Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS136501.roa
File: AS136501.roa (raw, json)
Hash identifier: NDAAOLbU4vq+r3Ygp2uuHhmcrzURrnohFFST5o7lrvk=
Subject key identifier: 01:D0:91:D7:A9:B2:E5:B0:80:E4:44:28:BF:41:EA:2A:24:D1:31:03
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1948E3F620353EAB4C4B8E3E25AC52390FC984AF
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS136501.roa
Signing time: Tue 24 Jun 2025 00:00:43 +0000
ROA not before: Mon 23 Jun 2025 23:55:43 +0000
ROA not after: Tue 23 Jun 2026 00:00:43 +0000
asID: 136501
IP address blocks: 95.134.6.0/24 maxlen: 24
95.134.200.0/24 maxlen: 24
95.134.207.0/24 maxlen: 24
95.134.214.0/24 maxlen: 24
95.134.215.0/24 maxlen: 24
95.134.222.0/24 maxlen: 24
95.135.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:48:e3:f6:20:35:3e:ab:4c:4b:8e:3e:25:ac:52:39:0f:c9:84:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 23 23:55:43 2025 GMT
Not After : Jun 23 00:00:43 2026 GMT
Subject: CN=01D091D7A9B2E5B080E44428BF41EA2A24D13103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:85:3a:59:2e:f0:71:1e:bb:0e:c7:ad:3c:ed:
7b:cc:ce:25:b0:3a:35:29:52:01:ec:ef:35:00:76:
4d:24:24:90:79:2e:c0:2b:11:dd:ee:64:be:78:e9:
7b:cf:98:55:22:92:ed:7e:43:72:2f:28:89:68:4f:
16:b8:d0:49:0e:b6:c6:5a:7f:f4:18:38:ba:a5:ab:
a0:21:f9:f6:5d:77:85:6a:60:5d:88:a9:b7:aa:a4:
e0:db:4a:ae:73:66:a8:61:9e:af:84:79:d3:53:fc:
e1:dc:a3:74:27:7d:65:ea:97:24:4e:7d:c5:a7:9d:
89:86:f8:e5:cc:f7:33:04:4f:4d:55:35:64:d2:cc:
68:18:2a:2b:8a:16:9b:fc:de:52:39:d7:78:74:c5:
b7:3a:d1:8a:dd:b1:50:c9:29:96:11:d0:41:e0:99:
e2:de:97:31:67:cb:26:ab:e2:ec:c5:0f:83:af:f0:
77:36:a4:0e:18:4b:bb:59:00:f9:84:a3:18:42:7e:
07:7f:8d:65:05:ed:21:98:32:97:f3:84:4e:c0:52:
3a:55:2e:eb:aa:27:fe:07:4f:e6:b0:99:87:0f:43:
6d:2c:aa:2c:2c:11:33:dc:63:2e:7f:fb:d2:fe:a4:
e2:15:91:79:4a:88:14:19:e1:59:f5:19:39:6a:a0:
99:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D0:91:D7:A9:B2:E5:B0:80:E4:44:28:BF:41:EA:2A:24:D1:31:03
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS136501.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.6.0/24
95.134.200.0/24
95.134.207.0/24
95.134.214.0/23
95.134.222.0/24
95.135.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:9f:80:90:0d:e8:76:29:f3:d7:de:82:40:76:5a:c2:c1:9a:
81:9f:3f:3f:d7:df:d6:9b:f3:b7:9c:55:77:03:f5:9e:0e:c5:
4a:5a:a1:98:03:f6:68:74:7c:7d:86:ec:42:0e:e8:ee:b3:91:
6c:6b:68:6e:db:90:14:98:0e:64:d1:02:10:9b:c5:0f:6b:3f:
1d:90:57:9c:c5:4e:8d:f5:11:8d:ab:bd:a3:f8:19:6f:f0:51:
c8:3d:70:3a:0a:ed:fb:b3:ac:d2:8b:9c:9a:24:38:ac:35:d5:
b7:c9:b7:cb:e7:4f:40:77:47:c4:fe:c0:19:74:4b:4d:f6:40:
8e:54:c7:e7:77:bc:29:0b:12:6a:9d:26:dc:dc:fa:ba:4a:8d:
25:ac:c9:e2:58:bd:87:de:91:db:8e:da:1e:88:e7:8e:2a:b4:
77:68:58:b7:40:6f:d9:5d:20:c9:03:4d:3d:b8:86:a3:41:b1:
53:66:82:2f:d7:90:a6:c9:67:f9:2b:4f:2e:5d:7b:25:e9:8d:
98:7d:74:07:d9:c5:d4:4c:71:94:e7:50:29:cf:94:4f:28:2f:
ca:8f:84:6c:ec:5c:92:ec:cf:1e:9b:25:d3:f5:d8:6f:d7:d8:
5d:60:cd:75:1d:c8:10:8a:b6:28:94:67:83:bd:dc:f9:04:67:
e8:b0:ac:7e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUGUjj9iA1PqtMS44+JaxSOQ/JhK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MjMyMzU1NDNaFw0yNjA2MjMwMDAwNDNaMDMxMTAvBgNV
BAMTKDAxRDA5MUQ3QTlCMkU1QjA4MEU0NDQyOEJGNDFFQTJBMjREMTMxMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXhTpZLvBxHrsOx6087XvMziWw
OjUpUgHs7zUAdk0kJJB5LsArEd3uZL546XvPmFUiku1+Q3IvKIloTxa40EkOtsZa
f/QYOLqlq6Ah+fZdd4VqYF2IqbeqpODbSq5zZqhhnq+EedNT/OHco3QnfWXqlyRO
fcWnnYmG+OXM9zMET01VNWTSzGgYKiuKFpv83lI513h0xbc60YrdsVDJKZYR0EHg
meLelzFnyyar4uzFD4Ov8Hc2pA4YS7tZAPmEoxhCfgd/jWUF7SGYMpfzhE7AUjpV
LuuqJ/4HT+awmYcPQ20sqiwsETPcYy5/+9L+pOIVkXlKiBQZ4Vn1GTlqoJk1AgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUAdCR16my5bCA5EQov0HqKiTRMQMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM2NTAxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX4YG
AwQAX4bIAwQAX4bPAwQBX4bWAwQAX4beAwQAX4coMA0GCSqGSIb3DQEBCwUAA4IB
AQBan4CQDeh2KfPX3oJAdlrCwZqBnz8/19/Wm/O3nFV3A/WeDsVKWqGYA/ZodHx9
huxCDujus5Fsa2hu25AUmA5k0QIQm8UPaz8dkFecxU6N9RGNq72j+Blv8FHIPXA6
Cu37s6zSi5yaJDisNdW3ybfL509Ad0fE/sAZdEtN9kCOVMfnd7wpCxJqnSbc3Pq6
So0lrMniWL2H3pHbjtoeiOeOKrR3aFi3QG/ZXSDJA009uIajQbFTZoIv15CmyWf5
K08uXXsl6Y2YfXQH2cXUTHGU51Apz5RPKC/Kj4Rs7FyS7M8emyXT9dhv19hdYM11
HcgQirYolGeDvdz5BGfosKx+
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:30 2025 by rpki-client