Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: zoW4gn35kvwkx4w0NMvKOuAAEyqc363U7AhM+upAhkI=
Subject key identifier: 6F:D3:2D:17:BB:40:D4:87:2C:5A:3D:CB:A7:79:64:E2:AB:9E:0A:75
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 72922E403214191AEF82F123AE2DAF31B48DD3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
Signing time: Mon 28 Jul 2025 06:17:34 +0000
ROA not before: Mon 28 Jul 2025 06:12:34 +0000
ROA not after: Mon 27 Jul 2026 06:17:34 +0000
asID: 137517
IP address blocks: 143.14.95.0/24 maxlen: 24
143.14.190.0/24 maxlen: 24
143.14.248.0/24 maxlen: 24
155.117.207.0/24 maxlen: 24
155.117.241.0/24 maxlen: 24
167.148.2.0/24 maxlen: 24
167.148.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:92:2e:40:32:14:19:1a:ef:82:f1:23:ae:2d:af:31:b4:8d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 28 06:12:34 2025 GMT
Not After : Jul 27 06:17:34 2026 GMT
Subject: CN=6FD32D17BB40D4872C5A3DCBA77964E2AB9E0A75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f0:76:e5:17:7b:af:c5:b7:2e:60:e7:ac:d0:
c2:3e:cd:c2:8b:74:71:2e:10:ce:15:58:e1:3c:48:
1a:b9:90:72:ea:43:07:f7:1d:2a:d1:b9:07:63:1a:
26:c3:87:f5:ab:f2:a3:2a:bb:d8:45:73:70:2b:3d:
9b:d9:50:b4:9c:14:76:f7:76:10:ea:a2:17:16:0d:
72:d5:7c:2a:3c:9c:4c:ea:e0:5e:62:27:01:3d:31:
0e:90:db:34:0c:5c:62:16:e8:91:4c:91:4a:c3:f4:
6e:71:39:9b:08:e0:7c:38:6c:8e:49:1d:37:4d:21:
43:12:cc:9f:c6:b7:55:e3:fe:14:62:34:b3:d8:23:
de:ba:ee:a2:92:2d:a9:4d:68:a2:f0:8c:58:c3:2a:
2e:e1:d3:2a:c6:41:9d:a4:b8:da:de:d9:56:82:12:
5c:bf:12:04:13:5c:0b:fa:bd:c2:38:1a:61:19:89:
86:0c:1f:c6:7d:37:04:e2:ee:b9:12:33:7c:65:26:
03:92:72:61:b9:b4:81:d9:ac:bc:ba:b0:01:a0:e0:
7e:60:a2:1d:24:66:f4:8a:5e:46:fa:e7:fc:7b:5e:
0a:c3:e6:8d:af:6a:ce:07:a0:de:48:64:9e:4f:d3:
49:f6:21:4c:10:b9:b0:dd:70:cb:cf:1f:5e:90:8e:
1d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D3:2D:17:BB:40:D4:87:2C:5A:3D:CB:A7:79:64:E2:AB:9E:0A:75
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.95.0/24
143.14.190.0/24
143.14.248.0/24
155.117.207.0/24
155.117.241.0/24
167.148.2.0/24
167.148.8.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:ff:53:9f:0d:ed:52:8e:1d:e4:20:83:2b:dd:b9:42:c0:a1:
b8:29:90:a6:43:70:3f:71:f1:36:29:87:95:db:36:34:69:84:
13:15:4c:13:1a:c2:cb:62:3d:7f:f8:b2:fe:37:91:4f:31:68:
69:22:68:e6:c0:fd:7a:91:7e:b9:7a:a7:f3:41:60:4b:75:09:
f3:e3:94:03:dc:e8:32:f0:52:f7:a2:08:e2:f4:31:02:59:bf:
