Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS996.roa
File: AS996.roa (raw, json)
Hash identifier: vLw+5i4kdHobdEBJRt+r5hBRKHYRqkLUKEfDSbpzOTA=
Subject key identifier: DD:D2:12:A4:3A:A6:30:D2:7F:D8:13:48:9B:F0:CD:B9:F4:73:7C:00
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 41DC0F0AC25945A9ED3E42241E8BA25A1AEF00FE
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS996.roa
Signing time: Fri 18 Apr 2025 12:47:47 +0000
ROA not before: Fri 18 Apr 2025 12:42:47 +0000
ROA not after: Fri 17 Apr 2026 12:47:47 +0000
asID: 996
IP address blocks: 46.203.107.0/24 maxlen: 24
46.203.114.0/24 maxlen: 24
46.203.145.0/24 maxlen: 24
46.203.146.0/24 maxlen: 24
46.203.168.0/24 maxlen: 24
46.203.169.0/24 maxlen: 24
46.203.171.0/24 maxlen: 24
46.203.174.0/24 maxlen: 24
46.203.177.0/24 maxlen: 24
46.203.179.0/24 maxlen: 24
92.112.55.0/24 maxlen: 24
92.113.15.0/24 maxlen: 24
92.113.40.0/24 maxlen: 24
95.134.184.0/24 maxlen: 24
95.134.206.0/24 maxlen: 24
95.134.221.0/24 maxlen: 24
95.134.223.0/24 maxlen: 24
95.135.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:dc:0f:0a:c2:59:45:a9:ed:3e:42:24:1e:8b:a2:5a:1a:ef:00:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 18 12:42:47 2025 GMT
Not After : Apr 17 12:47:47 2026 GMT
Subject: CN=DDD212A43AA630D27FD813489BF0CDB9F4737C00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a4:fe:df:8b:cb:53:f6:bf:3f:94:c4:07:f4:
36:bb:63:b4:b5:85:28:0d:12:dd:64:27:43:9f:0a:
7b:28:3f:51:54:e7:c6:4c:c9:a9:4f:86:29:13:0f:
50:ea:13:26:3b:44:ec:8e:42:9e:d0:9b:35:2a:13:
77:d4:34:f6:7a:0e:8b:25:6f:3f:de:b4:f7:e9:b6:
51:a0:b3:55:59:a3:42:c0:4f:62:f6:b8:6d:f2:37:
9d:9a:44:39:75:b7:34:0d:fd:95:ef:7b:ad:01:e3:
c1:f3:72:a0:55:41:0b:be:33:9d:34:44:36:06:c6:
35:4f:84:bb:23:f8:9b:13:c1:03:a3:a7:91:58:09:
6a:81:87:6e:1a:25:bb:9d:e6:66:79:51:0d:6d:97:
0a:f8:95:98:ad:ef:2d:04:b5:12:36:82:48:0d:8e:
7b:bc:81:ab:8d:1b:a1:4f:b8:ac:fa:d3:dd:2c:f6:
c2:da:4e:17:4a:7b:ef:ca:b1:3a:f1:48:07:f1:91:
00:36:e4:e9:a6:bb:b3:be:48:e6:3a:30:a9:53:a8:
a1:a6:00:77:aa:55:0c:f6:f6:e9:2f:84:5b:4c:06:
ff:e8:87:0f:d1:79:1d:e4:72:3e:64:43:21:65:0a:
b0:f2:79:c5:e2:a0:7b:f8:2e:02:92:89:18:22:a4:
e6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D2:12:A4:3A:A6:30:D2:7F:D8:13:48:9B:F0:CD:B9:F4:73:7C:00
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.107.0/24
46.203.114.0/24
46.203.145.0-46.203.146.255
46.203.168.0/23
46.203.171.0/24
