Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS393942.roa
File: AS393942.roa (raw, json)
Hash identifier: EQlJeiGGLuM0OCS75MrVbWL6bQu3Pe9fy8NOTzVN5AE=
Subject key identifier: 25:EE:09:35:C6:84:50:1B:E9:79:7B:9E:42:76:EF:F2:F8:21:10:9B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 607186A53F163988A11700FA15440BF5C8E2FD76
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS393942.roa
Signing time: Fri 01 Aug 2025 07:57:54 +0000
ROA not before: Fri 01 Aug 2025 07:52:54 +0000
ROA not after: Fri 31 Jul 2026 07:57:54 +0000
asID: 393942
IP address blocks: 145.223.67.0/24 maxlen: 24
146.103.29.0/24 maxlen: 24
148.135.172.0/24 maxlen: 24
155.117.217.0/24 maxlen: 24
167.148.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:71:86:a5:3f:16:39:88:a1:17:00:fa:15:44:0b:f5:c8:e2:fd:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 1 07:52:54 2025 GMT
Not After : Jul 31 07:57:54 2026 GMT
Subject: CN=25EE0935C684501BE9797B9E4276EFF2F821109B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fe:d5:00:7c:6c:00:29:fb:78:73:2b:67:24:
e6:19:79:42:da:0e:7f:4d:c6:1c:e0:46:24:a3:9a:
66:2e:f6:91:d9:7e:af:fc:94:0a:5c:0b:cf:10:5e:
1b:54:25:b7:7a:ae:16:ef:9f:50:8b:c2:a5:0b:3f:
b4:79:8d:c9:f5:4e:d7:4f:11:a4:0e:fd:50:67:c2:
6a:5c:7d:65:53:83:80:e1:2d:5c:f4:23:a2:f6:90:
2f:4e:e4:3c:37:8d:5d:3b:83:fa:ed:70:66:9a:de:
9c:ea:c8:69:12:de:ca:0d:ab:50:5a:47:cb:31:e6:
f1:80:a7:31:30:20:e0:20:4d:f4:4e:9e:06:a1:c8:
7e:68:c0:a8:22:3f:aa:22:98:c9:06:f5:bd:b9:e8:
11:4f:48:12:80:d7:ba:d5:f7:1f:a7:56:10:8c:0f:
bc:dd:08:72:fe:cb:64:49:f8:63:46:2e:85:55:3d:
e9:77:f4:32:98:56:5f:20:97:1e:1d:cd:21:9e:e0:
32:69:71:96:dc:74:31:06:f0:fe:87:03:ea:4c:82:
8f:30:bc:8f:d6:c1:13:98:c1:1f:68:be:3c:df:1a:
0b:c1:26:83:16:5a:62:7d:bf:28:08:38:7c:4e:65:
94:33:94:75:19:0d:cf:fb:a8:9b:2a:bb:fc:bd:a8:
61:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EE:09:35:C6:84:50:1B:E9:79:7B:9E:42:76:EF:F2:F8:21:10:9B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS393942.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.67.0/24
146.103.29.0/24
148.135.172.0/24
155.117.217.0/24
167.148.163.0/24
Signature Algorithm: sha256WithRSAEncryption
99:17:c8:31:70:d2:cd:a1:b7:89:e9:3b:01:8e:9c:aa:7d:f6:
70:07:5d:3a:8b:b1:23:dd:03:11:bc:92:fd:20:75:67:6f:fe:
d2:6c:0e:e6:03:aa:55:f8:69:f1:2c:ba:33:ee:e3:92:8b:5e:
6b:3a:a6:8f:6b:50:e9:97:03:b8:07:3b:0f:6a:8f:d0:d9:11:
3e:cb:c8:c2:fc:ec:25:7f:5d:59:cc:97:29:f2:28:b9:9b:32:
61:6d:84:47:16:12:71:32:92:7e:a8:3e:cf:62:bf:5d:88:11:
df:b6:a4:5f:15:68:96:20:c7:06:a1:9d:2b:59:48:09:d9:66:
55:3c:55:36:8a:21:84:41:1b:1b:69:9e:bf:4f:9d:9d:89:c1:
db:93:1c:48:0e:4d:16:e5:fe:dc:4d:d1:88:53:85:df:da:a1:
f4:a3:34:15:69:c0:f5:c2:9c:bc:a6:e6:7d:52:fa:12:32:40:
6d:b9:55:34:94:0c:7b:71:e7:8d:ac:e7:09:73:01:fd:33:99:
70:83:df:7a:37:fb:c1:0f:d9:ea:f3:52:a5:47:a9:d8:30:59:
43:33:5c:76:af:87:04:16:ab:d8:13:9e:74:90:8b:47:64:dd:
58:7f:09:56:14:d3:45:1d:b9:1e:7a:52:56:07:aa:bb:a1:1a:
62:ac:2c:3f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUYHGGpT8WOYihFwD6FUQL9cji/XYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDEwNzUyNTRaFw0yNjA3MzEwNzU3NTRaMDMxMTAvBgNV
BAMTKDI1RUUwOTM1QzY4NDUwMUJFOTc5N0I5RTQyNzZFRkYyRjgyMTEwOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx/tUAfGwAKft4cytnJOYZeULa
Dn9NxhzgRiSjmmYu9pHZfq/8lApcC88QXhtUJbd6rhbvn1CLwqULP7R5jcn1TtdP
EaQO/VBnwmpcfWVTg4DhLVz0I6L2kC9O5Dw3jV07g/rtcGaa3pzqyGkS3soNq1Ba
R8sx5vGApzEwIOAgTfROngahyH5owKgiP6oimMkG9b256BFPSBKA17rV9x+nVhCM
D7zdCHL+y2RJ+GNGLoVVPel39DKYVl8glx4dzSGe4DJpcZbcdDEG8P6HA+pMgo8w
vI/WwROYwR9ovjzfGgvBJoMWWmJ9vygIOHxOZZQzlHUZDc/7qJsqu/y9qGGxAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUJe4JNcaEUBvpeXueQnbv8vghEJswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzkzOTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkd9D
AwQAkmcdAwQAlIesAwQAm3XZAwQAp5SjMA0GCSqGSIb3DQEBCwUAA4IBAQCZF8gx
cNLNobeJ6TsBjpyqffZwB106i7Ej3QMRvJL9IHVnb/7SbA7mA6pV+GnxLLoz7uOS
i15rOqaPa1DplwO4BzsPao/Q2RE+y8jC/Owlf11ZzJcp8ii5mzJhbYRHFhJxMpJ+
qD7PYr9diBHftqRfFWiWIMcGoZ0rWUgJ2WZVPFU2iiGEQRsbaZ6/T52dicHbkxxI
Dk0W5f7cTdGIU4Xf2qH0ozQVacD1wpy8puZ9UvoSMkBtuVU0lAx7ceeNrOcJcwH9
M5lwg996N/vBD9nq81KlR6nYMFlDM1x2r4cEFqvYE550kItHZN1YfwlWFNNFHbke
elJWB6q7oRpirCw/
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:42:40 2025 by rpki-client