Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: WUgfZRolVjKG2IfIeWNiCOP7kEn0n/tPApAzhbV4274=
Subject key identifier: B1:C2:45:DE:06:CD:5D:5E:B9:50:94:4A:B6:C5:BF:80:7F:72:E3:69
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4C9ACBDB84AC32E2FDD2CE2B49A7FA0C9013F778
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
Signing time: Thu 07 May 2026 08:32:08 +0000
ROA not before: Thu 07 May 2026 08:27:08 +0000
ROA not after: Thu 06 May 2027 08:32:08 +0000
asID: 137235
IP address blocks: 95.134.40.0/24 maxlen: 24
95.134.43.0/24 maxlen: 24
95.134.127.0/24 maxlen: 24
95.134.141.0/24 maxlen: 24
178.95.4.0/24 maxlen: 24
178.95.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:9a:cb:db:84:ac:32:e2:fd:d2:ce:2b:49:a7:fa:0c:90:13:f7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 7 08:27:08 2026 GMT
Not After : May 6 08:32:08 2027 GMT
Subject: CN=B1C245DE06CD5D5EB950944AB6C5BF807F72E369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0f:86:89:bc:f6:ef:f6:ca:64:3e:9e:39:85:
f5:84:d2:e3:e0:20:92:8c:02:56:20:f6:0e:c2:86:
b2:be:73:da:6e:ab:51:1d:c8:b8:8f:ae:19:35:12:
8d:6d:b2:dc:78:8f:e0:16:1d:4b:72:1a:e0:8f:20:
16:5a:1a:89:7f:ba:07:64:12:95:cd:39:91:3d:61:
9d:6b:2d:89:14:e1:23:83:77:94:99:59:7e:68:e3:
53:34:6c:77:4b:2e:7b:e2:f1:2b:5c:b4:02:cc:99:
36:04:3b:15:52:f6:85:b6:2a:78:1f:c7:d9:69:5a:
56:0c:fa:26:fb:ad:68:27:90:bc:88:f3:86:68:6f:
a1:96:b7:9e:04:67:4d:16:88:96:ed:d4:7a:7a:6b:
3e:da:26:ea:7a:f5:49:21:08:db:a2:91:38:c2:eb:
30:f9:6e:10:fd:a8:b9:0e:95:08:80:74:25:c6:06:
e0:1c:bf:15:7b:75:e2:1d:cd:7b:47:9a:e8:03:29:
f5:5d:ac:57:9c:bb:1c:c7:ea:93:87:74:2d:29:5e:
75:d8:f6:e0:00:10:1b:44:da:60:ea:7e:a5:c9:a6:
6b:be:40:2b:99:70:f0:15:2c:18:5b:2c:d5:85:28:
07:1d:df:7c:4b:db:f7:53:43:27:fb:40:66:01:0a:
0e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C2:45:DE:06:CD:5D:5E:B9:50:94:4A:B6:C5:BF:80:7F:72:E3:69
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.40.0/24
95.134.43.0/24
95.134.127.0/24
95.134.141.0/24
178.95.4.0/24
178.95.239.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:a3:dd:c7:74:b5:53:87:20:b2:07:2f:87:19:53:6c:5f:20:
4d:1f:ce:5e:dc:bf:fd:29:95:70:ae:6f:79:58:0e:59:19:48:
4d:6d:84:e1:25:41:7c:94:95:c9:ea:11:8d:ff:52:dc:dc:83:
e0:a4:8f:61:9f:8f:bd:94:d5:c2:12:f1:24:2b:f9:d0:b5:0f:
85:2a:fc:2d:e6:61:82:df:85:93:1d:fa:a8:e0:da:3c:15:d4:
95:26:44:29:cf:18:99:cb:3e:9d:07:3e:1f:eb:54:85:c3:7e:
65:49:a0:fc:f6:bd:61:79:4f:df:8b:a5:2f:e2:e3:8d:02:14:
29:87:c4:55:8c:66:1f:fd:f4:94:19:41:61:3b:13:7e:31:86:
65:d7:c3:5a:72:6a:2d:10:1b:25:ad:f6:14:c0:aa:7a:e0:26:
6d:a6:ca:d0:e0:43:9e:dd:e8:cb:67:5a:2f:3f:57:36:b6:10:
e7:09:28:8f:1d:e2:f9:0c:aa:ed:b4:91:54:1c:da:83:bf:d2:
25:d9:ab:2b:1a:7c:92:39:30:f6:92:d0:e4:44:b9:89:24:48:
bb:d3:81:39:6d:43:d7:7d:8b:48:43:24:ea:52:fe:0f:4f:db:
ea:08:dd:55:70:0f:1e:8f:33:38:2e:db:22:3b:e7:e9:5e:f8:
f5:1b:88:62
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUTJrL24SsMuL90s4rSaf6DJAT93gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MDcwODI3MDhaFw0yNzA1MDYwODMyMDhaMDMxMTAvBgNV
BAMTKEIxQzI0NURFMDZDRDVENUVCOTUwOTQ0QUI2QzVCRjgwN0Y3MkUzNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsD4aJvPbv9spkPp45hfWE0uPg
IJKMAlYg9g7ChrK+c9puq1EdyLiPrhk1Eo1tstx4j+AWHUtyGuCPIBZaGol/ugdk
EpXNOZE9YZ1rLYkU4SODd5SZWX5o41M0bHdLLnvi8StctALMmTYEOxVS9oW2Kngf
x9lpWlYM+ib7rWgnkLyI84Zob6GWt54EZ00WiJbt1Hp6az7aJup69UkhCNuikTjC
6zD5bhD9qLkOlQiAdCXGBuAcvxV7deIdzXtHmugDKfVdrFecuxzH6pOHdC0pXnXY
9uAAEBtE2mDqfqXJpmu+QCuZcPAVLBhbLNWFKAcd33xL2/dTQyf7QGYBCg67AgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUscJF3gbNXV65UJRKtsW/gH9y42kwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX4Yo
AwQAX4YrAwQAX4Z/AwQAX4aNAwQAsl8EAwQAsl/vMA0GCSqGSIb3DQEBCwUAA4IB
AQBdo93HdLVThyCyBy+HGVNsXyBNH85e3L/9KZVwrm95WA5ZGUhNbYThJUF8lJXJ
6hGN/1Lc3IPgpI9hn4+9lNXCEvEkK/nQtQ+FKvwt5mGC34WTHfqo4No8FdSVJkQp
zxiZyz6dBz4f61SFw35lSaD89r1heU/fi6Uv4uONAhQph8RVjGYf/fSUGUFhOxN+
MYZl18NacmotEBslrfYUwKp64CZtpsrQ4EOe3ejLZ1ovP1c2thDnCSiPHeL5DKrt
tJFUHNqDv9Il2asrGnySOTD2ktDkRLmJJEi704E5bUPXfYtIQyTqUv4PT9vqCN1V
cA8ejzM4LtsiO+fpXvj1G4hi
-----END CERTIFICATE-----
Generated at Tue May 12 23:32:08 2026 by rpki-client