHAMEAL9gIgMEAL9g
QgMEAL9gSzANBgkqhkiG9w0BAQsFAAOCAQEAdqhvE0a7fmf9wsnoSLs9rpNbjlUh
MIJS915oWiw6SYgAugg34MzD2l1ggzS5lbfQX+S2H0yfqht2td6DwcDpy7u+6LX2
57pugmP19udO0gdNlGwzBGZarNTY7DSAmgV4RHCk/JVFN9HVkpmK9HllfGQtHl+f
ErxEY9Vy1IFiSsRk0GCnzY3Z8oZNu0lfQYy3+u5oB7WWFQU3hfkd+/GzKC4j6Ldd
bWf/Tzd/EcuTbC6HQIqwNL07efwttTSteDBPFqVSkNeUm8F04+ity8L4nqw3j2eo
rjz/kCvqG9SkZ9UAN6K9khVtiX0EYjhJn6xhSTMI3krxe2zBM0ATSYTGmg==
-----END CERTIFICATE-----
Generated at Fri Sep 5 12:08:50 2025 by rpki-client