Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS996.roa
File: AS996.roa (raw, json)
Hash identifier: CfVvGRiKfp+vvyEmIA4/FtRDVcV7KrAbK9bI/V3zToQ=
Subject key identifier: 5B:80:BD:32:C9:04:91:05:DD:5D:CF:7F:61:1B:96:F7:0D:C1:90:88
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 23FDAE0305DEA197C4A41AD8321541C6872EF8B8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS996.roa
Signing time: Mon 18 Aug 2025 22:01:08 +0000
ROA not before: Mon 18 Aug 2025 21:56:08 +0000
ROA not after: Mon 17 Aug 2026 22:01:08 +0000
asID: 996
IP address blocks: 46.203.107.0/24 maxlen: 24
46.203.114.0/24 maxlen: 24
46.203.145.0/24 maxlen: 24
46.203.146.0/24 maxlen: 24
46.203.168.0/24 maxlen: 24
46.203.169.0/24 maxlen: 24
46.203.171.0/24 maxlen: 24
46.203.174.0/24 maxlen: 24
46.203.177.0/24 maxlen: 24
46.203.179.0/24 maxlen: 24
92.112.6.0/24 maxlen: 24
92.112.7.0/24 maxlen: 24
92.112.8.0/24 maxlen: 24
92.112.36.0/24 maxlen: 24
92.112.38.0/24 maxlen: 24
92.112.55.0/24 maxlen: 24
92.112.89.0/24 maxlen: 24
92.112.142.0/24 maxlen: 24
92.113.15.0/24 maxlen: 24
92.113.40.0/24 maxlen: 24
92.113.56.0/24 maxlen: 24
92.113.57.0/24 maxlen: 24
92.113.58.0/24 maxlen: 24
92.113.59.0/24 maxlen: 24
92.113.169.0/24 maxlen: 24
92.113.247.0/24 maxlen: 24
95.134.184.0/24 maxlen: 24
95.134.206.0/24 maxlen: 24
95.134.221.0/24 maxlen: 24
95.134.223.0/24 maxlen: 24
95.135.72.0/24 maxlen: 24
178.92.44.0/24 maxlen: 24
178.92.80.0/24 maxlen: 24
178.92.82.0/24 maxlen: 24
178.93.117.0/24 maxlen: 24
178.93.121.0/24 maxlen: 24
178.94.168.0/24 maxlen: 24
178.94.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:fd:ae:03:05:de:a1:97:c4:a4:1a:d8:32:15:41:c6:87:2e:f8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 18 21:56:08 2025 GMT
Not After : Aug 17 22:01:08 2026 GMT
Subject: CN=5B80BD32C9049105DD5DCF7F611B96F70DC19088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:73:0f:ba:e1:f8:5e:1c:c1:dc:c6:a4:39:
85:cb:f0:40:b5:d9:3f:25:5a:d4:8e:01:5e:ca:17:
11:b5:05:df:7e:22:f4:3d:f3:de:99:87:48:08:41:
f2:c8:fd:15:c6:7b:a9:09:81:2a:82:b8:09:07:9f:
6a:c2:a7:6a:82:b3:d1:9c:38:80:a7:30:80:87:da:
c3:60:98:0b:7a:5d:c4:96:13:f1:d4:9b:17:05:05:
99:3c:56:4b:c9:42:bd:f6:53:dd:81:37:c1:d7:ab:
77:c2:91:3a:b5:72:6f:ca:08:95:1f:ea:f1:84:4a:
aa:d7:1f:f2:61:4d:e3:dd:78:8b:a7:2d:f5:6a:a5:
d5:f3:f6:ee:ef:89:ba:e2:4f:d5:f2:47:39:c5:52:
cd:af:dc:47:dd:cb:7e:ab:37:7a:79:86:8d:27:8d:
b3:f9:04:e3:09:a8:53:80:c6:40:d9:bf:1d:f0:8d:
e0:fa:71:38:8a:47:50:a3:bf:19:0d:49:0b:4a:d6:
76:89:b0:7c:ba:a4:47:d3:98:c0:c0:8b:82:01:87:
95:cd:82:8e:b5:2f:ad:e9:60:34:f7:93:44:64:fc:
b0:7f:7c:d4:88:8e:01:2b:30:31:6c:79:2c:7e:99:
f3:4e:f9:f2:5b:f8:fe:ef:c1:3a:61:a5:d8:ef:2a:
cf:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:80:BD:32:C9:04:91:05:DD:5D:CF:7F:61:1B:96:F7:0D:C1:90:88
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.107.0/24
46.203.114.0/24
