Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: kdAyGV/5JDtrfC9G+H0LFYBtMhgkPpX1q8VXV61FqOo=
Subject key identifier: 7A:30:8E:A8:E1:7F:AF:F4:D8:52:40:79:72:B4:6A:04:3B:00:38:CE
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 7F878BE885B7B5A69D80E7177BEA207D86A1F110
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS396356.roa
Signing time: Tue 16 Jun 2026 08:35:33 +0000
ROA not before: Tue 16 Jun 2026 08:30:33 +0000
ROA not after: Tue 15 Jun 2027 08:35:33 +0000
asID: 396356
IP address blocks: 51.194.114.0/24 maxlen: 24
51.194.157.0/24 maxlen: 24
51.241.63.0/24 maxlen: 24
51.241.66.0/24 maxlen: 24
51.241.67.0/24 maxlen: 24
51.241.72.0/24 maxlen: 24
51.241.74.0/24 maxlen: 24
51.241.75.0/24 maxlen: 24
51.241.77.0/24 maxlen: 24
51.241.78.0/24 maxlen: 24
51.241.82.0/24 maxlen: 24
51.241.83.0/24 maxlen: 24
51.241.85.0/24 maxlen: 24
51.241.93.0/24 maxlen: 24
51.241.94.0/24 maxlen: 24
51.241.97.0/24 maxlen: 24
51.241.98.0/24 maxlen: 24
51.241.112.0/24 maxlen: 24
51.241.113.0/24 maxlen: 24
51.241.121.0/24 maxlen: 24
51.241.123.0/24 maxlen: 24
78.105.121.0/24 maxlen: 24
78.105.123.0/24 maxlen: 24
78.105.244.0/24 maxlen: 24
188.221.227.0/24 maxlen: 24
188.221.240.0/24 maxlen: 24
188.221.247.0/24 maxlen: 24
188.221.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:87:8b:e8:85:b7:b5:a6:9d:80:e7:17:7b:ea:20:7d:86:a1:f1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Jun 16 08:30:33 2026 GMT
Not After : Jun 15 08:35:33 2027 GMT
Subject: CN=7A308EA8E17FAFF4D852407972B46A043B0038CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:91:0a:40:60:6b:59:a1:16:dc:28:85:29:
62:47:9b:3b:fe:a5:71:ef:af:bc:d9:2c:37:01:7a:
a2:83:e1:09:4d:07:df:9a:dc:0b:88:43:7f:6e:47:
92:c1:76:ea:e9:25:15:02:0c:60:86:3b:9d:48:92:
81:b4:ea:01:ed:08:ab:7b:79:27:fb:d0:f2:3e:9f:
f4:f7:0f:3c:5d:0b:b6:8e:d7:04:38:21:27:21:74:
1a:7c:a1:e2:d6:34:c3:3c:ae:ec:1a:53:2a:48:1d:
41:5c:bd:02:f4:41:8a:11:9d:9d:4f:a3:34:12:e9:
f1:bd:8e:d7:72:c5:c0:c5:c1:02:45:50:c7:04:27:
86:f8:27:c3:b7:63:9c:d7:79:7c:6e:22:62:52:fa:
a8:c4:a6:8b:fc:0a:a6:18:1e:fa:61:1a:99:5d:93:
02:35:13:3b:4a:9c:ae:05:a9:a8:87:a4:d3:2e:13:
b3:c4:8a:1e:26:2c:0a:ea:82:c4:57:c3:5e:48:6a:
aa:ed:49:af:e0:92:83:77:82:57:8a:72:1c:f0:4a:
51:94:16:49:77:ef:bd:94:b5:d1:17:b2:41:01:6d:
9a:ab:05:36:2b:e5:50:dd:b4:8f:3b:99:5a:20:87:
e5:2d:94:09:8c:d8:45:6c:9c:df:22:c2:4c:64:7d:
b4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:30:8E:A8:E1:7F:AF:F4:D8:52:40:79:72:B4:6A:04:3B:00:38:CE
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.194.114.0/24
51.194.157.0/24
51.241.63.0/24
