Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS197537.roa
File: AS197537.roa (raw, json)
Hash identifier: LPJjsaZJO3QJhXLGmDTEppvkDHXGvTXKkjjBnpcCdBI=
Subject key identifier: DF:8E:BD:31:C7:61:0A:F3:E4:70:2E:EC:67:8E:02:12:71:D2:E3:7B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 142FAB66D2270FE30C3CECD24B8F3A98D6B94EF3
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS197537.roa
Signing time: Sat 03 May 2025 00:01:58 +0000
ROA not before: Fri 02 May 2025 23:56:58 +0000
ROA not after: Sat 02 May 2026 00:01:58 +0000
asID: 197537
IP address blocks: 95.135.136.0/24 maxlen: 24
95.135.145.0/24 maxlen: 24
95.135.146.0/24 maxlen: 24
95.135.147.0/24 maxlen: 24
95.135.152.0/24 maxlen: 24
95.135.169.0/24 maxlen: 24
95.135.170.0/24 maxlen: 24
95.135.172.0/24 maxlen: 24
95.135.174.0/24 maxlen: 24
95.135.177.0/24 maxlen: 24
95.135.188.0/24 maxlen: 24
95.135.195.0/24 maxlen: 24
95.135.196.0/24 maxlen: 24
95.135.198.0/24 maxlen: 24
95.135.199.0/24 maxlen: 24
95.135.211.0/24 maxlen: 24
95.135.216.0/24 maxlen: 24
95.135.220.0/24 maxlen: 24
95.135.226.0/24 maxlen: 24
95.135.227.0/24 maxlen: 24
95.135.231.0/24 maxlen: 24
95.135.236.0/24 maxlen: 24
95.135.243.0/24 maxlen: 24
95.135.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:2f:ab:66:d2:27:0f:e3:0c:3c:ec:d2:4b:8f:3a:98:d6:b9:4e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 2 23:56:58 2025 GMT
Not After : May 2 00:01:58 2026 GMT
Subject: CN=DF8EBD31C7610AF3E4702EEC678E021271D2E37B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2f:fe:40:2c:b4:00:4a:61:c2:ee:7d:52:72:
0f:b6:a1:0a:c8:bf:dc:a7:47:0f:a6:34:cc:f7:a6:
c4:54:2e:ec:5f:2f:a7:53:f0:01:5e:4e:79:17:ff:
d7:06:7c:ed:52:8b:c8:f4:7f:59:9e:f5:84:a9:0d:
72:1a:89:99:49:22:34:9e:1b:f9:4c:2a:a4:64:d5:
99:12:f8:f7:3b:9b:47:ea:de:3d:a9:8f:46:ad:1c:
da:4f:d5:94:ac:2c:ae:b3:a0:51:3e:81:b8:27:ab:
75:28:c4:73:75:61:e8:13:68:a8:0d:94:ff:7b:75:
87:15:dc:a8:2d:5d:d5:dd:89:1c:c4:d8:61:fe:79:
2f:35:15:d2:fc:eb:ea:6f:0a:d2:ac:b8:67:0e:04:
ce:1f:c7:7b:a6:82:9e:cc:0a:6d:54:2c:29:34:68:
01:46:9a:fe:26:d7:c0:04:2f:18:44:92:61:75:62:
da:2e:d1:1f:9b:29:25:3e:be:fc:04:c6:a3:70:29:
5f:f1:3f:14:23:66:e4:0d:74:ca:0c:d7:c0:f8:67:
c9:d6:e0:3e:87:e3:f6:74:cc:ae:9a:13:cb:4d:6a:
e4:84:7d:41:38:b0:d3:b4:a2:ce:2c:11:d8:14:bb:
45:b2:25:76:ac:b2:fe:10:42:2d:97:4a:5d:5b:13:
27:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8E:BD:31:C7:61:0A:F3:E4:70:2E:EC:67:8E:02:12:71:D2:E3:7B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS197537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.135.136.0/24
95.135.145.0-95.135.147.255
