Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: HTpw+289pJsuUGKE4xK84ixPA67kV0nR/ievJRt+hCE=
Subject key identifier: 44:B1:3E:04:B2:A9:77:90:F6:02:FD:5E:D3:E2:68:89:60:A6:06:36
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 07F56A37307476F497FEF08352A47523DF172FC8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
Signing time: Fri 01 Aug 2025 07:59:40 +0000
ROA not before: Fri 01 Aug 2025 07:54:40 +0000
ROA not after: Fri 31 Jul 2026 07:59:40 +0000
asID: 137235
IP address blocks: 143.14.162.0/24 maxlen: 24
155.117.244.0/24 maxlen: 24
162.141.78.0/24 maxlen: 24
162.141.114.0/24 maxlen: 24
167.148.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:f5:6a:37:30:74:76:f4:97:fe:f0:83:52:a4:75:23:df:17:2f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 1 07:54:40 2025 GMT
Not After : Jul 31 07:59:40 2026 GMT
Subject: CN=44B13E04B2A97790F602FD5ED3E2688960A60636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e5:02:7f:f5:ae:e6:7b:dc:c8:0c:d3:28:4f:
64:3e:ae:98:4f:4a:38:92:d8:4f:50:3b:18:c2:9d:
b0:5f:df:a9:4c:19:cd:1f:13:6f:ae:31:25:89:88:
08:c8:aa:1d:30:a2:74:13:db:72:e0:ae:7d:72:60:
40:ee:27:fe:e4:42:19:72:b5:fd:87:89:18:a7:45:
bd:2a:fd:e2:17:ac:9f:44:95:96:04:c0:8a:62:ae:
c2:85:0a:63:c0:83:2f:33:f1:ab:b8:73:52:31:e2:
6b:f7:34:a7:77:04:f8:8c:68:e0:a1:42:c0:5e:60:
44:8f:5c:1e:90:fd:b0:7a:08:7b:45:8e:75:c3:e9:
45:31:90:b3:4a:a8:2b:17:d2:73:ce:85:93:83:0b:
b1:22:93:9f:57:d8:0b:f2:5f:45:1c:5b:f6:36:2b:
58:58:33:f7:59:77:6d:dc:e9:03:75:97:23:35:bf:
32:13:9d:d8:47:2e:c0:f2:c0:b9:7d:46:86:07:03:
f0:b8:64:1d:32:b3:85:e9:0d:11:c2:c4:98:99:9b:
aa:55:60:a8:78:28:52:41:70:d0:66:7d:fe:d6:f6:
f6:7f:27:14:35:7f:e4:04:b1:98:d1:51:5e:9e:1b:
fb:e9:9c:8c:62:19:77:93:95:81:f2:59:2f:61:41:
90:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B1:3E:04:B2:A9:77:90:F6:02:FD:5E:D3:E2:68:89:60:A6:06:36
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.162.0/24
155.117.244.0/24
162.141.78.0/24
162.141.114.0/24
167.148.3.0/24
Signature Algorithm: sha256WithRSAEncryption
12:0d:f2:d4:04:51:77:9b:63:ff:81:33:f1:eb:e1:7b:c6:b1:
8d:c8:d5:3e:44:f9:1f:15:46:8e:97:94:ea:1e:1f:1c:a1:f4:
5e:cd:67:18:8e:81:8f:ae:43:84:05:9b:a4:fe:56:2f:41:11:
2c:53:cb:d6:91:ec:95:27:52:fe:31:12:0b:0c:62:33:49:7d:
24:0e:47:f5:64:e7:23:3c:e7:ec:2b:88:0e:39:d0:d9:9d:11:
b3:be:64:92:56:78:53:98:e4:1d:1c:5d:cd:1d:4d:23:4c:7b:
12:40:59:5f:8d:85:10:d4:94:5a:26:e1:a2:59:a7:01:06:5a:
5d:7c:2c:8e:3d:ec:3a:e4:8c:7f:b6:f6:7d:3c:fe:4d:f0:90:
44:c8:64:e3:7a:37:b5:b7:61:11:ba:ed:0f:c3:8e:92:f6:2e:
78:d0:5f:17:e6:67:30:a1:9c:bc:c9:77:d3:72:cb:cb:76:43:
ad:14:4a:9d:3c:20:b4:71:25:24:40:83:0f:36:2f:f7:85:a2:
be:d8:70:1e:ce:f8:10:40:11:41:32:bd:16:69:95:27:8a:03:
71:e3:df:61:cd:cb:d1:31:d6:35:ab:50:d0:cd:94:80:45:e6:
b8:74:16:84:93:25:ff:78:82:f4:d7:1d:24:0a:73:f5:7e:cd:
14:df:b6:c7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUB/VqNzB0dvSX/vCDUqR1I98XL8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDEwNzU0NDBaFw0yNjA3MzEwNzU5NDBaMDMxMTAvBgNV
BAMTKDQ0QjEzRTA0QjJBOTc3OTBGNjAyRkQ1RUQzRTI2ODg5NjBBNjA2MzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt5QJ/9a7me9zIDNMoT2Q+rphP
SjiS2E9QOxjCnbBf36lMGc0fE2+uMSWJiAjIqh0wonQT23Lgrn1yYEDuJ/7kQhly
tf2HiRinRb0q/eIXrJ9ElZYEwIpirsKFCmPAgy8z8au4c1Ix4mv3NKd3BPiMaOCh
QsBeYESPXB6Q/bB6CHtFjnXD6UUxkLNKqCsX0nPOhZODC7Eik59X2AvyX0UcW/Y2
K1hYM/dZd23c6QN1lyM1vzITndhHLsDywLl9RoYHA/C4ZB0ys4XpDRHCxJiZm6pV
YKh4KFJBcNBmff7W9vZ/JxQ1f+QEsZjRUV6eG/vpnIxiGXeTlYHyWS9hQZBFAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQURLE+BLKpd5D2Av1e0+JoiWCmBjYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAjw6i
AwQAm3X0AwQAoo1OAwQAoo1yAwQAp5QDMA0GCSqGSIb3DQEBCwUAA4IBAQASDfLU
BFF3m2P/gTPx6+F7xrGNyNU+RPkfFUaOl5TqHh8cofRezWcYjoGPrkOEBZuk/lYv
QREsU8vWkeyVJ1L+MRILDGIzSX0kDkf1ZOcjPOfsK4gOOdDZnRGzvmSSVnhTmOQd
HF3NHU0jTHsSQFlfjYUQ1JRaJuGiWacBBlpdfCyOPew65Ix/tvZ9PP5N8JBEyGTj
eje1t2ERuu0Pw46S9i540F8X5mcwoZy8yXfTcsvLdkOtFEqdPCC0cSUkQIMPNi/3
haK+2HAezvgQQBFBMr0WaZUnigNx499hzcvRMdY1q1DQzZSARea4dBaEkyX/eIL0
1x0kCnP1fs0U37bH
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:41:23 2025 by rpki-client