46.203.145.0-46.203.146.255
46.203.168.0/23
46.203.171.0/24
46.203.174.0/24
46.203.177.0/24
46.203.179.0/24
92.112.6.0-92.112.8.255
92.112.36.0/24
92.112.38.0/24
92.112.55.0/24
92.112.89.0/24
92.112.142.0/24
92.113.15.0/24
92.113.40.0/24
92.113.56.0/22
92.113.169.0/24
92.113.247.0/24
95.134.184.0/24
95.134.206.0/24
95.134.221.0/24
95.134.223.0/24
95.135.72.0/24
178.92.44.0/24
178.92.80.0/24
178.92.82.0/24
178.93.117.0/24
178.93.121.0/24
178.94.168.0/24
178.94.175.0/24
Signature Algorithm: sha256WithRSAEncryption
25:57:4b:0f:89:be:ca:d6:ff:57:78:c6:4a:fe:21:b3:20:b4:
b3:ea:8d:06:db:af:2a:6c:98:ca:3c:6f:e9:0d:c4:7e:6b:fb:
95:48:86:13:e2:77:4e:b7:34:08:01:7d:27:5c:87:0a:80:ff:
ff:bb:9a:9d:34:ae:ac:81:dc:68:a0:d8:b0:11:1a:0a:0b:4d:
4d:fe:f0:02:b8:0f:36:aa:11:ad:6c:28:aa:24:05:ae:57:44:
56:e9:82:b9:05:3f:35:61:d6:18:e1:72:98:0c:58:4e:fc:75:
bc:84:ee:a8:3d:82:7b:a2:d8:fe:2b:fc:82:8b:8e:68:83:2e:
b2:aa:50:7e:2d:82:5e:5f:51:0e:d5:1c:80:b1:44:3f:ef:49:
36:fb:d6:7e:12:40:c6:31:f7:ba:74:94:9b:24:18:7d:ac:8f:
69:90:68:ec:fa:b7:5b:c4:86:0f:83:bf:f9:42:74:5d:65:b2:
3a:97:3b:f2:58:86:fe:4f:0d:b8:96:71:29:79:1a:93:c1:36:
28:38:b3:05:07:7f:8a:80:21:78:11:72:70:a9:92:9c:ad:18:
2c:41:8d:3f:2d:b9:63:74:05:f4:26:0c:a5:6b:45:02:26:3a:
86:69:49:de:f2:4d:d4:ba:c9:1f:25:7d:9d:fe:92:66:5f:5e:
b9:14:8b:0a
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIUI/2uAwXeoZfEpBrYMhVBxocu+LgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MTgyMTU2MDhaFw0yNjA4MTcyMjAxMDhaMDMxMTAvBgNV
BAMTKDVCODBCRDMyQzkwNDkxMDVERDVEQ0Y3RjYxMUI5NkY3MERDMTkwODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt0HMPuuH4XhzB3MakOYXL8EC1
2T8lWtSOAV7KFxG1Bd9+IvQ9896Zh0gIQfLI/RXGe6kJgSqCuAkHn2rCp2qCs9Gc
OICnMICH2sNgmAt6XcSWE/HUmxcFBZk8VkvJQr32U92BN8HXq3fCkTq1cm/KCJUf
6vGESqrXH/JhTePdeIunLfVqpdXz9u7vibriT9XyRznFUs2v3Efdy36rN3p5ho0n
jbP5BOMJqFOAxkDZvx3wjeD6cTiKR1CjvxkNSQtK1naJsHy6pEfTmMDAi4IBh5XN
go61L63pYDT3k0Rk/LB/fNSIjgErMDFseSx+mfNO+fJb+P7vwTphpdjvKs+lAgMB
AAGjggLQMIICzDAdBgNVHQ4EFgQUW4C9MskEkQXdXc9/YRuW9w3BkIgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTk2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAAu
y2sDBAAuy3IwDAMEAC7LkQMEAC7LkgMEAS7LqAMEAC7LqwMEAC7LrgMEAC7LsQME
AC7LszAMAwQBXHAGAwQAXHAIAwQAXHAkAwQAXHAmAwQAXHA3AwQAXHBZAwQAXHCO
AwQAXHEPAwQAXHEoAwQCXHE4AwQAXHGpAwQAXHH3AwQAX4a4AwQAX4bOAwQAX4bd
AwQAX4bfAwQAX4dIAwQAslwsAwQAslxQAwQAslxSAwQAsl11AwQAsl15AwQAsl6o
AwQAsl6vMA0GCSqGSIb3DQEBCwUAA4IBAQAlV0sPib7K1v9XeMZK/iGzILSz6o0G
268qbJjKPG/pDcR+a/uVSIYT4ndOtzQIAX0nXIcKgP//u5qdNK6sgdxooNiwERoK
C01N/vACuA82qhGtbCiqJAWuV0RW6YK5BT81YdYY4XKYDFhO/HW8hO6oPYJ7otj+
K/yCi45ogy6yqlB+LYJeX1EO1RyAsUQ/70k2+9Z+EkDGMfe6dJSbJBh9rI9pkGjs
+rdbxIYPg7/5QnRdZbI6lzvyWIb+Tw24lnEpeRqTwTYoOLMFB3+KgCF4EXJwqZKc
rRgsQY0/LbljdAX0Jgyla0UCJjqGaUne8k3UuskfJX2d/pJmX165FIsK
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:56:51 2025 by rpki-client