Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395793.roa
File: AS395793.roa (raw, json)
Hash identifier: PF/fi9SGMjOdPtoULh0nT1hQTStkrjQx63Pi+ruFB3k=
Subject key identifier: C4:EA:4C:AD:B2:17:8A:23:15:D7:71:4E:D2:F9:EF:B7:D5:15:CB:F7
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7448E3B4D73F360ABC84B52AF04079B4C78DF571
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395793.roa
Signing time: Thu 24 Apr 2025 10:20:07 +0000
ROA not before: Thu 24 Apr 2025 10:15:07 +0000
ROA not after: Thu 23 Apr 2026 10:20:07 +0000
asID: 395793
IP address blocks: 95.134.81.0/24 maxlen: 24
95.134.82.0/24 maxlen: 24
95.134.131.0/24 maxlen: 24
95.134.148.0/24 maxlen: 24
95.134.150.0/24 maxlen: 24
95.134.202.0/24 maxlen: 24
95.135.102.0/24 maxlen: 24
95.135.194.0/24 maxlen: 24
95.135.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:48:e3:b4:d7:3f:36:0a:bc:84:b5:2a:f0:40:79:b4:c7:8d:f5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 24 10:15:07 2025 GMT
Not After : Apr 23 10:20:07 2026 GMT
Subject: CN=C4EA4CADB2178A2315D7714ED2F9EFB7D515CBF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7f:92:9c:96:72:c4:d4:37:d2:4e:79:3d:b1:
b2:0c:bd:66:8f:f5:1a:26:63:1b:05:e4:cf:96:8d:
80:2e:26:c6:2f:55:e0:e4:13:33:02:a4:ef:6a:6e:
ab:c9:11:c9:30:47:f2:4f:13:45:af:aa:20:05:e2:
2f:f8:c0:83:ef:a6:54:e2:de:ee:0e:af:ac:be:b1:
d9:dc:59:12:83:0c:3d:73:c6:97:9d:87:57:33:8d:
90:a2:5d:45:06:91:e3:a3:2c:ed:7f:ee:a1:24:f1:
e2:a4:3f:1b:c7:46:0b:d9:d7:eb:f8:d1:74:b7:91:
47:98:cc:28:99:2d:84:70:70:a2:7c:7d:56:46:01:
70:35:fc:e8:79:d6:fb:77:00:7a:1a:98:51:c0:27:
20:09:d5:d1:a2:fb:85:73:57:a3:bf:89:d7:26:c2:
cd:e5:3e:9a:a8:75:36:fd:55:28:71:15:2b:b2:51:
7a:7e:01:02:8d:f2:21:4d:db:26:6f:8a:a2:d2:f8:
9f:0f:13:29:4b:bc:5a:4c:54:7d:92:8f:47:04:0f:
84:8c:d7:58:dd:f4:19:7e:6e:08:aa:4d:9f:72:d6:
d9:e7:6e:5e:f5:c4:02:48:a0:63:c1:d9:63:aa:a6:
73:2c:3c:82:02:56:d8:00:69:87:21:0c:4a:63:91:
e8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:EA:4C:AD:B2:17:8A:23:15:D7:71:4E:D2:F9:EF:B7:D5:15:CB:F7
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395793.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.81.0-95.134.82.255
95.134.131.0/24
95.134.148.0/24
95.134.150.0/24
95.134.202.0/24
95.135.102.0/24
95.135.194.0/24
95.135.223.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:24:a0:db:9b:1e:43:3d:4f:ef:16:3d:17:1b:7a:6b:f8:86:
ba:a4:7d:08:4b:13:86:31:16:9d:e5:fc:f9:7b:f1:b8:6a:8c:
83:0a:1b:1b:1e:1f:aa:5b:ec:a3:d3:fc:ce:c8:35:b0:d2:5e:
1f:f0:f2:41:22:8e:26:be:28:1b:62:62:7e:d3:34:73:fd:f2:
56:20:30:75:e4:8a:77:b9:af:f7:52:ad:45:ad:4b:14:8e:f2:
ec:6b:8a:b1:97:a3:c6:f9:4b:60:44:ce:86:37:bd:13:06:bf:
98:6f:df:04:f2:5f:1f:c0:1a:63:1e:32:c1:77:94:28:10:62:
65:d7:66:b9:3a:5e:ae:c7:fa:91:da:00:1c:dc:99:28:ce:30:
a2:f2:0b:00:48:e7:f4:7c:fa:bb:96:60:3b:13:d5:34:d2:44:
1b:b2:d7:e0:c4:87:90:dd:ab:b2:5f:4d:9e:a9:07:2c:fa:6e:
2a:e1:01:79:ce:5d:0f:f1:f9:a9:3d:fe:8b:48:3a:04:95:e1:
07:b0:a0:9d:d0:9e:ae:88:02:21:eb:aa:e1:34:4b:d6:a0:ca:
26:a3:f8:bb:57:d2:62:e2:59:d2:07:64:27:31:d5:de:8b:60:
61:6b:85:c0:9c:4e:da:01:99:de:37:aa:b2:ae:a5:04:89:a8:
46:51:a7:65
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUdEjjtNc/Ngq8hLUq8EB5tMeN9XEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjQxMDE1MDdaFw0yNjA0MjMxMDIwMDdaMDMxMTAvBgNV
BAMTKEM0RUE0Q0FEQjIxNzhBMjMxNUQ3NzE0RUQyRjlFRkI3RDUxNUNCRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7f5KclnLE1DfSTnk9sbIMvWaP
9RomYxsF5M+WjYAuJsYvVeDkEzMCpO9qbqvJEckwR/JPE0WvqiAF4i/4wIPvplTi
3u4Or6y+sdncWRKDDD1zxpedh1czjZCiXUUGkeOjLO1/7qEk8eKkPxvHRgvZ1+v4
0XS3kUeYzCiZLYRwcKJ8fVZGAXA1/Oh51vt3AHoamFHAJyAJ1dGi+4VzV6O/idcm
ws3lPpqodTb9VShxFSuyUXp+AQKN8iFN2yZviqLS+J8PEylLvFpMVH2Sj0cED4SM
11jd9Bl+bgiqTZ9y1tnnbl71xAJIoGPB2WOqpnMsPIICVtgAaYchDEpjkegRAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUxOpMrbIXiiMV13FO0vnvt9UVy/cwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk1NzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBABf
hlEDBABfhlIDBABfhoMDBABfhpQDBABfhpYDBABfhsoDBABfh2YDBABfh8IDBABf
h98wDQYJKoZIhvcNAQELBQADggEBAJwkoNubHkM9T+8WPRcbemv4hrqkfQhLE4Yx
Fp3l/Pl78bhqjIMKGxseH6pb7KPT/M7INbDSXh/w8kEijia+KBtiYn7TNHP98lYg
MHXkine5r/dSrUWtSxSO8uxrirGXo8b5S2BEzoY3vRMGv5hv3wTyXx/AGmMeMsF3
lCgQYmXXZrk6Xq7H+pHaABzcmSjOMKLyCwBI5/R8+ruWYDsT1TTSRBuy1+DEh5Dd
q7JfTZ6pByz6birhAXnOXQ/x+ak9/otIOgSV4QewoJ3Qnq6IAiHrquE0S9agyiaj
+LtX0mLiWdIHZCcx1d6LYGFrhcCcTtoBmd43qrKupQSJqEZRp2U=
-----END CERTIFICATE-----
Generated at Mon May 5 23:36:22 2025 by rpki-client