Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: lFT7W+GLTUlA168CO7IjTn63lmrmw9Stp9TiBHqnKTM=
Subject key identifier: 3B:6C:F5:98:38:65:98:44:01:0A:04:EC:2D:D6:BF:14:D4:DC:4C:79
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 77C864488500FC40B594B04EFA92630030E1F75E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa
Signing time: Fri 01 Aug 2025 07:58:44 +0000
ROA not before: Fri 01 Aug 2025 07:53:44 +0000
ROA not after: Fri 31 Jul 2026 07:58:44 +0000
asID: 395374
IP address blocks: 143.14.192.0/24 maxlen: 24
143.14.255.0/24 maxlen: 24
162.141.4.0/24 maxlen: 24
162.141.119.0/24 maxlen: 24
162.141.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:c8:64:48:85:00:fc:40:b5:94:b0:4e:fa:92:63:00:30:e1:f7:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 1 07:53:44 2025 GMT
Not After : Jul 31 07:58:44 2026 GMT
Subject: CN=3B6CF59838659844010A04EC2DD6BF14D4DC4C79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:52:b9:80:60:29:dc:8e:aa:fa:27:e6:d2:e2:
dc:f3:f5:da:41:ff:2c:d9:29:11:83:c7:86:e9:e7:
6a:77:84:39:48:93:13:62:ed:01:26:4b:72:a2:e1:
69:64:27:75:25:95:65:4e:d9:bc:f0:57:9b:19:16:
63:7e:45:b0:84:ab:52:a1:39:9a:65:c4:03:03:55:
45:0b:43:78:05:62:06:b1:69:43:a9:8b:e2:5c:c0:
06:19:27:13:04:a2:f2:99:49:af:d2:ef:f6:44:6a:
9e:1a:5c:7d:8a:52:3a:2d:4e:f2:9a:01:a4:f5:28:
33:a0:44:04:ea:1a:37:fb:c4:1a:42:97:86:53:09:
ef:8e:17:31:75:fb:b9:94:0e:7e:5f:66:be:c6:1b:
ff:91:87:b2:3d:0d:5d:47:f0:3d:09:0a:ac:bf:da:
31:05:83:62:25:f1:bc:f5:7f:e5:4f:d4:dc:dd:ab:
7f:b9:57:36:fa:f3:5f:65:44:15:a8:c2:11:0a:fa:
3d:8e:bf:41:26:25:be:62:de:60:7e:07:b8:84:27:
d0:96:4c:cc:54:c0:73:d3:5e:2a:12:73:48:9b:09:
b7:a4:39:af:97:b8:35:ac:9e:5d:6e:fa:1d:27:d8:
dc:4a:0b:96:1f:43:4b:cf:0f:ba:ba:ae:c3:9a:5e:
7e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6C:F5:98:38:65:98:44:01:0A:04:EC:2D:D6:BF:14:D4:DC:4C:79
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.192.0/24
143.14.255.0/24
162.141.4.0/24
162.141.119.0-162.141.120.255
Signature Algorithm: sha256WithRSAEncryption
5c:5a:8d:44:d0:a4:4e:0d:f5:64:dd:8d:94:05:62:4b:90:c9:
ef:1d:e0:a8:da:40:c3:c5:cc:62:7c:4a:9f:a2:87:61:93:3b:
9e:b6:67:db:7f:8a:db:2c:2f:81:5a:21:16:c4:52:cd:77:bc:
e7:63:db:04:5b:ac:0d:26:e2:20:92:28:e8:8a:87:33:3b:5a:
f2:de:32:0c:af:4c:ec:1a:b5:55:f0:3d:7b:43:6d:4e:51:53:
d2:71:e9:92:2e:e1:ae:77:3c:dc:ba:09:cf:3b:74:b9:c3:c4:
95:59:b5:01:0c:bb:0d:89:1a:96:d4:ff:99:23:0a:70:de:48:
84:82:ea:08:d3:45:28:08:06:d8:71:23:27:6e:b0:1e:7a:01:
ee:fe:80:06:32:30:e4:46:2f:94:91:4f:5d:85:a1:6c:29:94:
af:28:eb:94:bd:27:03:ff:e2:59:3a:cc:a6:02:8e:97:71:e8:
9e:dd:f2:84:95:71:22:d0:14:2d:7f:87:cb:4f:11:83:21:67:
31:d9:ec:c0:45:ea:5e:f3:6e:e3:fa:78:69:22:46:9d:16:ec:
30:22:58:01:37:34:3c:35:41:21:73:33:a7:d4:3f:0d:cf:3d:
b7:32:5a:20:cc:4e:ea:72:d6:55:1f:d1:3f:2f:2d:40:e4:8a:
ea:9c:8a:e9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUd8hkSIUA/EC1lLBO+pJjADDh914wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDEwNzUzNDRaFw0yNjA3MzEwNzU4NDRaMDMxMTAvBgNV
BAMTKDNCNkNGNTk4Mzg2NTk4NDQwMTBBMDRFQzJERDZCRjE0RDREQzRDNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeUrmAYCncjqr6J+bS4tzz9dpB
/yzZKRGDx4bp52p3hDlIkxNi7QEmS3Ki4WlkJ3UllWVO2bzwV5sZFmN+RbCEq1Kh
OZplxAMDVUULQ3gFYgaxaUOpi+JcwAYZJxMEovKZSa/S7/ZEap4aXH2KUjotTvKa
AaT1KDOgRATqGjf7xBpCl4ZTCe+OFzF1+7mUDn5fZr7GG/+Rh7I9DV1H8D0JCqy/
2jEFg2Il8bz1f+VP1Nzdq3+5Vzb6819lRBWowhEK+j2Ov0EmJb5i3mB+B7iEJ9CW
TMxUwHPTXioSc0ibCbekOa+XuDWsnl1u+h0n2NxKC5YfQ0vPD7q6rsOaXn5HAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUO2z1mDhlmEQBCgTsLda/FNTcTHkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAjw7A
AwQAjw7/AwQAoo0EMAwDBACijXcDBACijXgwDQYJKoZIhvcNAQELBQADggEBAFxa
jUTQpE4N9WTdjZQFYkuQye8d4KjaQMPFzGJ8Sp+ih2GTO562Z9t/itssL4FaIRbE
Us13vOdj2wRbrA0m4iCSKOiKhzM7WvLeMgyvTOwatVXwPXtDbU5RU9Jx6ZIu4a53
PNy6Cc87dLnDxJVZtQEMuw2JGpbU/5kjCnDeSISC6gjTRSgIBthxIydusB56Ae7+
gAYyMORGL5SRT12FoWwplK8o65S9JwP/4lk6zKYCjpdx6J7d8oSVcSLQFC1/h8tP
EYMhZzHZ7MBF6l7zbuP6eGkiRp0W7DAiWAE3NDw1QSFzM6fUPw3PPbcyWiDMTupy
1lUf0T8vLUDkiuqciuk=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:41:54 2025 by rpki-client