46.203.174.0/24
46.203.177.0/24
46.203.179.0/24
92.112.55.0/24
92.113.15.0/24
92.113.40.0/24
95.134.184.0/24
95.134.206.0/24
95.134.221.0/24
95.134.223.0/24
95.135.72.0/24
Signature Algorithm: sha256WithRSAEncryption
69:8f:1a:01:5a:ba:ea:79:f1:f8:ef:0e:17:d0:99:54:92:80:
71:ec:e7:b1:10:4f:e2:9a:e1:7b:fb:ac:eb:e2:5c:a4:eb:6f:
c8:12:c9:5b:d7:c3:4c:a9:7c:f5:6a:44:45:77:14:44:06:15:
41:15:64:4f:7b:38:0d:6f:b2:28:6a:5c:cc:a3:e8:75:71:f7:
24:b3:a3:8b:84:da:6c:fe:ee:b1:0e:ed:28:69:15:36:65:78:
5b:47:b5:7d:82:d2:00:f2:e7:7d:01:96:3d:ed:77:2d:44:3a:
39:bd:ed:ac:7b:b0:76:d9:dd:2a:19:a9:2d:51:0c:e1:5a:1d:
01:f1:71:2c:4e:fd:16:a3:7a:32:75:24:db:b4:81:3c:80:f1:
c0:78:7b:1a:16:e9:9f:fc:a3:f8:40:99:2d:42:36:4f:28:da:
5d:5a:9c:c5:8c:b1:95:af:e9:1d:21:42:66:ca:01:52:8e:b1:
d1:00:b4:54:90:71:a7:ba:58:72:c9:61:11:c7:72:39:6d:6b:
ae:08:f3:c3:7f:ec:e0:0e:b7:07:74:1c:bb:a9:6c:6a:f4:e9:
9b:67:44:e2:d2:16:15:d9:08:31:97:36:3c:18:7a:99:a5:36:
a2:81:a4:60:f5:77:43:3b:12:13:3c:b7:e4:4e:61:fa:2b:ac:
62:85:1e:2d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQdwPCsJZRantPkIkHouiWhrvAP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTgxMjQyNDdaFw0yNjA0MTcxMjQ3NDdaMDMxMTAvBgNV
BAMTKERERDIxMkE0M0FBNjMwRDI3RkQ4MTM0ODlCRjBDREI5RjQ3MzdDMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCspP7fi8tT9r8/lMQH9Da7Y7S1
hSgNEt1kJ0OfCnsoP1FU58ZMyalPhikTD1DqEyY7ROyOQp7QmzUqE3fUNPZ6Dosl
bz/etPfptlGgs1VZo0LAT2L2uG3yN52aRDl1tzQN/ZXve60B48HzcqBVQQu+M500
RDYGxjVPhLsj+JsTwQOjp5FYCWqBh24aJbud5mZ5UQ1tlwr4lZit7y0EtRI2gkgN
jnu8gauNG6FPuKz6090s9sLaThdKe+/KsTrxSAfxkQA25Ommu7O+SOY6MKlTqKGm
AHeqVQz29ukvhFtMBv/ohw/ReR3kcj5kQyFlCrDyecXioHv4LgKSiRgipObFAgMB
AAGjggJqMIICZjAdBgNVHQ4EFgQU3dISpDqmMNJ/2BNIm/DNufRzfAAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTk2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAC7LawME
AC7LcjAMAwQALsuRAwQALsuSAwQBLsuoAwQALsurAwQALsuuAwQALsuxAwQALsuz
AwQAXHA3AwQAXHEPAwQAXHEoAwQAX4a4AwQAX4bOAwQAX4bdAwQAX4bfAwQAX4dI
MA0GCSqGSIb3DQEBCwUAA4IBAQBpjxoBWrrqefH47w4X0JlUkoBx7OexEE/imuF7
+6zr4lyk62/IEslb18NMqXz1akRFdxREBhVBFWRPezgNb7IoalzMo+h1cfcks6OL
hNps/u6xDu0oaRU2ZXhbR7V9gtIA8ud9AZY97XctRDo5ve2se7B22d0qGaktUQzh
Wh0B8XEsTv0Wo3oydSTbtIE8gPHAeHsaFumf/KP4QJktQjZPKNpdWpzFjLGVr+kd
IUJmygFSjrHRALRUkHGnulhyyWERx3I5bWuuCPPDf+zgDrcHdBy7qWxq9OmbZ0Ti
0hYV2QgxlzY8GHqZpTaigaRg9XdDOxITPLfkTmH6K6xihR4t
-----END CERTIFICATE-----
Generated at Wed May 7 14:40:48 2025 by rpki-client