Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: YvqL39dWvRQw/qhshkbtrySQcYZUdk1f1T/j81592n8=
Subject key identifier: 20:82:E7:89:B4:83:06:8A:D9:2F:F8:ED:D9:4A:2A:D6:49:01:B9:B4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 030640D2DCFAE7D2673FAE32F5CE971D1123A6C6
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
Signing time: Mon 23 Mar 2026 14:32:47 +0000
ROA not before: Mon 23 Mar 2026 14:27:47 +0000
ROA not after: Mon 22 Mar 2027 14:32:47 +0000
asID: 395374
IP address blocks: 95.134.5.0/24 maxlen: 24
95.134.28.0/24 maxlen: 24
95.134.76.0/24 maxlen: 24
95.134.105.0/24 maxlen: 24
95.134.117.0/24 maxlen: 24
95.134.121.0/24 maxlen: 24
95.134.152.0/24 maxlen: 24
95.135.153.0/24 maxlen: 24
95.135.193.0/24 maxlen: 24
178.93.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:06:40:d2:dc:fa:e7:d2:67:3f:ae:32:f5:ce:97:1d:11:23:a6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 23 14:27:47 2026 GMT
Not After : Mar 22 14:32:47 2027 GMT
Subject: CN=2082E789B483068AD92FF8EDD94A2AD64901B9B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:36:c3:97:37:5c:74:29:43:3a:a2:5c:7f:
03:3e:37:d9:12:2a:8b:59:6e:5b:2d:b3:7f:bc:60:
2e:a6:57:9d:be:db:af:a6:27:b3:43:ee:eb:32:39:
e9:e4:71:fc:3e:83:41:a8:4e:67:cf:bb:e7:5a:15:
ab:38:cf:ba:0d:19:fc:0c:55:71:77:99:f7:8f:82:
6e:d7:8e:55:45:78:70:69:8a:40:2d:44:33:ae:70:
50:df:56:89:f5:21:65:86:05:bb:13:26:1b:1c:72:
cd:fc:c4:5b:74:fe:99:a2:db:89:9b:35:03:50:2d:
95:81:35:1b:60:cb:7d:b6:87:96:ce:1e:7b:79:d4:
96:d1:40:e4:b0:0b:22:87:f5:e5:88:2c:e2:84:51:
f4:59:12:cb:6c:54:f0:3b:21:c3:dc:85:94:dd:94:
09:bc:38:4c:4b:e5:16:2c:8f:80:ff:fa:6c:58:43:
4b:31:0a:0f:12:75:1a:28:7d:03:37:37:ad:29:65:
84:03:60:19:22:2a:7d:38:3c:5e:2b:cd:60:6f:d1:
c6:15:cf:ab:8d:fe:d1:79:22:19:d3:d7:ca:bf:a8:
0b:c4:b8:95:7d:e2:b0:fc:cb:ba:16:6d:80:f9:32:
f5:41:de:65:f3:d6:a3:a0:7e:e5:df:40:69:81:72:
09:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:82:E7:89:B4:83:06:8A:D9:2F:F8:ED:D9:4A:2A:D6:49:01:B9:B4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.5.0/24
95.134.28.0/24
95.134.76.0/24
95.134.105.0/24
95.134.117.0/24
95.134.121.0/24
95.134.152.0/24
95.135.153.0/24
95.135.193.0/24
178.93.128.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e5:5f:d1:e3:8d:47:b9:9d:15:8a:2c:c4:d5:d5:c3:68:8d:
b1:a9:c1:cf:e1:33:fd:c8:9c:de:8c:91:d7:50:bc:61:b8:c2:
1e:a3:6d:77:c1:45:37:88:83:78:ca:ea:bf:47:d6:fe:35:2e:
57:db:c9:14:41:d9:84:6c:d6:e2:df:d3:0d:f9:54:bb:12:b0:
26:b7:3d:7c:7e:f2:44:50:1c:98:10:af:f6:f1:f8:37:1e:d9:
58:ee:26:9f:0a:2d:ec:04:94:2b:48:07:a6:d6:bd:8f:cf:fb:
d2:4f:d1:b9:ed:a2:56:f3:79:07:5e:39:37:03:85:f6:d0:ae:
ec:41:7b:cd:00:a8:cf:24:41:b0:dd:16:4e:54:19:6f:64:4c:
d3:cb:45:77:b5:c8:c6:d3:7a:12:a1:d4:7c:80:c5:45:dc:71:
74:1b:66:1f:66:de:9e:05:22:94:71:3f:c2:ef:c9:4c:12:36:
c9:42:f6:71:e0:41:7f:aa:92:48:da:e5:a5:fd:00:f2:15:0e:
ac:9e:3a:2a:30:f6:46:53:66:8b:0b:ba:c8:4a:46:6a:7e:ff:
87:35:ea:14:f8:bb:bc:22:9b:29:aa:61:d5:7d:c4:37:77:95:
8d:74:87:81:44:56:ee:49:d7:e3:93:8e:22:2a:0e:7d:eb:14:
80:81:32:5d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUAwZA0tz659JnP64y9c6XHREjpsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMjMxNDI3NDdaFw0yNzAzMjIxNDMyNDdaMDMxMTAvBgNV
BAMTKDIwODJFNzg5QjQ4MzA2OEFEOTJGRjhFREQ5NEEyQUQ2NDkwMUI5QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDADTbDlzdcdClDOqJcfwM+N9kS
KotZblsts3+8YC6mV52+26+mJ7ND7usyOenkcfw+g0GoTmfPu+daFas4z7oNGfwM
VXF3mfePgm7XjlVFeHBpikAtRDOucFDfVon1IWWGBbsTJhsccs38xFt0/pmi24mb
NQNQLZWBNRtgy322h5bOHnt51JbRQOSwCyKH9eWILOKEUfRZEstsVPA7IcPchZTd
lAm8OExL5RYsj4D/+mxYQ0sxCg8SdRoofQM3N60pZYQDYBkiKn04PF4rzWBv0cYV
z6uN/tF5IhnT18q/qAvEuJV94rD8y7oWbYD5MvVB3mXz1qOgfuXfQGmBcgkJAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUIILnibSDBorZL/jt2Uoq1kkBubQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAX4YF
AwQAX4YcAwQAX4ZMAwQAX4ZpAwQAX4Z1AwQAX4Z5AwQAX4aYAwQAX4eZAwQAX4fB
AwQAsl2AMA0GCSqGSIb3DQEBCwUAA4IBAQBO5V/R441HuZ0ViizE1dXDaI2xqcHP
4TP9yJzejJHXULxhuMIeo213wUU3iIN4yuq/R9b+NS5X28kUQdmEbNbi39MN+VS7
ErAmtz18fvJEUByYEK/28fg3HtlY7iafCi3sBJQrSAem1r2Pz/vST9G57aJW83kH
Xjk3A4X20K7sQXvNAKjPJEGw3RZOVBlvZEzTy0V3tcjG03oSodR8gMVF3HF0G2Yf
Zt6eBSKUcT/C78lMEjbJQvZx4EF/qpJI2uWl/QDyFQ6snjoqMPZGU2aLC7rISkZq
fv+HNeoU+Lu8IpspqmHVfcQ3d5WNdIeBRFbuSdfjk44iKg596xSAgTJd
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:48:09 2026 by rpki-client