Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395793.roa
File: AS395793.roa (raw, json)
Hash identifier: eIc9A/p539uqjbvLqXR9lo9UwZD1sw6blrBNpkMOCqU=
Subject key identifier: 54:F4:A6:BB:0C:5A:C1:8D:75:EB:3E:3E:94:53:11:C5:5B:EF:55:95
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 659136BE1BFEB35DC5D69A9093BC449C30799676
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395793.roa
Signing time: Tue 27 May 2025 08:01:35 +0000
ROA not before: Tue 27 May 2025 07:56:35 +0000
ROA not after: Tue 26 May 2026 08:01:35 +0000
asID: 395793
IP address blocks: 96.62.144.0/23 maxlen: 24
167.148.128.0/24 maxlen: 24
167.148.134.0/24 maxlen: 24
167.148.165.0/24 maxlen: 24
167.148.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:91:36:be:1b:fe:b3:5d:c5:d6:9a:90:93:bc:44:9c:30:79:96:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 27 07:56:35 2025 GMT
Not After : May 26 08:01:35 2026 GMT
Subject: CN=54F4A6BB0C5AC18D75EB3E3E945311C55BEF5595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:ed:10:a2:73:11:47:60:02:06:0b:d9:1a:eb:
ed:90:aa:52:c6:b3:59:43:5c:d7:d0:d0:b8:d6:8a:
4b:9d:94:10:89:1a:55:d7:af:90:a1:32:17:18:e1:
bf:68:4f:75:e5:41:43:00:96:96:09:10:80:a2:31:
7f:f6:aa:61:75:60:f9:19:50:06:52:c1:e2:34:fc:
2c:9a:88:d0:9b:9e:ea:56:88:fd:e3:0c:1f:d4:db:
7c:17:e9:0e:5c:66:7a:c7:3c:90:2f:ca:4e:87:18:
c7:b4:c3:12:34:9e:e1:21:5e:ed:ea:2c:0b:06:e7:
f8:30:9b:65:32:3a:56:54:db:10:5c:65:0a:60:14:
77:43:d6:85:e7:6b:89:c0:91:34:9d:0a:cd:e6:be:
20:cb:6b:40:60:5d:79:a6:8f:5e:e6:37:61:9e:06:
f3:39:1c:9f:f1:dd:46:eb:93:65:a7:43:4a:17:85:
b7:43:da:06:13:23:41:19:96:8b:9f:2e:ef:a9:a4:
94:cf:52:a1:3e:b8:ba:16:52:94:b2:f0:4d:10:65:
a3:5d:6f:73:44:b9:3e:46:1c:5e:41:00:9d:e3:e6:
92:b5:45:25:67:b0:5a:6d:a5:19:df:64:f5:8e:b9:
0d:56:f9:4e:8d:88:c3:4a:45:03:67:ba:c9:37:d4:
7c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F4:A6:BB:0C:5A:C1:8D:75:EB:3E:3E:94:53:11:C5:5B:EF:55:95
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395793.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.144.0/23
167.148.128.0/24
167.148.134.0/24
167.148.165.0-167.148.166.255
Signature Algorithm: sha256WithRSAEncryption
04:91:72:b4:04:29:ad:d9:d9:77:de:2f:4c:a6:27:ed:93:d2:
75:44:5a:16:cc:4b:bf:ec:50:93:08:ec:07:01:21:0d:4a:f8:
d7:2c:a8:ab:a2:b3:63:9f:e3:70:da:22:24:fc:f5:b0:12:5a:
49:7b:43:a2:0a:64:f1:77:96:5d:b9:bb:5c:98:91:73:67:13:
26:d4:17:78:24:90:6c:ac:91:ea:d5:d0:b9:a2:85:e9:4c:b8:
7a:69:af:02:52:a2:c4:06:d7:9b:b2:0a:7a:e7:1e:ad:96:b8:
0b:b4:13:01:7d:8d:36:c4:d8:eb:01:a0:40:c1:1f:b7:d1:6a:
6f:14:a0:7d:87:3d:81:25:a1:84:d9:e1:8a:55:8b:67:0e:6f:
d8:95:34:fa:ca:ff:4b:40:71:c7:ce:24:35:27:e9:0b:2a:82:
8a:f1:f6:d7:46:c5:15:6f:4f:fc:b7:89:dd:d9:e0:b2:93:a2:
fe:02:a3:67:b5:0e:f4:33:fd:d0:07:50:99:80:da:5e:08:ce:
bc:87:5a:b0:ea:73:d4:7f:13:f2:01:f2:33:68:3f:23:f0:88:
e2:5f:de:7c:65:c4:fe:0e:a4:44:ff:d2:c7:d0:bf:9d:2f:fb:
13:02:d3:ba:38:54:41:1c:2e:84:94:12:23:fa:ae:0d:3c:27:
a0:6b:3e:05
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUZZE2vhv+s13F1pqQk7xEnDB5lnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MjcwNzU2MzVaFw0yNjA1MjYwODAxMzVaMDMxMTAvBgNV
BAMTKDU0RjRBNkJCMEM1QUMxOEQ3NUVCM0UzRTk0NTMxMUM1NUJFRjU1OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD47RCicxFHYAIGC9ka6+2QqlLG
s1lDXNfQ0LjWikudlBCJGlXXr5ChMhcY4b9oT3XlQUMAlpYJEICiMX/2qmF1YPkZ
UAZSweI0/CyaiNCbnupWiP3jDB/U23wX6Q5cZnrHPJAvyk6HGMe0wxI0nuEhXu3q
LAsG5/gwm2UyOlZU2xBcZQpgFHdD1oXna4nAkTSdCs3mviDLa0BgXXmmj17mN2Ge
BvM5HJ/x3Ubrk2WnQ0oXhbdD2gYTI0EZloufLu+ppJTPUqE+uLoWUpSy8E0QZaNd
b3NEuT5GHF5BAJ3j5pK1RSVnsFptpRnfZPWOuQ1W+U6NiMNKRQNnusk31HwrAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUVPSmuwxawY116z4+lFMRxVvvVZUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1NzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBYD6Q
AwQAp5SAAwQAp5SGMAwDBACnlKUDBACnlKYwDQYJKoZIhvcNAQELBQADggEBAASR
crQEKa3Z2XfeL0ymJ+2T0nVEWhbMS7/sUJMI7AcBIQ1K+NcsqKuis2Of43DaIiT8
9bASWkl7Q6IKZPF3ll25u1yYkXNnEybUF3gkkGyskerV0LmihelMuHpprwJSosQG
15uyCnrnHq2WuAu0EwF9jTbE2OsBoEDBH7fRam8UoH2HPYEloYTZ4YpVi2cOb9iV
NPrK/0tAccfOJDUn6Qsqgorx9tdGxRVvT/y3id3Z4LKTov4Co2e1DvQz/dAHUJmA
2l4IzryHWrDqc9R/E/IB8jNoPyPwiOJf3nxlxP4OpET/0sfQv50v+xMC07o4VEEc
LoSUEiP6rg08J6BrPgU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:17:03 2025 by rpki-client