Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS136501.roa
File: AS136501.roa (raw, json)
Hash identifier: 69f6xCb1d1BirOjbGAE+X752UpO8e1dfqH22fgDq9Go=
Subject key identifier: 63:2D:61:CD:EA:68:CB:27:83:89:D2:93:C1:E1:31:BB:B5:59:6F:29
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3C780D2E94A69F8E5548F651CEBA5021718092CE
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS136501.roa
Signing time: Mon 28 Apr 2025 07:58:53 +0000
ROA not before: Mon 28 Apr 2025 07:53:53 +0000
ROA not after: Mon 27 Apr 2026 07:58:53 +0000
asID: 136501
IP address blocks: 46.203.136.0/24 maxlen: 24
46.203.155.0/24 maxlen: 24
95.134.6.0/24 maxlen: 24
95.134.176.0/24 maxlen: 24
95.134.178.0/24 maxlen: 24
95.134.200.0/24 maxlen: 24
95.134.207.0/24 maxlen: 24
95.134.214.0/24 maxlen: 24
95.134.215.0/24 maxlen: 24
95.134.222.0/24 maxlen: 24
95.135.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:78:0d:2e:94:a6:9f:8e:55:48:f6:51:ce:ba:50:21:71:80:92:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 28 07:53:53 2025 GMT
Not After : Apr 27 07:58:53 2026 GMT
Subject: CN=632D61CDEA68CB278389D293C1E131BBB5596F29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7c:78:be:70:67:85:93:9a:65:16:ba:74:e3:
bb:71:b8:e4:b8:6b:a2:23:34:5f:bd:d7:a2:ee:6d:
b8:69:29:31:77:d2:b6:1a:fd:9e:20:8c:67:bf:54:
22:d8:6b:de:86:f4:67:8a:bf:d7:9e:3d:c4:0c:9b:
ee:d3:10:76:6c:19:09:81:b3:c4:76:41:14:4e:3c:
9f:e1:3b:35:9d:51:7e:8b:89:38:46:8e:4e:e8:23:
ec:5a:ab:49:36:05:f0:40:de:80:68:37:1d:41:87:
36:d8:70:97:f9:3d:35:e6:3c:c2:f1:f2:89:73:84:
e5:fc:f3:30:4f:64:15:a3:ed:67:99:c3:a9:6e:2a:
cb:cb:70:ee:69:ce:79:ab:b0:c3:20:b1:ec:52:b7:
71:7b:d2:78:ba:0a:e5:50:f4:84:28:e3:37:8f:2a:
90:ca:3a:71:31:1d:07:4a:b4:e5:d3:25:4d:2b:b1:
cf:d3:a8:e6:ab:fd:7a:6a:e6:24:bb:0f:45:ab:b4:
8e:06:ef:6c:e3:67:5a:1c:31:12:a8:3c:a4:12:f2:
44:1d:24:50:eb:02:60:36:ac:c9:29:ef:f6:63:39:
0b:39:b2:fc:94:60:15:23:db:30:b4:b7:22:0f:a2:
fc:58:a3:5d:64:ce:e8:e0:5c:2b:03:00:3f:18:7d:
dc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2D:61:CD:EA:68:CB:27:83:89:D2:93:C1:E1:31:BB:B5:59:6F:29
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS136501.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.136.0/24
46.203.155.0/24
95.134.6.0/24
95.134.176.0/24
95.134.178.0/24
95.134.200.0/24
95.134.207.0/24
95.134.214.0/23
95.134.222.0/24
95.135.40.0/24
Signature Algorithm: sha256WithRSAEncryption
47:25:4e:2e:85:bc:e0:36:70:c4:76:82:ae:2e:3e:40:c8:9b:
26:8e:0f:bf:37:65:08:97:15:ba:e2:69:80:a2:43:ee:3a:5d:
da:f8:7f:eb:8a:b2:7a:a9:cc:b0:32:b1:8c:ae:80:89:7a:4c:
57:98:10:2e:af:82:d1:61:56:0d:5d:7d:ff:c6:39:28:9b:ca:
26:7a:e8:49:84:8f:47:74:81:4c:15:15:46:41:19:d2:f8:f5:
23:58:0f:48:4d:54:56:16:c0:6b:a1:58:30:72:0a:6a:07:27:
78:a3:32:ec:76:1a:dc:81:ec:58:ca:8f:01:ad:17:c2:34:ae:
b4:49:1c:13:b7:e3:61:7d:75:41:4a:77:4a:0a:d5:0d:01:b7:
d5:80:99:7d:dc:01:74:f8:8a:bc:f9:a7:c4:ed:6c:7b:0c:fb:
7f:9e:62:07:11:3c:d9:6e:55:2a:35:42:f6:46:f9:9e:9a:2e:
f1:51:d3:cf:1e:45:12:ff:2d:d7:b4:78:32:c4:0a:32:e8:8a:
e2:ae:40:65:56:34:85:16:dd:c4:05:d0:f7:1e:d1:20:ae:d1:
bd:18:59:35:f4:e4:58:b4:15:cf:c3:d1:84:85:62:da:84:6d:
5f:2e:db:82:ee:21:90:3e:40:58:51:0f:ae:53:96:9d:82:4d:
99:70:00:db
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUPHgNLpSmn45VSPZRzrpQIXGAks4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjgwNzUzNTNaFw0yNjA0MjcwNzU4NTNaMDMxMTAvBgNV
BAMTKDYzMkQ2MUNERUE2OENCMjc4Mzg5RDI5M0MxRTEzMUJCQjU1OTZGMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCifHi+cGeFk5plFrp047txuOS4
a6IjNF+916LubbhpKTF30rYa/Z4gjGe/VCLYa96G9GeKv9eePcQMm+7TEHZsGQmB
s8R2QRROPJ/hOzWdUX6LiThGjk7oI+xaq0k2BfBA3oBoNx1BhzbYcJf5PTXmPMLx
8olzhOX88zBPZBWj7WeZw6luKsvLcO5pznmrsMMgsexSt3F70ni6CuVQ9IQo4zeP
KpDKOnExHQdKtOXTJU0rsc/TqOar/Xpq5iS7D0WrtI4G72zjZ1ocMRKoPKQS8kQd
JFDrAmA2rMkp7/ZjOQs5svyUYBUj2zC0tyIPovxYo11kzujgXCsDAD8YfdwRAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUYy1hzepoyyeDidKTweExu7VZbykwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM2NTAxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALsuI
AwQALsubAwQAX4YGAwQAX4awAwQAX4ayAwQAX4bIAwQAX4bPAwQBX4bWAwQAX4be
AwQAX4coMA0GCSqGSIb3DQEBCwUAA4IBAQBHJU4uhbzgNnDEdoKuLj5AyJsmjg+/
N2UIlxW64mmAokPuOl3a+H/rirJ6qcywMrGMroCJekxXmBAur4LRYVYNXX3/xjko
m8omeuhJhI9HdIFMFRVGQRnS+PUjWA9ITVRWFsBroVgwcgpqByd4ozLsdhrcgexY
yo8BrRfCNK60SRwTt+NhfXVBSndKCtUNAbfVgJl93AF0+Iq8+afE7Wx7DPt/nmIH
ETzZblUqNUL2Rvmemi7xUdPPHkUS/y3XtHgyxAoy6IrirkBlVjSFFt3EBdD3HtEg
rtG9GFk19ORYtBXPw9GEhWLahG1fLtuC7iGQPkBYUQ+uU5adgk2ZcADb
-----END CERTIFICATE-----
Generated at Mon May 5 23:31:35 2025 by rpki-client