Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: gD8Bxf90EO10rT2RROrCUGYoZjUXUDcNmIfnjWlZlQE=
Subject key identifier: B2:CB:58:29:9E:3E:A9:C0:A2:74:3E:C9:AF:F6:DE:CA:B9:86:0D:34
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 3CF80E9519D88044F4A531B45116E65CCCFED1EB
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS137517.roa
Signing time: Fri 06 Jun 2025 07:15:33 +0000
ROA not before: Fri 06 Jun 2025 07:10:33 +0000
ROA not after: Fri 05 Jun 2026 07:15:33 +0000
asID: 137517
IP address blocks: 143.20.85.0/24 maxlen: 24
143.20.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:26:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:f8:0e:95:19:d8:80:44:f4:a5:31:b4:51:16:e6:5c:cc:fe:d1:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 6 07:10:33 2025 GMT
Not After : Jun 5 07:15:33 2026 GMT
Subject: CN=B2CB58299E3EA9C0A2743EC9AFF6DECAB9860D34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:7b:d4:47:de:89:29:4e:7e:ad:74:31:ca:
3b:6f:83:7d:72:0a:9d:9d:d8:d6:ba:90:50:f5:99:
4e:81:99:48:d6:7d:95:a1:12:1a:95:f1:25:1a:92:
cc:31:a9:9a:2b:46:dd:40:fb:c1:8e:62:e7:32:0b:
f3:9d:86:de:55:32:9a:3f:ca:42:76:e1:6e:37:85:
58:be:d1:c6:41:55:fc:e8:97:28:72:a8:b4:91:e4:
45:76:e2:58:d5:28:34:81:8e:ae:eb:ec:7f:6d:bb:
68:9f:18:65:39:30:14:94:68:e3:60:5f:61:fa:65:
15:e2:65:ed:8d:72:fa:8c:b5:a5:ef:05:ec:06:87:
37:e2:5b:d3:c2:a9:3d:82:39:d1:ec:11:ab:7b:c0:
e0:85:8f:fc:85:3f:ed:56:81:86:f0:69:53:4c:4d:
7f:37:f4:28:66:3e:28:ae:75:da:83:d4:91:01:c2:
ed:ef:2f:48:fe:a6:28:ed:2d:da:00:fa:7a:42:be:
f4:b2:3b:b0:5f:19:43:8b:3b:5e:9d:0b:f1:ae:0f:
58:09:8e:17:e9:ed:6d:66:99:43:e1:4f:42:48:cb:
14:37:40:6a:86:41:4f:33:bd:73:bc:dc:f3:75:91:
03:a8:e0:01:aa:61:19:28:a5:48:2d:0c:d2:55:2b:
09:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CB:58:29:9E:3E:A9:C0:A2:74:3E:C9:AF:F6:DE:CA:B9:86:0D:34
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.85.0/24
143.20.95.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:07:8d:1a:de:28:96:50:49:f7:49:73:79:e4:a7:fb:ae:c6:
a9:0b:d7:f2:f0:16:7d:74:df:80:25:dd:ad:89:dd:6f:d0:a1:
ae:3d:d6:4a:e9:b5:f0:39:a8:52:1a:ee:28:65:6f:24:b1:e2:
96:8b:00:71:31:d1:18:8b:52:7f:22:dc:63:5b:24:fc:94:80:
95:bd:b6:46:3d:d0:e5:46:22:c6:eb:69:45:d6:ee:f8:48:76:
bd:22:9b:c7:99:e3:bd:b3:f5:42:98:3e:b6:00:21:82:b3:ff:
ba:82:89:18:fe:a0:07:0b:03:7d:e1:27:09:40:6f:c0:ca:08:
15:b6:5e:09:e4:09:27:30:0d:1c:24:5d:f7:75:2b:c8:ab:94:
59:c4:05:58:bd:5d:bd:3f:86:3a:74:45:ee:e7:2f:d2:51:e9:
c8:d6:49:35:2e:5f:de:36:e0:70:3c:ce:f7:6e:4f:93:bb:f5:
03:c8:ac:46:39:85:46:cb:ba:39:0b:34:ac:d2:42:07:cf:ae:
b7:e1:ef:a9:f0:2b:d5:31:f0:d5:3f:15:21:45:f1:00:43:7e:
45:f3:af:06:07:6a:ba:0b:ff:fa:8b:55:fe:9c:a9:af:e4:bc:
d0:af:51:a2:8e:51:8d:5f:fa:ef:3a:4e:c8:47:b5:69:2e:71:
78:1c:38:f5
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUPPgOlRnYgET0pTG0URbmXMz+0eswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDYwNzEwMzNaFw0yNjA2MDUwNzE1MzNaMDMxMTAvBgNV
BAMTKEIyQ0I1ODI5OUUzRUE5QzBBMjc0M0VDOUFGRjZERUNBQjk4NjBEMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3/HvUR96JKU5+rXQxyjtvg31y
Cp2d2Na6kFD1mU6BmUjWfZWhEhqV8SUakswxqZorRt1A+8GOYucyC/Odht5VMpo/
ykJ24W43hVi+0cZBVfzolyhyqLSR5EV24ljVKDSBjq7r7H9tu2ifGGU5MBSUaONg
X2H6ZRXiZe2NcvqMtaXvBewGhzfiW9PCqT2COdHsEat7wOCFj/yFP+1WgYbwaVNM
TX839ChmPiiuddqD1JEBwu3vL0j+pijtLdoA+npCvvSyO7BfGUOLO16dC/GuD1gJ
jhfp7W1mmUPhT0JIyxQ3QGqGQU8zvXO83PN1kQOo4AGqYRkopUgtDNJVKwmjAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUsstYKZ4+qcCidD7Jr/beyrmGDTQwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjxRV
AwQAjxRfMA0GCSqGSIb3DQEBCwUAA4IBAQBNB40a3iiWUEn3SXN55Kf7rsapC9fy
8BZ9dN+AJd2tid1v0KGuPdZK6bXwOahSGu4oZW8kseKWiwBxMdEYi1J/ItxjWyT8
lICVvbZGPdDlRiLG62lF1u74SHa9IpvHmeO9s/VCmD62ACGCs/+6gokY/qAHCwN9
4ScJQG/AyggVtl4J5AknMA0cJF33dSvIq5RZxAVYvV29P4Y6dEXu5y/SUenI1kk1
Ll/eNuBwPM73bk+Tu/UDyKxGOYVGy7o5CzSs0kIHz6634e+p8CvVMfDVPxUhRfEA
Q35F868GB2q6C//6i1X+nKmv5LzQr1GijlGNX/rvOk7IR7VpLnF4HDj1
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:21:15 2025 by rpki-client