51.241.66.0/23
51.241.72.0/24
51.241.74.0/23
51.241.77.0-51.241.78.255
51.241.82.0/23
51.241.85.0/24
51.241.93.0-51.241.94.255
51.241.97.0-51.241.98.255
51.241.112.0/23
51.241.121.0/24
51.241.123.0/24
78.105.121.0/24
78.105.123.0/24
78.105.244.0/24
188.221.227.0/24
188.221.240.0/24
188.221.247.0/24
188.221.254.0/24
Signature Algorithm: sha256WithRSAEncryption
32:23:5d:f3:c0:00:e6:c4:f5:0d:55:54:66:f0:80:be:57:02:
14:d7:5a:04:2d:94:4b:82:7a:48:0a:40:51:22:23:33:0d:77:
0c:d4:73:b0:34:00:f7:cd:fe:3d:43:c9:93:cb:f9:23:71:1b:
82:ea:c8:55:3b:3b:f5:4c:bc:65:92:f1:b6:b2:a2:bb:de:9e:
2e:18:16:5b:0d:61:ed:6c:46:1a:17:91:a4:7f:1f:bb:29:d1:
99:b9:69:56:50:6d:56:7b:86:31:db:e2:0a:88:84:15:a9:34:
98:db:49:82:ff:ca:a2:c6:31:51:87:9e:8e:f4:26:c4:9a:c1:
0b:c1:c4:dd:e0:23:a9:7d:84:39:17:aa:3f:44:43:bf:2f:c4:
a3:20:81:6c:20:54:68:67:c3:50:ee:31:82:26:e0:3e:fb:a4:
b3:f4:f0:35:c5:19:d4:d5:ab:c0:f1:78:95:2e:b9:5f:66:eb:
0c:a6:9a:ed:ad:5a:32:d2:3c:24:41:e9:55:ff:ad:88:93:0d:
08:61:24:62:d1:46:6e:64:d0:d0:03:b3:98:32:11:ea:d9:fd:
65:f1:0d:3a:0a:4d:c4:db:90:f3:92:1d:02:94:02:ad:c8:99:
5a:b3:31:f5:24:1d:47:16:30:06:fb:76:da:38:45:c0:14:99:
58:d2:94:5d
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUf4eL6IW3taadgOcXe+ogfYah8RAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA2MTYwODMwMzNaFw0yNzA2MTUwODM1MzNaMDMxMTAvBgNV
BAMTKDdBMzA4RUE4RTE3RkFGRjREODUyNDA3OTcyQjQ2QTA0M0IwMDM4Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvtJEKQGBrWaEW3CiFKWJHmzv+
pXHvr7zZLDcBeqKD4QlNB9+a3AuIQ39uR5LBdurpJRUCDGCGO51IkoG06gHtCKt7
eSf70PI+n/T3DzxdC7aO1wQ4ISchdBp8oeLWNMM8ruwaUypIHUFcvQL0QYoRnZ1P
ozQS6fG9jtdyxcDFwQJFUMcEJ4b4J8O3Y5zXeXxuImJS+qjEpov8CqYYHvphGpld
kwI1EztKnK4FqaiHpNMuE7PEih4mLArqgsRXw15IaqrtSa/gkoN3gleKchzwSlGU
Fkl3772UtdEXskEBbZqrBTYr5VDdtI87mVogh+UtlAmM2EVsnN8iwkxkfbStAgMB
AAGjggKfMIICmzAdBgNVHQ4EFgQUejCOqOF/r/TYUkB5crRqBDsAOM4wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYD
BAAzwnIDBAAzwp0DBAAz8T8DBAEz8UIDBAAz8UgDBAEz8UowDAMEADPxTQMEADPx
TgMEATPxUgMEADPxVTAMAwQAM/FdAwQAM/FeMAwDBAAz8WEDBAAz8WIDBAEz8XAD
BAAz8XkDBAAz8XsDBABOaXkDBABOaXsDBABOafQDBAC83eMDBAC83fADBAC83fcD
BAC83f4wDQYJKoZIhvcNAQELBQADggEBADIjXfPAAObE9Q1VVGbwgL5XAhTXWgQt
lEuCekgKQFEiIzMNdwzUc7A0APfN/j1DyZPL+SNxG4LqyFU7O/VMvGWS8bayorve
ni4YFlsNYe1sRhoXkaR/H7sp0Zm5aVZQbVZ7hjHb4gqIhBWpNJjbSYL/yqLGMVGH
no70JsSawQvBxN3gI6l9hDkXqj9EQ78vxKMggWwgVGhnw1DuMYIm4D77pLP08DXF
GdTVq8DxeJUuuV9m6wymmu2tWjLSPCRB6VX/rYiTDQhhJGLRRm5k0NADs5gyEerZ
/WXxDToKTcTbkPOSHQKUAq3ImVqzMfUkHUcWMAb7dto4RcAUmVjSlF0=
-----END CERTIFICATE-----
Generated at Sat Jun 27 22:12:13 2026 by rpki-client