Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS393942.roa
File: AS393942.roa (raw, json)
Hash identifier: s4cEVMAzf17QQT4RBDabHeH++IppaEi2GJAgl88R6hA=
Subject key identifier: DA:A3:D6:45:EE:09:86:85:E6:1D:55:81:CA:AF:5D:3B:3D:44:4A:BD
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 249D6D550E76D8F0689A2275722C81ABAD4BB21D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS393942.roa
Signing time: Tue 24 Mar 2026 13:16:09 +0000
ROA not before: Tue 24 Mar 2026 13:11:09 +0000
ROA not after: Tue 23 Mar 2027 13:16:09 +0000
asID: 393942
IP address blocks: 95.134.23.0/24 maxlen: 24
95.134.70.0/24 maxlen: 24
95.135.50.0/24 maxlen: 24
95.135.135.0/24 maxlen: 24
95.135.179.0/24 maxlen: 24
178.92.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:9d:6d:55:0e:76:d8:f0:68:9a:22:75:72:2c:81:ab:ad:4b:b2:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 24 13:11:09 2026 GMT
Not After : Mar 23 13:16:09 2027 GMT
Subject: CN=DAA3D645EE098685E61D5581CAAF5D3B3D444ABD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bb:71:7f:aa:a8:2e:02:b3:fd:e6:f7:66:35:
f9:36:eb:d6:18:d4:c9:33:c7:4b:5d:9a:ba:f1:6b:
11:97:0c:23:bd:69:39:ed:f0:26:1e:3d:1c:53:4e:
d8:73:1f:91:9f:3a:49:d1:f9:fb:ac:df:2d:0c:0c:
03:c9:4a:5e:a7:25:83:7b:de:a4:aa:80:23:f7:b5:
64:f3:e9:9d:97:5d:ad:b1:de:3f:9c:51:36:a2:4d:
80:5e:d3:8b:d4:50:1b:31:e7:98:e8:cc:a6:ca:5a:
95:1e:25:a3:15:a5:d9:54:2f:e3:f1:ed:7c:a7:67:
3f:58:77:38:5e:02:de:2c:cf:a0:71:a5:0f:7e:1b:
ba:d3:39:b3:56:dd:1b:59:7e:13:17:b1:23:dd:7f:
27:c5:1c:fe:5b:59:a6:57:49:1d:72:f6:4a:77:91:
b5:c2:bb:a0:5c:c9:b3:b3:be:c7:d6:2d:df:f8:90:
f1:14:5c:35:7e:fb:89:a8:f8:d6:0a:37:38:31:b4:
ec:7d:c4:4e:ab:41:80:2e:d1:fc:25:27:ec:cc:9f:
1d:23:e2:62:e2:8f:c5:53:ec:27:38:80:74:aa:7a:
97:0d:ce:09:49:c5:8d:c2:40:b9:b3:96:bd:1d:a3:
36:a4:e7:3e:40:65:d7:48:5b:4c:11:df:4a:5f:75:
f9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A3:D6:45:EE:09:86:85:E6:1D:55:81:CA:AF:5D:3B:3D:44:4A:BD
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS393942.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.23.0/24
95.134.70.0/24
95.135.50.0/24
95.135.135.0/24
95.135.179.0/24
178.92.117.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:be:2f:0d:47:67:7d:13:77:a7:11:c3:38:05:7c:ec:cf:88:
b4:ba:70:74:7a:a1:6b:fc:5b:8f:d2:f7:b6:c5:14:c2:3b:a8:
06:2d:23:90:59:01:8f:06:01:1f:b0:71:df:6b:d6:67:72:f4:
7b:cf:76:50:f1:bd:cf:99:00:d2:fd:86:64:46:ab:19:7e:78:
18:cd:eb:ce:ce:4e:c3:73:aa:91:0a:3e:c1:55:4d:8d:bb:44:
33:2f:58:af:2e:62:84:38:f7:ee:a1:c7:74:74:db:69:66:cc:
28:42:5f:51:98:5f:fa:3e:24:ff:5e:83:d5:46:ec:57:b8:3a:
67:53:33:18:b6:43:dc:8d:9b:d1:11:c9:78:c6:7c:e1:9e:77:
8c:ea:6e:9a:64:90:e4:a3:00:1f:1c:b1:3d:7e:7d:76:a0:9f:
ee:dc:3b:a7:91:d9:26:73:0c:0c:dc:a1:5c:4a:9a:eb:18:87:
b3:c0:84:75:a7:8f:73:62:91:97:a3:39:52:d0:09:57:40:53:
ac:1a:67:08:a4:6d:e3:f6:54:58:c8:7e:3b:1d:7e:39:66:91:
ce:25:e3:8c:ae:83:78:93:8d:72:d7:7f:d5:a8:14:3c:93:b6:
c1:4e:26:25:14:c8:fe:8f:9b:30:c3:7e:9f:be:9c:88:9c:d6:
2f:ff:40:ff
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUJJ1tVQ522PBomiJ1ciyBq61Lsh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMjQxMzExMDlaFw0yNzAzMjMxMzE2MDlaMDMxMTAvBgNV
BAMTKERBQTNENjQ1RUUwOTg2ODVFNjFENTU4MUNBQUY1RDNCM0Q0NDRBQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8u3F/qqguArP95vdmNfk269YY
1Mkzx0tdmrrxaxGXDCO9aTnt8CYePRxTTthzH5GfOknR+fus3y0MDAPJSl6nJYN7
3qSqgCP3tWTz6Z2XXa2x3j+cUTaiTYBe04vUUBsx55jozKbKWpUeJaMVpdlUL+Px
7XynZz9YdzheAt4sz6BxpQ9+G7rTObNW3RtZfhMXsSPdfyfFHP5bWaZXSR1y9kp3
kbXCu6BcybOzvsfWLd/4kPEUXDV++4mo+NYKNzgxtOx9xE6rQYAu0fwlJ+zMnx0j
4mLij8VT7Cc4gHSqepcNzglJxY3CQLmzlr0dozak5z5AZddIW0wR30pfdflhAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQU2qPWRe4JhoXmHVWByq9dOz1ESr0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzkzOTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX4YX
AwQAX4ZGAwQAX4cyAwQAX4eHAwQAX4ezAwQAslx1MA0GCSqGSIb3DQEBCwUAA4IB
AQANvi8NR2d9E3enEcM4BXzsz4i0unB0eqFr/FuP0ve2xRTCO6gGLSOQWQGPBgEf
sHHfa9ZncvR7z3ZQ8b3PmQDS/YZkRqsZfngYzevOzk7Dc6qRCj7BVU2Nu0QzL1iv
LmKEOPfuocd0dNtpZswoQl9RmF/6PiT/XoPVRuxXuDpnUzMYtkPcjZvREcl4xnzh
nneM6m6aZJDkowAfHLE9fn12oJ/u3DunkdkmcwwM3KFcSprrGIezwIR1p49zYpGX
ozlS0AlXQFOsGmcIpG3j9lRYyH47HX45ZpHOJeOMroN4k41y13/VqBQ8k7bBTiYl
FMj+j5sww36fvpyInNYv/0D/
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:48:08 2026 by rpki-client