Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13335.roa
File: AS13335.roa (raw, json)
Hash identifier: pVFbTik8xSfjEdo+yIImo3JTWWG8hm6XEGJbQ+Tmyk4=
Subject key identifier: 1E:67:8B:F0:E5:B4:2F:A7:43:0D:CD:4C:38:BB:3E:AC:52:45:45:88
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 53EC1E2600B67122828AC476C4158A8D490BBA34
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13335.roa
Signing time: Sat 01 Nov 2025 22:08:27 +0000
ROA not before: Sat 01 Nov 2025 22:03:27 +0000
ROA not after: Sat 31 Oct 2026 22:08:27 +0000
asID: 13335
IP address blocks: 143.14.163.0/24 maxlen: 24
143.14.165.0/24 maxlen: 24
143.14.167.0/24 maxlen: 24
143.14.168.0/24 maxlen: 24
143.14.176.0/22 maxlen: 24
143.14.224.0/24 maxlen: 24
143.14.251.0/24 maxlen: 24
155.117.208.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:ec:1e:26:00:b6:71:22:82:8a:c4:76:c4:15:8a:8d:49:0b:ba:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 1 22:03:27 2025 GMT
Not After : Oct 31 22:08:27 2026 GMT
Subject: CN=1E678BF0E5B42FA7430DCD4C38BB3EAC52454588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1a:4b:9d:f5:c8:94:ed:0f:13:73:62:07:bf:
90:ab:23:b1:2b:ea:09:76:c9:f9:b6:d3:ec:fc:87:
f7:c1:ab:64:51:92:f4:8a:96:3a:3c:01:d2:15:e2:
c4:01:10:4f:07:96:06:d9:bf:25:83:f3:25:83:a8:
78:0e:25:75:82:d8:8e:a5:76:ce:3c:98:68:bb:fa:
04:75:7d:33:40:ed:72:f8:dd:c6:aa:72:68:75:38:
bd:0a:0d:fb:69:f1:1a:7b:8b:fa:be:1a:cb:e3:c5:
11:a8:cc:99:60:03:cd:74:6f:25:4b:2a:bf:81:d6:
f7:39:f8:02:ba:60:ce:ed:03:70:53:3e:64:85:f3:
a1:61:5d:a8:cc:49:83:71:a2:1b:fa:d7:93:0b:1b:
6b:e5:ce:35:30:6a:b8:7b:bd:57:5b:3d:e9:dc:6d:
df:78:40:18:dd:3c:95:47:b2:45:4f:73:ee:49:26:
b5:47:44:2d:bb:83:e0:58:a1:bf:f1:b4:39:6a:db:
d6:32:22:01:60:bc:fb:67:42:02:f1:f2:4a:e9:a8:
1c:15:23:50:ee:83:41:59:12:6c:97:53:6e:6c:66:
a5:86:95:de:01:7f:43:9d:73:71:ac:d7:f7:70:c5:
7f:9c:61:5f:6b:dc:98:17:cb:89:22:90:bb:e7:ce:
99:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:67:8B:F0:E5:B4:2F:A7:43:0D:CD:4C:38:BB:3E:AC:52:45:45:88
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS13335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.163.0/24
143.14.165.0/24
143.14.167.0-143.14.168.255
143.14.176.0/22
143.14.224.0/24
143.14.251.0/24
155.117.208.0/23
Signature Algorithm: sha256WithRSAEncryption
20:2c:5c:a5:75:ff:de:5c:4b:a5:a5:f2:2c:34:e5:25:ea:21:
49:65:40:50:9f:fe:18:43:ed:04:4f:0e:96:dd:2e:78:29:37:
f2:c5:b2:6c:50:9c:aa:1a:2f:1a:ff:af:79:a2:05:9f:dd:56:
d9:bd:0d:84:9a:69:b0:89:26:af:cd:60:15:e8:c2:6e:04:b5:
d3:c8:fa:66:99:01:82:56:34:d9:49:d1:7f:38:d3:63:85:b5:
82:23:ec:6e:d3:65:3f:3d:1e:d7:98:9d:f1:74:98:c3:47:e5:
9c:05:8e:34:5f:49:57:24:08:87:1f:be:9d:ed:19:ad:ba:3f:
86:c0:c2:ed:84:79:3e:3c:8a:c7:25:18:b8:2a:d2:d7:35:29:
f8:d4:3a:14:2a:1d:fe:06:45:ff:ae:37:68:7b:6c:3a:40:c6:
92:51:1e:5b:50:38:12:77:49:8a:10:76:4f:68:c0:d3:a7:7d:
1b:56:2c:db:91:aa:2d:4f:66:55:cc:43:4e:79:32:0d:90:28:
53:17:b1:2f:33:b6:76:3d:f5:79:8f:d8:d2:62:3a:e1:89:b3:
e3:fc:a6:2f:2d:72:6f:5a:cf:28:ad:76:7c:bb:5c:a0:e5:50:
39:38:6b:43:3a:e3:c5:f4:14:b9:74:62:63:4b:30:d4:c1:1a:
ff:b0:34:12
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUU+weJgC2cSKCisR2xBWKjUkLujQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTExMDEyMjAzMjdaFw0yNjEwMzEyMjA4MjdaMDMxMTAvBgNV
BAMTKDFFNjc4QkYwRTVCNDJGQTc0MzBEQ0Q0QzM4QkIzRUFDNTI0NTQ1ODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOGkud9ciU7Q8Tc2IHv5CrI7Er
6gl2yfm20+z8h/fBq2RRkvSKljo8AdIV4sQBEE8HlgbZvyWD8yWDqHgOJXWC2I6l
ds48mGi7+gR1fTNA7XL43caqcmh1OL0KDftp8Rp7i/q+GsvjxRGozJlgA810byVL
Kr+B1vc5+AK6YM7tA3BTPmSF86FhXajMSYNxohv615MLG2vlzjUwarh7vVdbPenc
bd94QBjdPJVHskVPc+5JJrVHRC27g+BYob/xtDlq29YyIgFgvPtnQgLx8krpqBwV
I1Dug0FZEmyXU25sZqWGld4Bf0Odc3Gs1/dwxX+cYV9r3JgXy4kikLvnzplPAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUHmeL8OW0L6dDDc1MOLs+rFJFRYgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSwYIKwYBBQUHAQcBAf8EPDA6MDgEAgABMDIDBACPDqMD
BACPDqUwDAMEAI8OpwMEAI8OqAMEAo8OsAMEAI8O4AMEAI8O+wMEAZt10DANBgkq
hkiG9w0BAQsFAAOCAQEAICxcpXX/3lxLpaXyLDTlJeohSWVAUJ/+GEPtBE8Olt0u
eCk38sWybFCcqhovGv+veaIFn91W2b0NhJppsIkmr81gFejCbgS108j6ZpkBglY0
2UnRfzjTY4W1giPsbtNlPz0e15id8XSYw0flnAWONF9JVyQIhx++ne0Zrbo/hsDC
7YR5PjyKxyUYuCrS1zUp+NQ6FCod/gZF/643aHtsOkDGklEeW1A4EndJihB2T2jA
06d9G1Ys25GqLU9mVcxDTnkyDZAoUxexLzO2dj31eY/Y0mI64Ymz4/ymLy1yb1rP
KK12fLtcoOVQOThrQzrjxfQUuXRiY0sw1MEa/7A0Eg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:21:28 2025 by rpki-client