Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154049.roa
File: AS154049.roa (raw, json)
Hash identifier: 5i9KW0gb1AWVZy6F6YslaKFuiMa1GtYHgYtaX7uofQ4=
Subject key identifier: 30:60:3C:BC:16:B8:3E:A8:1F:3E:9B:00:2C:5E:2D:44:50:79:F5:24
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3094D8E51C2EC60A954F0EEB86894D4CE1DD0A43
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154049.roa
Signing time: Mon 04 Aug 2025 17:27:06 +0000
ROA not before: Mon 04 Aug 2025 17:22:06 +0000
ROA not after: Mon 03 Aug 2026 17:27:06 +0000
asID: 154049
IP address blocks: 96.62.219.0/24 maxlen: 24
140.233.172.0/24 maxlen: 24
143.14.253.0/24 maxlen: 24
147.79.63.0/24 maxlen: 24
155.117.238.0/24 maxlen: 24
162.141.91.0/24 maxlen: 24
167.148.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 01:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:94:d8:e5:1c:2e:c6:0a:95:4f:0e:eb:86:89:4d:4c:e1:dd:0a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 4 17:22:06 2025 GMT
Not After : Aug 3 17:27:06 2026 GMT
Subject: CN=30603CBC16B83EA81F3E9B002C5E2D445079F524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c3:e2:06:7f:c1:d7:2d:29:ef:ab:da:7a:cf:
e1:f6:27:08:04:92:be:26:93:13:a1:1c:08:b8:a4:
9d:64:5e:de:00:5f:3b:91:11:65:3a:64:06:b2:01:
03:df:3c:7e:19:ae:63:2f:c8:42:9f:a8:88:71:d2:
8f:ab:3f:06:68:13:e6:e8:e8:76:d2:89:7d:ec:bf:
50:b3:5e:b5:78:e1:41:e7:13:b4:0c:74:7a:98:8a:
76:b5:e8:88:d4:06:60:76:49:99:dd:93:93:21:f0:
0f:48:18:e8:59:89:94:3e:c7:18:65:c7:af:c5:cc:
e3:73:4d:b8:a5:8f:4a:1d:26:ab:bd:26:3e:90:ca:
b9:3a:f5:26:85:d7:88:41:df:3d:b7:b6:bb:f7:8e:
76:f4:f5:72:c5:8d:3b:dd:c5:c9:32:a1:14:c8:2f:
89:fb:cd:6b:a7:2e:62:6f:66:36:c3:a5:94:0d:15:
e0:e7:c8:df:3f:ed:83:60:1c:67:1f:77:42:b6:1b:
42:6a:19:aa:f0:a2:e6:86:09:ae:94:09:75:e5:25:
2a:0a:fb:0d:da:19:6c:c6:58:a4:f6:17:c5:fc:57:
38:13:aa:dd:68:a2:81:78:37:ab:d3:1f:53:66:36:
ac:cb:a7:d1:5d:42:f8:65:15:16:d4:f8:9f:98:69:
1c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:60:3C:BC:16:B8:3E:A8:1F:3E:9B:00:2C:5E:2D:44:50:79:F5:24
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS154049.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.219.0/24
140.233.172.0/24
143.14.253.0/24
147.79.63.0/24
155.117.238.0/24
162.141.91.0/24
167.148.222.0/24
Signature Algorithm: sha256WithRSAEncryption
60:29:7a:38:53:ba:d0:67:60:15:50:b7:1a:bd:01:df:1c:e1:
3e:8f:d1:7f:56:3e:40:71:48:d7:ac:ad:f9:7c:f0:b0:26:d5:
f9:13:93:20:43:8c:e0:4b:41:ed:4c:79:b1:c5:0b:5c:a2:d9:
6e:10:3f:de:5c:0d:5e:c2:cf:2e:de:f8:d7:d8:5f:95:97:a4:
61:6e:38:3f:db:16:32:8b:8f:6a:a5:ce:0d:f8:31:11:38:4d:
f4:61:0a:66:df:0a:82:9c:e8:1f:d3:e2:eb:a5:28:13:32:8f:
fa:d4:4b:8d:6a:36:9e:8d:3b:16:10:9f:af:3e:ed:0d:23:03:
22:b3:7f:12:85:6c:ee:41:38:75:26:2e:1e:41:05:1f:8b:14:
be:bb:4e:d0:ea:7b:61:6e:50:5f:73:d8:9f:2b:bd:a8:24:fe:
11:e2:22:3d:0e:95:7f:52:83:fa:a1:0a:f3:5e:4d:d1:24:44:
c3:72:04:25:59:cd:f8:9a:f0:0c:17:75:bf:6c:40:cc:52:45:
d2:fc:b2:57:83:6b:4b:db:0b:74:47:ba:ff:8e:8c:03:40:74:
97:02:34:6b:f6:41:94:f8:e0:70:f3:4e:2e:b8:31:a5:6d:cf:
91:a8:f7:5e:a2:08:cd:0d:75:e6:b9:09:61:0a:66:46:49:1c:
ed:27:7c:45
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUMJTY5RwuxgqVTw7rholNTOHdCkMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDQxNzIyMDZaFw0yNjA4MDMxNzI3MDZaMDMxMTAvBgNV
BAMTKDMwNjAzQ0JDMTZCODNFQTgxRjNFOUIwMDJDNUUyRDQ0NTA3OUY1MjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3w+IGf8HXLSnvq9p6z+H2JwgE
kr4mkxOhHAi4pJ1kXt4AXzuREWU6ZAayAQPfPH4ZrmMvyEKfqIhx0o+rPwZoE+bo
6HbSiX3sv1CzXrV44UHnE7QMdHqYina16IjUBmB2SZndk5Mh8A9IGOhZiZQ+xxhl
x6/FzONzTbilj0odJqu9Jj6Qyrk69SaF14hB3z23trv3jnb09XLFjTvdxckyoRTI
L4n7zWunLmJvZjbDpZQNFeDnyN8/7YNgHGcfd0K2G0JqGarwouaGCa6UCXXlJSoK
+w3aGWzGWKT2F8X8VzgTqt1oooF4N6vTH1NmNqzLp9FdQvhlFRbU+J+YaRxNAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUMGA8vBa4PqgfPpsALF4tRFB59SQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTU0MDQ5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAYD7b
AwQAjOmsAwQAjw79AwQAk08/AwQAm3XuAwQAoo1bAwQAp5TeMA0GCSqGSIb3DQEB
CwUAA4IBAQBgKXo4U7rQZ2AVULcavQHfHOE+j9F/Vj5AcUjXrK35fPCwJtX5E5Mg
Q4zgS0HtTHmxxQtcotluED/eXA1ews8u3vjX2F+Vl6Rhbjg/2xYyi49qpc4N+DER
OE30YQpm3wqCnOgf0+LrpSgTMo/61EuNajaejTsWEJ+vPu0NIwMis38ShWzuQTh1
Ji4eQQUfixS+u07Q6nthblBfc9ifK72oJP4R4iI9DpV/UoP6oQrzXk3RJETDcgQl
Wc34mvAMF3W/bEDMUkXS/LJXg2tL2wt0R7r/jowDQHSXAjRr9kGU+OBw804uuDGl
bc+RqPdeogjNDXXmuQlhCmZGSRztJ3xF
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:34:07 2025 by rpki-client