95.135.152.0/24
95.135.169.0-95.135.170.255
95.135.172.0/24
95.135.174.0/24
95.135.177.0/24
95.135.188.0/24
95.135.195.0-95.135.196.255
95.135.198.0/23
95.135.211.0/24
95.135.216.0/24
95.135.220.0/24
95.135.226.0/23
95.135.231.0/24
95.135.236.0/24
95.135.243.0/24
95.135.247.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:91:01:ae:9b:a1:53:7d:5b:b6:b6:6b:b9:64:7b:f9:5a:91:
b5:0e:74:19:8d:53:3e:7e:a4:db:95:cc:a2:fc:11:ac:0d:4b:
0f:e4:ed:bd:82:c3:7b:c1:c7:b2:36:1f:1c:74:9f:38:1b:61:
2d:80:ef:a1:b9:48:cb:9e:1b:ff:0b:b6:6d:ea:e9:e0:42:21:
01:6b:ef:f9:01:30:59:27:b4:ca:d7:d6:41:c9:a2:cc:19:f4:
e2:f1:b8:04:d8:ac:4d:cc:2b:fc:4f:d2:e1:3a:50:cd:25:9b:
46:84:2d:67:ae:c3:1e:a0:b2:d5:c9:80:c5:3c:13:0c:a6:ea:
27:ad:d3:f5:fa:7d:70:fd:80:65:d9:40:3b:b9:ae:c0:c0:a0:
54:47:1a:c4:e5:b9:72:a1:57:ac:ef:9e:4f:6d:48:57:91:8c:
29:89:76:71:d7:ac:37:fc:de:5c:ef:3d:70:af:10:49:ae:c5:
28:fe:6b:7c:81:f8:95:46:f1:ba:e6:44:7e:ba:98:1a:85:a4:
ae:d1:b0:e0:a9:26:ae:9d:67:ac:fd:3d:cd:c7:b7:6d:fb:3f:
fe:76:67:21:65:37:92:09:6f:c0:00:c7:00:2d:eb:ff:0c:37:
40:67:f9:7d:73:12:a4:95:60:5c:8d:4d:ed:56:d8:5d:13:94:
9e:e5:9d:98
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIUFC+rZtInD+MMPOzSS486mNa5TvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MDIyMzU2NThaFw0yNjA1MDIwMDAxNThaMDMxMTAvBgNV
BAMTKERGOEVCRDMxQzc2MTBBRjNFNDcwMkVFQzY3OEUwMjEyNzFEMkUzN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqL/5ALLQASmHC7n1Scg+2oQrI
v9ynRw+mNMz3psRULuxfL6dT8AFeTnkX/9cGfO1Si8j0f1me9YSpDXIaiZlJIjSe
G/lMKqRk1ZkS+Pc7m0fq3j2pj0atHNpP1ZSsLK6zoFE+gbgnq3UoxHN1YegTaKgN
lP97dYcV3KgtXdXdiRzE2GH+eS81FdL86+pvCtKsuGcOBM4fx3umgp7MCm1ULCk0
aAFGmv4m18AELxhEkmF1Ytou0R+bKSU+vvwExqNwKV/xPxQjZuQNdMoM18D4Z8nW
4D6H4/Z0zK6aE8tNauSEfUE4sNO0os4sEdgUu0WyJXassv4QQi2XSl1bEyd/AgMB
AAGjggKNMIICiTAdBgNVHQ4EFgQU3469McdhCvPkcC7sZ44CEnHS43swHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTk3NTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQD
BABfh4gwDAMEAF+HkQMEAl+HkAMEAF+HmDAMAwQAX4epAwQAX4eqAwQAX4esAwQA
X4euAwQAX4exAwQAX4e8MAwDBABfh8MDBABfh8QDBAFfh8YDBABfh9MDBABfh9gD
BABfh9wDBAFfh+IDBABfh+cDBABfh+wDBABfh/MDBABfh/cwDQYJKoZIhvcNAQEL
BQADggEBAEyRAa6boVN9W7a2a7lke/lakbUOdBmNUz5+pNuVzKL8EawNSw/k7b2C
w3vBx7I2Hxx0nzgbYS2A76G5SMueG/8Ltm3q6eBCIQFr7/kBMFkntMrX1kHJoswZ
9OLxuATYrE3MK/xP0uE6UM0lm0aELWeuwx6gstXJgMU8Ewym6iet0/X6fXD9gGXZ
QDu5rsDAoFRHGsTluXKhV6zvnk9tSFeRjCmJdnHXrDf83lzvPXCvEEmuxSj+a3yB
+JVG8brmRH66mBqFpK7RsOCpJq6dZ6z9Pc3Ht237P/52ZyFlN5IJb8AAxwAt6/8M
N0Bn+X1zEqSVYFyNTe1W2F0TlJ7lnZg=
-----END CERTIFICATE-----
Generated at Mon May 5 23:36:46 2025 by rpki-client