Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
File: AS137517.roa (raw, json)
Hash identifier: NQra04tiE9X3RFxbotbz8PoA9SEt5bl7RpQyJVthaRo=
Subject key identifier: 39:B7:B8:6D:5A:30:0D:36:C1:66:BB:B4:0C:58:67:40:1F:8D:C9:BA
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 63A1B7E2028713E90311E9F05A69B3FC2E80FCCA
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
Signing time: Mon 27 Oct 2025 00:04:21 +0000
ROA not before: Sun 26 Oct 2025 23:59:21 +0000
ROA not after: Mon 26 Oct 2026 00:04:21 +0000
asID: 137517
IP address blocks: 143.14.95.0/24 maxlen: 24
167.148.8.0/24 maxlen: 24
167.148.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:a1:b7:e2:02:87:13:e9:03:11:e9:f0:5a:69:b3:fc:2e:80:fc:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 26 23:59:21 2025 GMT
Not After : Oct 26 00:04:21 2026 GMT
Subject: CN=39B7B86D5A300D36C166BBB40C5867401F8DC9BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:91:46:27:de:c2:08:45:c8:01:f3:5c:fb:b8:
3f:37:ab:1f:29:33:2e:dc:cf:ca:36:2b:31:2d:fd:
a1:24:79:f8:6e:9e:95:4e:a8:e6:67:47:54:fa:72:
b8:10:c8:2d:d6:78:80:97:bf:ef:32:d6:40:1b:f6:
00:11:f3:6b:d4:4e:10:5b:fe:b8:db:bd:90:5a:5a:
04:84:8f:73:6d:3d:a4:fe:f1:a6:f3:c6:15:a9:f7:
03:33:80:b6:a2:a7:b5:08:23:e4:6e:97:09:55:49:
08:b5:b8:c2:f3:d7:f6:a4:cc:08:17:56:8b:13:14:
18:9f:74:80:2a:c6:37:70:7b:87:00:16:df:ac:53:
d7:24:ca:27:ae:ca:e6:76:76:fc:ff:de:5e:a1:b7:
c9:96:14:f0:ac:98:55:92:2f:46:ef:58:12:d3:e5:
29:32:4f:96:1e:d4:c0:9d:5f:d5:87:aa:d3:06:96:
d9:c4:4e:97:5c:a2:54:0c:2c:7e:aa:4b:f3:6e:e5:
7c:5d:2a:6e:f7:3d:49:6a:5b:bd:8d:45:88:33:59:
82:9a:db:64:ec:c9:a2:3c:ef:e0:aa:97:f2:aa:11:
7c:39:48:a1:61:95:60:6d:91:54:b0:65:d1:42:59:
89:53:46:eb:ca:d0:b0:bb:9d:4a:33:ff:0b:0e:f6:
3b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B7:B8:6D:5A:30:0D:36:C1:66:BB:B4:0C:58:67:40:1F:8D:C9:BA
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.95.0/24
167.148.8.0/24
167.148.41.0/24
Signature Algorithm: sha256WithRSAEncryption
21:d7:10:4b:8a:35:e4:c8:83:8f:c8:9f:3d:5d:c1:bb:69:95:
f7:2a:35:b4:a0:d7:9b:d2:4f:ca:d7:0c:fa:e9:f8:9c:69:33:
c4:35:be:7b:41:6f:0b:0a:67:53:73:56:d2:78:67:c7:94:9f:
95:96:1e:ce:1a:99:89:d3:fb:59:50:bd:50:3f:26:ed:e4:8f:
b1:a9:8f:a5:8b:3e:25:4d:af:2b:da:65:5b:06:cc:36:26:29:
68:ad:0c:12:df:37:cb:c3:6c:a7:f0:72:67:41:75:21:c7:59:
c4:e7:16:2c:f1:7e:01:b0:d4:32:c0:c1:74:33:08:f9:11:c0:
e0:fb:ce:26:19:9d:1e:54:31:f7:40:69:b7:87:55:4b:a6:4d:
1e:62:68:c0:00:94:a5:f1:6b:77:59:17:24:ad:0a:d0:7c:dc:
c2:cc:aa:1c:13:72:58:65:35:58:cc:c0:07:1d:22:3d:e5:83:
15:6c:a7:1d:a4:ab:b8:86:2c:b5:55:28:2f:73:0b:68:93:9c:
4e:b4:78:53:b0:10:cd:d1:e2:79:e1:05:25:30:4d:aa:5a:f8:
16:48:f0:5d:aa:0a:47:01:1e:69:48:44:85:db:62:34:5c:9b:
52:a5:50:29:11:91:5e:70:05:cc:56:17:1c:63:54:9a:28:49:
17:ad:a7:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUY6G34gKHE+kDEenwWmmz/C6A/MowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMjYyMzU5MjFaFw0yNjEwMjYwMDA0MjFaMDMxMTAvBgNV
BAMTKDM5QjdCODZENUEzMDBEMzZDMTY2QkJCNDBDNTg2NzQwMUY4REM5QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCykUYn3sIIRcgB81z7uD83qx8p
My7cz8o2KzEt/aEkefhunpVOqOZnR1T6crgQyC3WeICXv+8y1kAb9gAR82vUThBb
/rjbvZBaWgSEj3NtPaT+8abzxhWp9wMzgLaip7UII+RulwlVSQi1uMLz1/akzAgX
VosTFBifdIAqxjdwe4cAFt+sU9ckyieuyuZ2dvz/3l6ht8mWFPCsmFWSL0bvWBLT
5SkyT5Ye1MCdX9WHqtMGltnETpdcolQMLH6qS/Nu5XxdKm73PUlqW72NRYgzWYKa
22TsyaI87+Cql/KqEXw5SKFhlWBtkVSwZdFCWYlTRuvK0LC7nUoz/wsO9jtbAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUObe4bVowDTbBZru0DFhnQB+NybowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjw5f
AwQAp5QIAwQAp5QpMA0GCSqGSIb3DQEBCwUAA4IBAQAh1xBLijXkyIOPyJ89XcG7
aZX3KjW0oNeb0k/K1wz66ficaTPENb57QW8LCmdTc1bSeGfHlJ+Vlh7OGpmJ0/tZ
UL1QPybt5I+xqY+liz4lTa8r2mVbBsw2JilorQwS3zfLw2yn8HJnQXUhx1nE5xYs
8X4BsNQywMF0Mwj5EcDg+84mGZ0eVDH3QGm3h1VLpk0eYmjAAJSl8Wt3WRckrQrQ
fNzCzKocE3JYZTVYzMAHHSI95YMVbKcdpKu4hiy1VSgvcwtok5xOtHhTsBDN0eJ5
4QUlME2qWvgWSPBdqgpHAR5pSESF22I0XJtSpVApEZFecAXMVhccY1SaKEkXracc
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:57:09 2025 by rpki-client