Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: AL6+NSW/kn1bKetFPU1lEA7rtiHs3S/Wof76N2PogTg=
Subject key identifier: A6:73:52:AF:BF:A2:BD:A7:36:E9:FC:AA:BC:E2:D1:80:34:8E:CD:07
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 251A7FA2C2E06A05847FFC34DA68061D5D187CA0
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
Signing time: Mon 09 Mar 2026 08:23:55 +0000
ROA not before: Mon 09 Mar 2026 08:18:55 +0000
ROA not after: Mon 08 Mar 2027 08:23:55 +0000
asID: 137235
IP address blocks: 95.134.40.0/24 maxlen: 24
95.134.43.0/24 maxlen: 24
95.134.127.0/24 maxlen: 24
95.134.141.0/24 maxlen: 24
178.92.135.0/24 maxlen: 24
178.95.4.0/24 maxlen: 24
178.95.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:1a:7f:a2:c2:e0:6a:05:84:7f:fc:34:da:68:06:1d:5d:18:7c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 9 08:18:55 2026 GMT
Not After : Mar 8 08:23:55 2027 GMT
Subject: CN=A67352AFBFA2BDA736E9FCAABCE2D180348ECD07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:28:5f:8a:af:44:6b:81:f9:a9:84:4b:33:53:
df:d1:ba:cd:7f:19:39:7f:a1:39:3d:3d:58:b7:3d:
8a:98:b6:01:c8:d4:f5:2f:90:11:b4:24:ab:f8:36:
a2:cd:07:88:57:c8:8f:4e:ee:43:5e:0a:b7:28:cc:
0a:05:86:31:7c:65:50:54:d4:40:b8:d0:ec:87:f3:
96:da:bf:04:e0:67:fa:2c:66:38:74:d1:5d:60:72:
e4:67:5b:8d:98:87:d8:c1:f4:5d:3e:8c:7a:51:9a:
d3:19:d7:83:4e:4f:51:67:f0:f9:f8:a6:f3:02:16:
94:a3:2c:eb:02:33:e5:2f:fa:5b:12:4a:49:dc:40:
6a:4d:ca:5d:93:33:b4:ee:85:5a:38:a0:b2:0b:e2:
4b:29:5b:e8:0c:bb:f9:eb:b9:f6:94:a5:53:f3:a1:
ce:fb:5f:2c:b4:9e:9c:15:e0:49:0c:aa:43:f6:1f:
f0:c5:98:ed:e1:5a:9f:e3:a5:3b:15:d6:ee:76:01:
d7:fc:bb:80:39:b1:a9:b3:14:c7:90:f5:d8:fc:05:
d9:c4:dd:c7:8a:81:79:52:7f:1f:e0:96:08:4e:12:
2c:5b:a0:dc:7f:92:bb:a7:ca:52:12:b3:ce:45:f7:
c8:d9:71:a7:fd:c7:56:18:bb:fc:e8:1c:86:11:b2:
ad:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:73:52:AF:BF:A2:BD:A7:36:E9:FC:AA:BC:E2:D1:80:34:8E:CD:07
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.40.0/24
95.134.43.0/24
95.134.127.0/24
95.134.141.0/24
178.92.135.0/24
178.95.4.0/24
178.95.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:c1:03:9e:15:14:74:c6:b8:e9:5f:ae:ef:2a:c2:cc:86:f5:
88:de:58:ce:e7:74:5b:19:f5:22:5f:fc:ba:bf:e6:29:0b:22:
7e:5b:e6:b4:26:b7:44:84:ad:7d:05:42:78:06:09:51:a7:85:
bf:da:d8:25:54:7b:b5:c0:f4:4c:71:ca:12:50:d8:e6:55:e6:
d6:b6:3c:92:d2:0a:25:69:11:0a:df:67:e8:93:30:b4:10:fc:
84:87:e5:4d:e0:3c:cc:75:30:c2:8b:f6:10:5f:cb:94:fe:32:
c3:e5:4f:67:bf:e9:f6:e2:24:3b:6d:1f:d7:61:c8:c1:c7:6d:
14:4f:44:e3:07:4a:ec:3e:12:ea:5e:92:8f:e0:42:c7:ff:c4:
b5:3b:01:0f:6e:95:c3:56:e9:00:1f:a7:39:5c:ef:af:7b:d6:
19:6c:bd:09:31:c2:73:c0:6b:c9:38:7a:7e:5d:b3:f4:f2:db:
3f:c9:d7:ea:a4:cb:6a:6e:ee:97:15:de:9a:8a:f2:59:d5:17:
e4:a3:36:63:11:26:e9:fd:4c:e5:71:7b:0d:bf:64:de:07:68:
66:a3:93:17:3e:4b:29:0c:15:42:fb:3d:98:b4:1c:a7:bb:8f:
34:fa:00:13:a7:f7:8d:4f:13:1a:db:cf:a3:32:02:05:ca:c7:
a6:51:59:23
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUJRp/osLgagWEf/w02mgGHV0YfKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMDkwODE4NTVaFw0yNzAzMDgwODIzNTVaMDMxMTAvBgNV
BAMTKEE2NzM1MkFGQkZBMkJEQTczNkU5RkNBQUJDRTJEMTgwMzQ4RUNEMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLKF+Kr0RrgfmphEszU9/Rus1/
GTl/oTk9PVi3PYqYtgHI1PUvkBG0JKv4NqLNB4hXyI9O7kNeCrcozAoFhjF8ZVBU
1EC40OyH85bavwTgZ/osZjh00V1gcuRnW42Yh9jB9F0+jHpRmtMZ14NOT1Fn8Pn4
pvMCFpSjLOsCM+Uv+lsSSkncQGpNyl2TM7TuhVo4oLIL4kspW+gMu/nrufaUpVPz
oc77Xyy0npwV4EkMqkP2H/DFmO3hWp/jpTsV1u52Adf8u4A5samzFMeQ9dj8BdnE
3ceKgXlSfx/glghOEixboNx/krunylISs85F98jZcaf9x1YYu/zoHIYRsq2dAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUpnNSr7+ivac26fyqvOLRgDSOzQcwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAX4Yo
AwQAX4YrAwQAX4Z/AwQAX4aNAwQAslyHAwQAsl8EAwQAsl/vMA0GCSqGSIb3DQEB
CwUAA4IBAQClwQOeFRR0xrjpX67vKsLMhvWI3ljO53RbGfUiX/y6v+YpCyJ+W+a0
JrdEhK19BUJ4BglRp4W/2tglVHu1wPRMccoSUNjmVebWtjyS0golaREK32fokzC0
EPyEh+VN4DzMdTDCi/YQX8uU/jLD5U9nv+n24iQ7bR/XYcjBx20UT0TjB0rsPhLq
XpKP4ELH/8S1OwEPbpXDVukAH6c5XO+ve9YZbL0JMcJzwGvJOHp+XbP08ts/ydfq
pMtqbu6XFd6aivJZ1RfkozZjESbp/UzlcXsNv2TeB2hmo5MXPkspDBVC+z2YtByn
u480+gATp/eNTxMa28+jMgIFysemUVkj
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:48:00 2026 by rpki-client