Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS984.roa
File: AS984.roa (raw, json)
Hash identifier: TzCFio5pSNJLCpTHMpnIRclXT0HEgPwmRIIGij5E/4s=
Subject key identifier: 74:B8:08:9F:5C:D6:42:ED:1C:2D:3A:EA:88:3A:FC:47:9E:48:DA:76
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1E9C6D08D2787766409CCE496F5DDE3CED22CDC8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS984.roa
Signing time: Fri 31 Oct 2025 05:53:42 +0000
ROA not before: Fri 31 Oct 2025 05:48:42 +0000
ROA not after: Fri 30 Oct 2026 05:53:42 +0000
asID: 984
IP address blocks: 143.14.92.0/24 maxlen: 24
143.14.114.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
155.117.63.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.205.0/24 maxlen: 24
155.117.240.0/24 maxlen: 24
155.117.254.0/24 maxlen: 24
162.141.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:9c:6d:08:d2:78:77:66:40:9c:ce:49:6f:5d:de:3c:ed:22:cd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 31 05:48:42 2025 GMT
Not After : Oct 30 05:53:42 2026 GMT
Subject: CN=74B8089F5CD642ED1C2D3AEA883AFC479E48DA76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4c:e2:8c:6b:29:a2:c0:03:c0:70:c9:de:de:
cb:27:bf:91:b0:72:33:2f:cc:75:e0:7c:fd:32:4b:
2e:b3:08:b3:f3:47:c8:10:23:fa:bb:e1:87:1c:1c:
2b:89:ab:f7:f3:31:03:cb:47:d1:ef:9e:d0:78:1c:
ab:74:64:01:ff:9d:62:f7:4d:c9:64:ef:db:8b:bb:
a1:a1:4e:ea:11:1f:af:91:d7:5a:d9:9c:20:fa:3b:
ec:b3:a6:58:4a:fd:da:81:fa:49:06:12:79:86:f2:
3f:0d:df:53:05:0e:d4:ed:ee:48:0e:9c:db:46:99:
23:c3:52:3b:04:02:21:88:da:21:eb:78:d2:23:a5:
bd:55:9c:fe:be:c1:14:a1:be:bc:fa:d7:53:ee:d6:
b0:11:8a:b3:db:1f:8f:72:07:98:30:a2:02:b8:c9:
18:bb:aa:cf:97:a7:2b:0b:f1:1d:ea:ff:e5:2b:b1:
a3:ac:ed:01:e2:61:27:9a:f6:d6:d4:83:de:a1:7f:
98:33:ce:30:a7:4a:1c:49:8e:9a:4a:9b:1a:35:34:
ed:14:55:37:f3:3b:e4:d6:c9:12:1c:4b:e8:0f:48:
b4:55:ef:ee:d9:60:c5:28:d7:9f:8f:fe:29:24:f2:
89:51:b2:62:ab:20:aa:4a:68:97:72:3d:4a:03:3f:
e1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B8:08:9F:5C:D6:42:ED:1C:2D:3A:EA:88:3A:FC:47:9E:48:DA:76
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS984.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.92.0/24
143.14.114.0/24
148.135.193.0/24
155.117.63.0/24
155.117.186.0/24
155.117.205.0/24
155.117.240.0/24
155.117.254.0/24
162.141.36.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:5a:a7:06:5f:07:ae:39:fa:7a:c6:56:12:e4:8f:ab:c7:66:
74:93:5a:ec:e5:c3:fc:c6:3d:77:73:9a:79:55:46:80:0b:34:
f9:eb:0b:9a:be:6c:9b:55:65:39:c9:48:aa:e2:da:52:88:39:
fe:fc:e9:69:ad:4d:0c:03:9b:02:c4:da:ec:d8:36:6f:14:cb:
d4:25:a5:15:f0:7a:9e:fe:8a:14:95:93:fc:6f:a6:01:e5:35:
88:33:ca:4c:15:3c:f4:5f:2f:f2:8b:df:00:09:12:49:4c:cc:
ed:c2:ae:2e:7d:c7:c9:d6:08:dc:ec:00:f7:50:e8:1b:a6:91:
a7:4a:ce:65:29:cd:1c:fd:0d:dc:c6:1b:27:f2:11:78:05:2d:
0c:c9:c2:4c:76:44:61:24:ce:55:ea:d8:b7:bf:95:87:2d:44:
e1:5f:e2:4d:9a:18:a3:97:d4:c5:9c:75:7e:38:43:25:ee:c1:
82:de:3a:2c:c0:c6:99:cd:94:a1:23:d2:23:0f:22:63:8f:ea:
a9:90:5c:bb:72:65:dc:dc:27:f6:fa:f8:7e:ec:06:ef:4a:59:
11:67:d4:3f:3a:a6:91:aa:ae:cc:14:b5:4a:f4:d0:ce:52:34:
1c:18:0d:b9:37:44:3c:e9:ef:e0:d9:1d:80:45:26:9e:93:13:
d0:22:20:c5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUHpxtCNJ4d2ZAnM5Jb13ePO0izcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMzEwNTQ4NDJaFw0yNjEwMzAwNTUzNDJaMDMxMTAvBgNV
BAMTKDc0QjgwODlGNUNENjQyRUQxQzJEM0FFQTg4M0FGQzQ3OUU0OERBNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSTOKMaymiwAPAcMne3ssnv5Gw
cjMvzHXgfP0ySy6zCLPzR8gQI/q74YccHCuJq/fzMQPLR9HvntB4HKt0ZAH/nWL3
Tclk79uLu6GhTuoRH6+R11rZnCD6O+yzplhK/dqB+kkGEnmG8j8N31MFDtTt7kgO
nNtGmSPDUjsEAiGI2iHreNIjpb1VnP6+wRShvrz611Pu1rARirPbH49yB5gwogK4
yRi7qs+XpysL8R3q/+UrsaOs7QHiYSea9tbUg96hf5gzzjCnShxJjppKmxo1NO0U
VTfzO+TWyRIcS+gPSLRV7+7ZYMUo15+P/ikk8olRsmKrIKpKaJdyPUoDP+ElAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUdLgIn1zWQu0cLTrqiDr8R55I2nYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTg0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAjw5cAwQA
jw5yAwQAlIfBAwQAm3U/AwQAm3W6AwQAm3XNAwQAm3XwAwQAm3X+AwQAoo0kMA0G
CSqGSIb3DQEBCwUAA4IBAQB8WqcGXweuOfp6xlYS5I+rx2Z0k1rs5cP8xj13c5p5
VUaACzT56wuavmybVWU5yUiq4tpSiDn+/OlprU0MA5sCxNrs2DZvFMvUJaUV8Hqe
/ooUlZP8b6YB5TWIM8pMFTz0Xy/yi98ACRJJTMztwq4ufcfJ1gjc7AD3UOgbppGn
Ss5lKc0c/Q3cxhsn8hF4BS0MycJMdkRhJM5V6ti3v5WHLUThX+JNmhijl9TFnHV+
OEMl7sGC3joswMaZzZShI9IjDyJjj+qpkFy7cmXc3Cf2+vh+7AbvSlkRZ9Q/OqaR
qq7MFLVK9NDOUjQcGA25N0Q86e/g2R2ARSaekxPQIiDF
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:35:18 2025 by rpki-client