17:7f:61:66:fe:57:c6:fc:7d:7f:20:70:37:b7:5b:e0:f5:f7:
f2:d8:66:6f:05:25:9d:25:a3:0d:89:c1:d7:c8:38:0d:3a:15:
31:d3:6e:fa:58:bd:32:56:3c:04:de:a2:cb:42:6d:a0:a2:fa:
65:2c:ec:52:6d:c6:36:68:90:f9:86:62:7c:79:1a:7e:50:0d:
bd:bd:11:dc:ff:c3:ea:83:5d:b7:6f:d0:f1:cd:de:37:c4:bb:
a7:73:96:f8:a6:da:19:be:db:2d:4f:ed:61:3f:ca:d7:f1:16:
e4:1f:c1:f7:7d:51:21:fe:9d:33:9e:f6:ed:7d:c2:01:d8:e8:
91:b4:66:03:fd:69:db:3d:8f:5a:ff:95:ab:0e:24:bb:22:0f:
18:42:e7:14:9b:78:1e:b1:23:e7:1c:c9:bf:90:52:fc:b1:f5:
c4:a8:44:5e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgITcpIuQDIUGRrvgvEjri2vMbSN0zANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0ZmMzMzZiZjlmM2RlNWNlNDE0MTRiZDE5NzE5NDVmNGIy
NDZiZmNjMB4XDTI1MDcyODA2MTIzNFoXDTI2MDcyNzA2MTczNFowMzExMC8GA1UE
AxMoNkZEMzJEMTdCQjQwRDQ4NzJDNUEzRENCQTc3OTY0RTJBQjlFMEE3NTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTwduUXe6/Fty5g56zQwj7Nwot0
cS4QzhVY4TxIGrmQcupDB/cdKtG5B2MaJsOH9avyoyq72EVzcCs9m9lQtJwUdvd2
EOqiFxYNctV8KjycTOrgXmInAT0xDpDbNAxcYhbokUyRSsP0bnE5mwjgfDhsjkkd
N00hQxLMn8a3VeP+FGI0s9gj3rruopItqU1oovCMWMMqLuHTKsZBnaS42t7ZVoIS
XL8SBBNcC/q9wjgaYRmJhgwfxn03BOLuuRIzfGUmA5JyYbm0gdmsvLqwAaDgfmCi
HSRm9IpeRvrn/HteCsPmja9qzgeg3khknk/TSfYhTBC5sN1wy88fXpCOHd0CAwEA
AaOCAi4wggIqMB0GA1UdDgQWBBRv0y0Xu0DUhyxaPcuneWTiq54KdTAfBgNVHSME
GDAWgBRPwza/nz3lzkFBS9GXGUX0ska/zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS8wOWJlM2FhZS1hZWExLTQxZGMtYjFiOS05NWFjNTkxODI0
NGQvMC80RkMzMzZCRjlGM0RFNUNFNDE0MTRCRDE5NzE5NDVGNEIyNDZCRkNDLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVDhNMnY1ODk1YzVCUVV2Umx4bEY5TEpH
djh3LmNlcjB7BggrBgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnN5
bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00
MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvQVMxMzc1MTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBACPDl8D
BACPDr4DBACPDvgDBACbdc8DBACbdfEDBACnlAIDBACnlAgwDQYJKoZIhvcNAQEL
BQADggEBAKH/U58N7VKOHeQggyvduULAobgpkKZDcD9x8TYph5XbNjRphBMVTBMa
wstiPX/4sv43kU8xaGkiaObA/XqRfrl6p/NBYEt1CfPjlAPc6DLwUveiCOL0MQJZ
vxd/YWb+V8b8fX8gcDe3W+D19/LYZm8FJZ0low2JwdfIOA06FTHTbvpYvTJWPATe
ostCbaCi+mUs7FJtxjZokPmGYnx5Gn5QDb29Edz/w+qDXbdv0PHN3jfEu6dzlvim
2hm+2y1P7WE/ytfxFuQfwfd9USH+nTOe9u19wgHY6JG0ZgP9ads9j1r/lasOJLsi
DxhC5xSbeB6xI+ccyb+QUvyx9cSoRF4=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:42:36 2025 by rpki-client