Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS204535.roa
File: AS204535.roa (raw, json)
Hash identifier: amFgZ8AmvQRxmmKBj7gtHYst/MgFh992YUnEEv+WDdc=
Subject key identifier: B4:5B:5D:A8:DC:E7:03:56:49:A6:C4:A7:EE:53:D9:4F:7F:F0:F0:5E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 67C9005595FE3569326C148948BED298221E9366
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS204535.roa
Signing time: Fri 08 May 2026 12:51:27 +0000
ROA not before: Fri 08 May 2026 12:46:27 +0000
ROA not after: Fri 07 May 2027 12:51:27 +0000
asID: 204535
IP address blocks: 46.203.37.0/24 maxlen: 24
91.124.24.0/24 maxlen: 24
178.94.182.0/24 maxlen: 24
178.95.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:c9:00:55:95:fe:35:69:32:6c:14:89:48:be:d2:98:22:1e:93:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 8 12:46:27 2026 GMT
Not After : May 7 12:51:27 2027 GMT
Subject: CN=B45B5DA8DCE7035649A6C4A7EE53D94F7FF0F05E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8c:bb:fa:c3:2c:89:cf:7e:a3:25:d5:34:e4:
bd:37:f2:ef:28:a3:85:9b:41:a5:94:9d:e7:04:8f:
2c:81:27:b0:92:1f:fc:19:09:14:eb:89:25:33:29:
65:f9:9b:9b:e9:f4:05:31:30:a3:a7:c7:fc:b3:1f:
af:4c:28:85:fb:31:d7:39:21:b6:78:2e:43:d3:29:
fa:61:2c:aa:8f:4f:2e:97:f5:b4:bc:18:cf:90:ef:
ae:fb:72:98:83:f1:27:80:9e:b3:ad:fa:0a:36:90:
d6:06:36:8a:47:0a:0d:89:73:a5:17:5a:f5:8c:79:
46:b5:4c:57:3c:ab:4f:b1:33:db:63:b1:c5:33:2a:
35:8f:fe:3d:30:fc:24:69:2e:6e:86:59:34:fe:2a:
5b:48:56:87:7a:fb:c7:b2:b4:a4:19:37:77:7d:c8:
1c:c3:7a:9a:90:c6:ed:eb:b3:24:79:60:a3:a5:7f:
d9:9a:6f:ae:72:53:73:6e:21:3e:e9:f8:ac:e0:90:
b2:89:dc:76:8c:85:8e:9a:3f:92:54:54:22:0d:a0:
e2:ae:d3:bd:8c:3d:b2:8a:d8:e8:9f:07:32:31:23:
08:2f:a8:08:f4:57:46:7a:93:88:43:1a:52:d6:da:
da:d6:64:f7:1f:83:d4:54:9c:f1:0e:d9:50:a9:46:
99:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:5B:5D:A8:DC:E7:03:56:49:A6:C4:A7:EE:53:D9:4F:7F:F0:F0:5E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS204535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.37.0/24
91.124.24.0/24
178.94.182.0/24
178.95.7.0/24
Signature Algorithm: sha256WithRSAEncryption
72:a1:ec:f0:f8:d3:60:64:b0:02:2c:16:b0:ec:96:f4:65:34:
5e:7a:62:a4:16:2b:60:ed:70:b0:84:5b:68:e0:85:96:12:af:
5d:06:71:8e:b5:59:2d:b3:50:5c:f8:ea:99:0c:2c:64:4e:a8:
03:ed:d7:cd:82:5c:8d:80:61:a6:f9:04:cc:60:f5:47:5a:0d:
b5:c2:e7:dd:fe:62:5c:72:ee:08:a2:af:06:dc:85:10:27:dc:
3c:2b:ba:2b:42:49:9e:b6:9c:67:32:e8:ce:19:ce:fd:d3:51:
8e:ae:76:a3:02:8f:1b:01:bb:54:35:a7:4b:33:56:2c:b1:34:
c7:f4:90:22:9c:b7:13:30:1a:d2:8f:6d:18:1a:80:da:24:e3:
6f:a2:b4:7b:e4:91:6e:d6:9c:de:de:9a:b7:04:68:57:03:af:
73:75:a6:70:b3:c8:11:58:d8:90:63:b7:69:5f:8a:16:d3:54:
23:c9:20:5a:e3:7b:5e:80:9a:1f:33:a4:af:e7:80:ed:27:f7:
34:69:b2:7f:ea:31:48:53:33:6c:d7:5a:f4:f8:2b:76:81:5c:
63:77:64:45:9a:9b:9a:26:b9:e5:fe:76:6e:cc:c2:ea:df:8e:
1c:36:5b:12:24:50:9b:9e:9a:43:4d:10:d6:6e:93:82:8e:3f:
95:e7:62:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUZ8kAVZX+NWkybBSJSL7SmCIek2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MDgxMjQ2MjdaFw0yNzA1MDcxMjUxMjdaMDMxMTAvBgNV
BAMTKEI0NUI1REE4RENFNzAzNTY0OUE2QzRBN0VFNTNEOTRGN0ZGMEYwNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUjLv6wyyJz36jJdU05L038u8o
o4WbQaWUnecEjyyBJ7CSH/wZCRTriSUzKWX5m5vp9AUxMKOnx/yzH69MKIX7Mdc5
IbZ4LkPTKfphLKqPTy6X9bS8GM+Q7677cpiD8SeAnrOt+go2kNYGNopHCg2Jc6UX
WvWMeUa1TFc8q0+xM9tjscUzKjWP/j0w/CRpLm6GWTT+KltIVod6+8eytKQZN3d9
yBzDepqQxu3rsyR5YKOlf9mab65yU3NuIT7p+KzgkLKJ3HaMhY6aP5JUVCINoOKu
072MPbKK2OifBzIxIwgvqAj0V0Z6k4hDGlLW2trWZPcfg9RUnPEO2VCpRpm7AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUtFtdqNznA1ZJpsSn7lPZT3/w8F4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALssl
AwQAW3wYAwQAsl62AwQAsl8HMA0GCSqGSIb3DQEBCwUAA4IBAQByoezw+NNgZLAC
LBaw7Jb0ZTReemKkFitg7XCwhFto4IWWEq9dBnGOtVkts1Bc+OqZDCxkTqgD7dfN
glyNgGGm+QTMYPVHWg21wufd/mJccu4Ioq8G3IUQJ9w8K7orQkmetpxnMujOGc79
01GOrnajAo8bAbtUNadLM1YssTTH9JAinLcTMBrSj20YGoDaJONvorR75JFu1pze
3pq3BGhXA69zdaZws8gRWNiQY7dpX4oW01QjySBa43tegJofM6Sv54DtJ/c0abJ/
6jFIUzNs11r0+Ct2gVxjd2RFmpuaJrnl/nZuzMLq344cNlsSJFCbnppDTRDWbpOC
jj+V52Kh
-----END CERTIFICATE-----
Generated at Tue May 12 23:25:09 2026 by rpki-client