Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: t8umibgXuOjHy17PbcMTZA4GZAnKcmVdDsl42uiJa88=
Subject key identifier: 3B:B6:FA:D6:52:DC:93:F9:9D:5D:14:88:01:D3:1F:98:01:5B:7B:77
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 07DA79170B7CEB11BBDAA4E4B75D530FF70801AD
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS395374.roa
Signing time: Sat 23 Aug 2025 00:00:04 +0000
ROA not before: Fri 22 Aug 2025 23:55:04 +0000
ROA not after: Sat 22 Aug 2026 00:00:04 +0000
asID: 395374
IP address blocks: 45.158.9.0/24 maxlen: 24
152.89.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:da:79:17:0b:7c:eb:11:bb:da:a4:e4:b7:5d:53:0f:f7:08:01:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Aug 22 23:55:04 2025 GMT
Not After : Aug 22 00:00:04 2026 GMT
Subject: CN=3BB6FAD652DC93F99D5D148801D31F98015B7B77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6d:c2:1b:4e:e1:2a:20:93:16:6b:0b:97:ba:
86:c2:fe:31:a7:2e:23:e5:3c:89:35:99:5e:10:ae:
d4:80:24:9c:34:de:c5:b0:41:37:81:69:6c:5f:f9:
3a:0a:bf:22:32:5b:0e:a9:77:a1:57:d9:8a:be:21:
4d:31:1f:ef:25:8e:ef:e8:49:29:05:66:b0:a3:47:
f5:28:21:0f:20:a5:74:2b:52:6f:b7:c2:3f:f1:d3:
9b:19:59:c6:f5:c0:44:e2:dc:7f:d2:10:1a:86:db:
15:b6:4e:56:82:00:45:65:43:90:d8:ae:04:2a:e3:
7c:7f:a5:e1:7c:1b:8d:69:0f:0e:1e:d5:68:86:cf:
c5:c6:b7:c8:b6:91:22:03:f7:59:b9:d1:fc:3a:dc:
a8:fa:f2:c2:47:5e:f5:b7:90:b8:03:f9:d3:26:af:
ce:ba:aa:1f:d7:a6:2e:62:55:52:d3:8d:7a:59:13:
45:2d:35:68:75:0d:06:ef:68:a9:42:48:b1:1b:5c:
dc:f9:f3:f7:dd:55:2c:29:23:b5:87:71:02:f3:3a:
4b:57:8c:56:91:f6:b1:d2:cf:78:c4:07:45:38:ca:
67:b6:89:f7:16:bd:45:05:b5:7a:5f:1e:ba:60:90:
f2:7a:69:e8:d1:7e:5f:af:c7:83:e1:c7:81:12:6d:
97:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B6:FA:D6:52:DC:93:F9:9D:5D:14:88:01:D3:1F:98:01:5B:7B:77
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.9.0/24
152.89.250.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:08:af:ac:9f:b1:12:9f:dc:23:ea:d5:32:b6:9f:e6:44:38:
95:eb:dc:16:d0:ea:aa:45:0a:30:4e:33:2b:e9:e4:02:ec:a2:
f0:58:9f:e3:41:11:fd:a7:ef:69:0a:0d:43:c3:26:08:40:28:
02:d6:02:5c:de:91:a0:f3:a8:b7:08:2f:8b:3c:0a:55:3e:db:
1d:ed:e0:33:36:85:c2:12:d4:03:c2:8b:0b:8d:3c:74:a1:9a:
b3:01:fa:b7:83:86:fd:47:dc:3a:91:e6:41:3b:87:9a:dc:34:
54:68:27:4a:b7:d8:84:1c:37:4c:7b:cf:60:d0:03:39:a8:dd:
1c:a0:10:9e:28:fb:8f:a6:46:de:bc:a3:38:3e:3c:9f:20:e1:
75:49:c5:f1:f6:7a:43:3a:df:5f:37:8b:d7:e2:d6:33:65:98:
87:2e:83:f2:8e:0c:5b:5d:91:1d:e9:a6:5d:ca:32:2a:da:83:
89:c5:2f:6e:08:5a:40:5d:70:aa:1b:95:94:f8:21:91:28:8f:
0c:21:35:af:e8:dc:a4:af:88:f0:64:74:db:80:fd:0c:33:03:
9e:e5:ec:dc:78:d5:cb:17:46:2d:e5:46:eb:7e:2e:c9:8f:4a:
eb:eb:b6:6b:f5:df:93:d8:a9:1c:85:21:5b:20:08:bc:6e:b8:
84:8a:85:7d
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUB9p5Fwt86xG72qTkt11TD/cIAa0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTA4MjIyMzU1MDRaFw0yNjA4MjIwMDAwMDRaMDMxMTAvBgNV
BAMTKDNCQjZGQUQ2NTJEQzkzRjk5RDVEMTQ4ODAxRDMxRjk4MDE1QjdCNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAbcIbTuEqIJMWawuXuobC/jGn
LiPlPIk1mV4QrtSAJJw03sWwQTeBaWxf+ToKvyIyWw6pd6FX2Yq+IU0xH+8lju/o
SSkFZrCjR/UoIQ8gpXQrUm+3wj/x05sZWcb1wETi3H/SEBqG2xW2TlaCAEVlQ5DY
rgQq43x/peF8G41pDw4e1WiGz8XGt8i2kSID91m50fw63Kj68sJHXvW3kLgD+dMm
r866qh/Xpi5iVVLTjXpZE0UtNWh1DQbvaKlCSLEbXNz58/fdVSwpI7WHcQLzOktX
jFaR9rHSz3jEB0U4yme2ifcWvUUFtXpfHrpgkPJ6aejRfl+vx4Phx4ESbZc9AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUO7b61lLck/mdXRSIAdMfmAFbe3cwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ4J
AwQAmFn6MA0GCSqGSIb3DQEBCwUAA4IBAQAOCK+sn7ESn9wj6tUytp/mRDiV69wW
0OqqRQowTjMr6eQC7KLwWJ/jQRH9p+9pCg1DwyYIQCgC1gJc3pGg86i3CC+LPApV
Ptsd7eAzNoXCEtQDwosLjTx0oZqzAfq3g4b9R9w6keZBO4ea3DRUaCdKt9iEHDdM
e89g0AM5qN0coBCeKPuPpkbevKM4PjyfIOF1ScXx9npDOt9fN4vX4tYzZZiHLoPy
jgxbXZEd6aZdyjIq2oOJxS9uCFpAXXCqG5WU+CGRKI8MITWv6Nykr4jwZHTbgP0M
MwOe5ezceNXLF0Yt5Ubrfi7Jj0rr67Zr9d+T2KkchSFbIAi8briEioV9
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:48:06 2025 by rpki-client