Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS135391.roa
File: AS135391.roa (raw, json)
Hash identifier: nljRreR/Kgb9t9zULZq0IoGcdfVxBg5q09tmhYyFBNM=
Subject key identifier: B7:BD:F9:88:D1:E5:80:97:C5:4D:4E:06:74:34:09:74:03:2E:DF:B8
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 680C5470F33A16C117C9D00E9914EFB4E6AF4288
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS135391.roa
Signing time: Mon 25 Aug 2025 00:00:04 +0000
ROA not before: Sun 24 Aug 2025 23:55:04 +0000
ROA not after: Mon 24 Aug 2026 00:00:04 +0000
asID: 135391
IP address blocks: 143.20.86.0/24 maxlen: 24
143.20.87.0/24 maxlen: 24
143.20.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:0c:54:70:f3:3a:16:c1:17:c9:d0:0e:99:14:ef:b4:e6:af:42:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Aug 24 23:55:04 2025 GMT
Not After : Aug 24 00:00:04 2026 GMT
Subject: CN=B7BDF988D1E58097C54D4E0674340974032EDFB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:2b:0b:01:31:61:83:fe:c8:15:00:5d:70:
4e:dc:ea:fb:72:1b:28:4f:c3:55:07:40:57:54:2b:
43:ae:30:83:42:4d:36:57:8f:0c:f0:ee:a6:0d:85:
83:6a:a6:8c:9c:e5:20:58:20:8d:dd:de:8d:35:be:
55:e0:c7:fd:37:22:61:5b:49:6f:ba:59:ce:16:80:
da:04:2a:ef:65:d2:3b:35:26:28:4c:8d:c9:8e:50:
1d:f1:f5:33:7f:e3:49:a8:41:d8:9a:08:05:98:06:
8a:af:c2:77:2d:0d:fa:07:b5:e3:54:fa:fc:92:80:
54:98:d3:4a:04:22:3b:9a:b8:38:7f:ab:1b:20:3f:
f4:23:52:2d:a4:79:2d:bc:5a:89:ba:1f:9d:53:e4:
ff:2f:e7:d6:26:9f:a7:56:6f:04:a5:84:90:f6:94:
37:62:6a:d7:b6:16:ff:5f:9f:7a:42:91:6a:d0:d0:
15:c4:e6:98:12:bd:dd:7f:dd:10:69:0b:19:aa:c3:
90:3b:42:ad:b3:31:43:3a:dc:d0:0d:c4:3b:91:44:
e4:d0:4a:32:19:07:b8:f4:df:65:b1:a8:4b:15:cc:
d6:33:8d:3b:05:e5:3c:7a:06:dc:1b:8e:a3:61:82:
83:3c:f9:79:59:f9:5a:30:c7:67:c4:c3:74:68:56:
94:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BD:F9:88:D1:E5:80:97:C5:4D:4E:06:74:34:09:74:03:2E:DF:B8
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS135391.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.86.0/23
143.20.123.0/24
Signature Algorithm: sha256WithRSAEncryption
71:15:14:20:64:c7:59:44:1b:fb:b8:14:d8:16:b6:1a:62:33:
73:a8:ee:b1:3c:fa:9b:37:f3:aa:64:02:67:a1:ef:48:03:2b:
6a:8a:62:98:1c:53:24:18:a4:1e:b9:bf:10:c0:8a:73:aa:3c:
41:75:8b:c1:f7:73:99:20:81:77:75:a8:15:c7:2e:34:2c:70:
8b:ab:83:17:97:0a:6f:5b:31:e8:ff:ab:d4:19:e0:24:fa:09:
bf:bf:ba:69:66:5f:b5:28:21:57:16:14:9b:ff:a4:73:4d:a0:
36:2d:f1:08:85:0b:0a:f5:2f:fb:e0:3c:3e:61:54:e1:70:30:
d0:90:c3:50:a9:8d:af:a3:6f:78:7e:dd:47:3a:99:1b:7d:4e:
b2:a6:b9:ef:de:ad:01:cd:25:5e:57:27:ad:5e:41:11:4f:18:
d4:22:7f:f1:b9:0f:50:1b:4d:a8:4e:bf:fc:05:8e:e3:52:36:
29:ab:52:5e:65:81:96:b4:69:78:ae:5f:d9:46:f1:d2:b4:c2:
fe:47:bd:e8:7f:eb:ba:f4:52:e7:f3:16:92:b3:79:3c:93:7f:
58:9d:4c:11:8c:93:c0:c7:49:2a:e9:12:1f:a4:c8:ba:a0:5c:
c3:a5:c8:1e:a8:53:e5:e3:5e:35:29:e6:82:c0:0e:98:d1:0f:
e3:7a:4d:0d
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUaAxUcPM6FsEXydAOmRTvtOavQogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA4MjQyMzU1MDRaFw0yNjA4MjQwMDAwMDRaMDMxMTAvBgNV
BAMTKEI3QkRGOTg4RDFFNTgwOTdDNTRENEUwNjc0MzQwOTc0MDMyRURGQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1LSsLATFhg/7IFQBdcE7c6vty
GyhPw1UHQFdUK0OuMINCTTZXjwzw7qYNhYNqpoyc5SBYII3d3o01vlXgx/03ImFb
SW+6Wc4WgNoEKu9l0js1JihMjcmOUB3x9TN/40moQdiaCAWYBoqvwnctDfoHteNU
+vySgFSY00oEIjuauDh/qxsgP/QjUi2keS28Wom6H51T5P8v59Ymn6dWbwSlhJD2
lDdiate2Fv9fn3pCkWrQ0BXE5pgSvd1/3RBpCxmqw5A7Qq2zMUM63NANxDuRROTQ
SjIZB7j032WxqEsVzNYzjTsF5Tx6BtwbjqNhgoM8+XlZ+Vowx2fEw3RoVpRFAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUt735iNHlgJfFTU4GdDQJdAMu37gwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMTM1MzkxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBjxRW
AwQAjxR7MA0GCSqGSIb3DQEBCwUAA4IBAQBxFRQgZMdZRBv7uBTYFrYaYjNzqO6x
PPqbN/OqZAJnoe9IAytqimKYHFMkGKQeub8QwIpzqjxBdYvB93OZIIF3dagVxy40
LHCLq4MXlwpvWzHo/6vUGeAk+gm/v7ppZl+1KCFXFhSb/6RzTaA2LfEIhQsK9S/7
4Dw+YVThcDDQkMNQqY2vo294ft1HOpkbfU6yprnv3q0BzSVeVyetXkERTxjUIn/x
uQ9QG02oTr/8BY7jUjYpq1JeZYGWtGl4rl/ZRvHStML+R73of+u69FLn8xaSs3k8
k39YnUwRjJPAx0kq6RIfpMi6oFzDpcgeqFPl4141KeaCwA6Y0Q/jek0N
-----END CERTIFICATE-----
Generated at Fri Sep 19 10:13:03 2025 by rpki-client