Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS54339.roa
File: AS54339.roa (raw, json)
Hash identifier: pkiFnZhYxCQpgjUWSuNPB7iw9bf++HJvnrN/LiTZQb0=
Subject key identifier: 7F:ED:64:23:9A:5A:43:1E:FF:2A:98:33:A3:F8:4C:3E:3E:0D:1F:65
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 33BE0AEC01A982BA74812784E86F1262D327A545
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS54339.roa
Signing time: Tue 17 Jun 2025 07:12:58 +0000
ROA not before: Tue 17 Jun 2025 07:07:58 +0000
ROA not after: Tue 16 Jun 2026 07:12:58 +0000
asID: 54339
IP address blocks: 46.203.107.0/24 maxlen: 24
46.203.114.0/24 maxlen: 24
46.203.145.0/24 maxlen: 24
46.203.146.0/24 maxlen: 24
46.203.168.0/24 maxlen: 24
46.203.169.0/24 maxlen: 24
46.203.171.0/24 maxlen: 24
46.203.174.0/24 maxlen: 24
46.203.177.0/24 maxlen: 24
46.203.179.0/24 maxlen: 24
46.203.199.0/24 maxlen: 24
46.203.235.0/24 maxlen: 24
92.112.6.0/24 maxlen: 24
92.112.7.0/24 maxlen: 24
92.112.8.0/24 maxlen: 24
92.112.36.0/24 maxlen: 24
92.112.38.0/24 maxlen: 24
92.112.55.0/24 maxlen: 24
92.112.89.0/24 maxlen: 24
92.112.142.0/24 maxlen: 24
92.113.4.0/24 maxlen: 24
92.113.6.0/24 maxlen: 24
92.113.9.0/24 maxlen: 24
92.113.15.0/24 maxlen: 24
92.113.40.0/24 maxlen: 24
92.113.56.0/24 maxlen: 24
92.113.57.0/24 maxlen: 24
92.113.58.0/24 maxlen: 24
92.113.59.0/24 maxlen: 24
92.113.169.0/24 maxlen: 24
92.113.247.0/24 maxlen: 24
95.134.184.0/24 maxlen: 24
95.134.206.0/24 maxlen: 24
95.134.221.0/24 maxlen: 24
95.134.223.0/24 maxlen: 24
95.135.72.0/24 maxlen: 24
178.92.30.0/23 maxlen: 23
178.92.44.0/24 maxlen: 24
178.93.117.0/24 maxlen: 24
178.93.121.0/24 maxlen: 24
178.94.168.0/24 maxlen: 24
178.94.175.0/24 maxlen: 24
178.95.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:be:0a:ec:01:a9:82:ba:74:81:27:84:e8:6f:12:62:d3:27:a5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 17 07:07:58 2025 GMT
Not After : Jun 16 07:12:58 2026 GMT
Subject: CN=7FED64239A5A431EFF2A9833A3F84C3E3E0D1F65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2d:6f:ec:46:94:71:3e:7d:a1:4f:72:95:56:
49:aa:6a:a4:f1:0e:99:fb:20:86:c4:98:8d:97:3f:
cf:b7:11:c5:cd:c3:26:62:96:25:de:34:64:a8:29:
bf:43:89:31:a9:6f:93:93:a7:95:2a:a8:92:92:f3:
8c:5f:fb:93:e6:3f:b1:69:7f:0c:73:f8:32:87:d3:
2f:a3:6b:4c:38:db:9f:db:dd:89:77:2c:fc:75:2b:
3e:b8:f4:03:2e:2e:cd:85:67:62:8d:45:ee:50:ab:
c1:c2:14:92:91:6c:b5:74:aa:83:08:7c:1e:de:ad:
d2:8b:a6:18:5d:81:ea:61:be:42:7d:29:69:65:58:
4a:31:13:de:06:05:32:eb:96:27:a9:b9:50:5e:0c:
e8:9c:c7:30:22:00:f0:18:8c:e2:11:8f:67:2e:47:
a5:4e:54:92:ad:26:91:1a:26:55:8b:ac:74:31:16:
37:02:00:f2:25:21:df:d4:f2:11:2f:2f:fb:20:93:
0b:52:25:99:8c:1f:69:48:67:19:7f:d2:25:20:18:
6d:d5:db:bf:1a:c9:fe:02:09:69:c0:e0:56:d6:db:
3e:a6:fd:0d:1f:7f:e1:26:33:78:18:1d:65:2f:a1:
b1:81:56:86:68:65:e3:e0:5e:82:ad:f0:b1:58:38:
ba:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:ED:64:23:9A:5A:43:1E:FF:2A:98:33:A3:F8:4C:3E:3E:0D:1F:65
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS54339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.107.0/24
