Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: mBpGRFALBxJBqQaQGlaDxrmzLeDnY5iDAH5RvrBsoe4=
Subject key identifier: 3C:11:C3:06:7A:EA:B7:97:9D:95:79:8D:01:88:C1:44:E4:68:45:61
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6F7EA6182FCA7F44936C05FA8773AF0429063A88
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
Signing time: Tue 28 Oct 2025 09:38:07 +0000
ROA not before: Tue 28 Oct 2025 09:33:07 +0000
ROA not after: Tue 27 Oct 2026 09:38:07 +0000
asID: 137235
IP address blocks: 140.233.177.0/24 maxlen: 24
143.14.162.0/24 maxlen: 24
162.141.78.0/24 maxlen: 24
162.141.114.0/24 maxlen: 24
167.148.3.0/24 maxlen: 24
167.148.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:7e:a6:18:2f:ca:7f:44:93:6c:05:fa:87:73:af:04:29:06:3a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 28 09:33:07 2025 GMT
Not After : Oct 27 09:38:07 2026 GMT
Subject: CN=3C11C3067AEAB7979D95798D0188C144E4684561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:91:ef:ea:fa:2d:d4:59:e8:08:cc:ed:79:8a:
5f:0d:51:9b:fd:e5:b1:ba:2d:5f:c8:8a:3e:0b:11:
5c:29:d2:4d:03:48:48:bd:78:84:d9:51:00:a1:a4:
60:07:78:3a:b9:79:de:24:6d:64:2c:35:e7:2f:aa:
aa:a1:0a:44:26:18:25:e8:08:63:3e:2f:0f:16:3a:
50:d2:2f:93:23:0c:98:a0:38:0e:6d:8c:5c:9e:2a:
29:41:32:90:16:e1:61:33:94:6d:fb:d4:c1:70:83:
df:43:68:a8:62:4d:6e:23:0f:67:6c:6b:7e:c7:13:
4c:c9:dd:b0:1e:e8:51:09:71:0b:92:82:ae:f6:6b:
ea:0a:e5:e7:f7:ff:c3:7a:56:08:67:8d:e8:bd:ca:
02:6d:fc:38:c2:31:cc:75:da:17:1c:16:75:16:42:
29:3f:58:53:85:d8:f6:9f:f3:66:04:e9:10:0f:7b:
51:04:cb:ef:76:34:fe:26:53:7e:94:68:c3:e0:26:
b4:3d:b6:6a:ba:45:20:f9:63:46:cf:1e:c9:6d:7f:
06:ab:15:cc:5e:45:bf:85:6b:be:8d:86:62:25:51:
1a:8d:46:63:15:9b:55:94:3d:cb:92:18:7e:08:a3:
3d:ae:ac:54:dc:ab:e6:b2:16:a6:51:9b:ca:56:60:
db:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:11:C3:06:7A:EA:B7:97:9D:95:79:8D:01:88:C1:44:E4:68:45:61
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.177.0/24
143.14.162.0/24
162.141.78.0/24
162.141.114.0/24
167.148.3.0/24
167.148.209.0/24
Signature Algorithm: sha256WithRSAEncryption
20:b3:a1:2f:ad:6a:8e:43:62:7c:cb:06:c7:99:50:0f:e5:10:
2e:51:d4:b4:fd:e6:6d:1b:80:4f:09:fd:04:23:d5:1e:d5:d6:
95:8e:8b:55:0b:30:50:a4:72:57:5f:14:9c:9f:d9:77:80:0c:
83:18:ff:75:9d:a3:b5:92:7e:9a:30:5a:a8:d0:7c:c9:0f:54:
d7:43:f4:8d:71:d6:b4:cd:ef:12:66:1a:f6:09:3a:00:ad:db:
0f:34:42:70:21:16:7c:c7:d2:3b:6f:d2:a1:f3:2a:5c:b6:ef:
6c:07:25:de:62:21:1b:ff:95:37:3a:47:b3:04:79:1c:ef:7e:
62:7a:bf:7a:4a:1b:d4:fd:d6:61:b9:1f:3a:5e:9a:ed:cd:6c:
6e:bb:4f:77:f5:80:3e:52:5a:51:f3:31:da:04:4c:cc:39:20:
68:7c:9b:7b:ac:08:6f:12:43:b7:d7:47:6a:10:f0:1f:7d:eb:
5a:f3:40:d4:5e:5e:2f:8e:a1:23:3c:4e:70:bc:62:8d:2d:04:
18:a4:fc:ab:fd:00:36:ac:7f:09:36:15:04:06:4e:ea:96:ea:
66:f4:1f:06:62:3b:b0:b4:4c:48:de:fc:83:df:65:98:74:86:
77:e2:51:19:61:eb:0d:c2:d5:a2:26:0c:5d:06:6c:14:e3:17:
a5:e9:5f:9c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUb36mGC/Kf0STbAX6h3OvBCkGOogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMjgwOTMzMDdaFw0yNjEwMjcwOTM4MDdaMDMxMTAvBgNV
BAMTKDNDMTFDMzA2N0FFQUI3OTc5RDk1Nzk4RDAxODhDMTQ0RTQ2ODQ1NjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGke/q+i3UWegIzO15il8NUZv9
5bG6LV/Iij4LEVwp0k0DSEi9eITZUQChpGAHeDq5ed4kbWQsNecvqqqhCkQmGCXo
CGM+Lw8WOlDSL5MjDJigOA5tjFyeKilBMpAW4WEzlG371MFwg99DaKhiTW4jD2ds
a37HE0zJ3bAe6FEJcQuSgq72a+oK5ef3/8N6Vghnjei9ygJt/DjCMcx12hccFnUW
Qik/WFOF2Paf82YE6RAPe1EEy+92NP4mU36UaMPgJrQ9tmq6RSD5Y0bPHsltfwar
FcxeRb+Fa76NhmIlURqNRmMVm1WUPcuSGH4Ioz2urFTcq+ayFqZRm8pWYNv5AgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUPBHDBnrqt5edlXmNAYjBRORoRWEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjOmx
AwQAjw6iAwQAoo1OAwQAoo1yAwQAp5QDAwQAp5TRMA0GCSqGSIb3DQEBCwUAA4IB
AQAgs6EvrWqOQ2J8ywbHmVAP5RAuUdS0/eZtG4BPCf0EI9Ue1daVjotVCzBQpHJX
XxScn9l3gAyDGP91naO1kn6aMFqo0HzJD1TXQ/SNcda0ze8SZhr2CToArdsPNEJw
IRZ8x9I7b9Kh8ypctu9sByXeYiEb/5U3OkezBHkc735ier96ShvU/dZhuR86Xprt
zWxuu0939YA+UlpR8zHaBEzMOSBofJt7rAhvEkO310dqEPAffeta80DUXl4vjqEj
PE5wvGKNLQQYpPyr/QA2rH8JNhUEBk7qlupm9B8GYjuwtExI3vyD32WYdIZ34lEZ
YesNwtWiJgxdBmwU4xel6V+c
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:41:43 2025 by rpki-client