46.203.114.0/24
46.203.145.0-46.203.146.255
46.203.168.0/23
46.203.171.0/24
46.203.174.0/24
46.203.177.0/24
46.203.179.0/24
46.203.199.0/24
46.203.235.0/24
92.112.6.0-92.112.8.255
92.112.36.0/24
92.112.38.0/24
92.112.55.0/24
92.112.89.0/24
92.112.142.0/24
92.113.4.0/24
92.113.6.0/24
92.113.9.0/24
92.113.15.0/24
92.113.40.0/24
92.113.56.0/22
92.113.169.0/24
92.113.247.0/24
95.134.184.0/24
95.134.206.0/24
95.134.221.0/24
95.134.223.0/24
95.135.72.0/24
178.92.30.0/23
178.92.44.0/24
178.93.117.0/24
178.93.121.0/24
178.94.168.0/24
178.94.175.0/24
178.95.252.0/23
Signature Algorithm: sha256WithRSAEncryption
33:ef:2f:e2:04:5f:fa:4e:0d:c3:42:68:6a:31:8e:6c:4e:7d:
b4:a3:6e:b9:67:ce:7d:78:26:1b:79:97:99:2e:73:b5:ff:89:
37:93:e3:c7:56:9e:bd:26:ff:7a:a3:a4:5d:3e:28:57:dc:65:
0b:11:6a:e9:d8:42:ec:6e:39:40:e2:af:4d:5b:15:0d:fa:cd:
57:e0:bb:8e:94:a9:8b:23:21:de:d5:9a:35:2d:32:c5:ec:74:
92:14:ab:89:2d:e4:bf:ab:ca:5c:1e:25:07:f7:7a:d3:ca:bd:
82:0f:5d:f3:08:58:5f:c3:75:83:e1:27:ae:aa:c7:c7:a6:9c:
90:e8:45:64:88:16:4d:c4:d7:61:62:a8:68:9a:71:99:1f:dc:
b9:58:50:7f:0b:28:b6:4f:78:ed:a5:83:1d:3e:4b:dd:fa:ac:
5d:dc:73:57:e3:3e:7c:66:4f:03:2c:8c:ef:68:8a:c2:3d:4f:
3e:55:f9:36:a3:2d:2f:23:ff:b7:7e:b8:4c:12:3c:22:95:29:
fd:2c:5c:32:9d:11:ce:ed:3f:e8:e2:c1:a7:b1:38:ff:e1:18:
5e:ff:bd:6b:00:4a:53:76:2d:73:74:b5:94:ef:98:68:07:cc:
45:b4:1d:21:c2:55:87:f3:86:b1:00:60:ed:1a:1b:2b:91:19:
54:5f:02:0e
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgIUM74K7AGpgrp0gSeE6G8SYtMnpUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MTcwNzA3NThaFw0yNjA2MTYwNzEyNThaMDMxMTAvBgNV
BAMTKDdGRUQ2NDIzOUE1QTQzMUVGRjJBOTgzM0EzRjg0QzNFM0UwRDFGNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsLW/sRpRxPn2hT3KVVkmqaqTx
Dpn7IIbEmI2XP8+3EcXNwyZiliXeNGSoKb9DiTGpb5OTp5UqqJKS84xf+5PmP7Fp
fwxz+DKH0y+ja0w425/b3Yl3LPx1Kz649AMuLs2FZ2KNRe5Qq8HCFJKRbLV0qoMI
fB7erdKLphhdgephvkJ9KWllWEoxE94GBTLrliepuVBeDOicxzAiAPAYjOIRj2cu
R6VOVJKtJpEaJlWLrHQxFjcCAPIlId/U8hEvL/sgkwtSJZmMH2lIZxl/0iUgGG3V
278ayf4CCWnA4FbW2z6m/Q0ff+EmM3gYHWUvobGBVoZoZePgXoKt8LFYOLrNAgMB
AAGjggLxMIIC7TAdBgNVHQ4EFgQUf+1kI5paQx7/Kpgzo/hMPj4NH2UwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTQzMzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEFBggrBgEFBQcBBwEB/wSB9TCB8jCB7wQCAAEwgegD
BAAuy2sDBAAuy3IwDAMEAC7LkQMEAC7LkgMEAS7LqAMEAC7LqwMEAC7LrgMEAC7L
sQMEAC7LswMEAC7LxwMEAC7L6zAMAwQBXHAGAwQAXHAIAwQAXHAkAwQAXHAmAwQA
XHA3AwQAXHBZAwQAXHCOAwQAXHEEAwQAXHEGAwQAXHEJAwQAXHEPAwQAXHEoAwQC
XHE4AwQAXHGpAwQAXHH3AwQAX4a4AwQAX4bOAwQAX4bdAwQAX4bfAwQAX4dIAwQB
slweAwQAslwsAwQAsl11AwQAsl15AwQAsl6oAwQAsl6vAwQBsl/8MA0GCSqGSIb3
DQEBCwUAA4IBAQAz7y/iBF/6Tg3DQmhqMY5sTn20o265Z859eCYbeZeZLnO1/4k3
k+PHVp69Jv96o6RdPihX3GULEWrp2ELsbjlA4q9NWxUN+s1X4LuOlKmLIyHe1Zo1
LTLF7HSSFKuJLeS/q8pcHiUH93rTyr2CD13zCFhfw3WD4SeuqsfHppyQ6EVkiBZN
xNdhYqhomnGZH9y5WFB/Cyi2T3jtpYMdPkvd+qxd3HNX4z58Zk8DLIzvaIrCPU8+
Vfk2oy0vI/+3frhMEjwilSn9LFwynRHO7T/o4sGnsTj/4Rhe/71rAEpTdi1zdLWU
75hoB8xFtB0hwlWH84axAGDtGhsrkRlUXwIO
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:56 2025 by rpki-client