Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS202678.roa
File: AS202678.roa (raw, json)
Hash identifier: swTppsVtsLprid9/uJ6BLyJg1hUnwn8zNoTrJEifA8U=
Subject key identifier: 93:87:0D:47:39:E2:09:7D:F5:19:66:80:C1:AB:16:A2:EF:68:95:C1
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 7E3623A11EC82BD5438CD534FE3386A1749B2911
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS202678.roa
Signing time: Wed 14 May 2025 10:29:05 +0000
ROA not before: Wed 14 May 2025 10:24:05 +0000
ROA not after: Wed 13 May 2026 10:29:05 +0000
asID: 202678
IP address blocks: 31.40.197.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
62.182.32.0/24 maxlen: 24
62.182.33.0/24 maxlen: 24
62.182.34.0/24 maxlen: 24
62.182.35.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
139.28.48.0/24 maxlen: 24
139.28.49.0/24 maxlen: 24
139.28.50.0/24 maxlen: 24
139.28.51.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.231.224.0/24 maxlen: 24
212.115.100.0/24 maxlen: 24
212.115.101.0/24 maxlen: 24
212.115.102.0/24 maxlen: 24
212.115.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:36:23:a1:1e:c8:2b:d5:43:8c:d5:34:fe:33:86:a1:74:9b:29:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: May 14 10:24:05 2025 GMT
Not After : May 13 10:29:05 2026 GMT
Subject: CN=93870D4739E2097DF5196680C1AB16A2EF6895C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:20:7f:c9:af:75:b0:01:f1:c7:01:c9:3a:f0:
ce:af:62:fc:bf:c3:d7:dd:8c:92:79:49:1b:be:27:
c0:4c:81:dd:9a:48:f9:f2:cf:23:77:d5:d9:04:18:
05:df:3b:7d:65:bf:90:37:72:a8:0d:bf:ad:21:18:
7c:4b:aa:1a:af:84:69:b9:10:e7:32:2b:98:97:86:
77:64:1a:6f:fa:75:e9:5a:a5:f7:c8:4f:e4:d3:66:
86:c8:38:15:6c:fb:bb:a7:ef:24:f2:85:74:e1:8e:
1d:89:f8:4f:30:89:08:f6:7b:14:93:46:9c:62:29:
c0:59:da:28:fd:37:6a:f1:7d:b3:84:0e:fb:e2:e2:
10:5f:d5:e4:0b:94:60:2b:21:10:bc:74:73:bd:7a:
c4:69:ba:13:2d:82:ba:cb:98:5b:78:7c:81:8e:56:
48:d8:cf:8d:cf:54:d2:c7:69:79:48:60:9f:35:de:
63:26:32:ab:83:c6:09:26:a5:ac:26:fc:14:0f:83:
63:49:33:0d:60:5c:11:53:b2:62:73:f1:42:24:25:
4f:c2:de:52:77:b9:0b:31:15:88:f4:64:8d:3e:b0:
a1:78:1a:d3:65:c6:99:7c:28:ec:74:92:9a:85:cf:
c5:14:d0:80:83:3c:16:9c:53:69:04:2d:3d:fd:3e:
41:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:87:0D:47:39:E2:09:7D:F5:19:66:80:C1:AB:16:A2:EF:68:95:C1
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS202678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.197.0/24
31.40.204.0/24
37.221.76.0/23
62.182.32.0/22
92.249.63.0/24
139.28.48.0/22
176.96.130.0/24
185.231.224.0/24
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
64:16:ec:8e:00:3b:32:12:bf:e4:b7:ab:48:bc:39:22:7b:37:
6e:b7:13:e1:ed:ca:17:be:ca:60:fd:2f:e3:94:a6:c2:a8:e2:
5e:4f:0e:65:ce:d9:4a:39:f8:d4:af:d0:95:9a:98:72:af:2c:
0b:0e:c9:73:6d:a9:02:c9:d4:2c:7d:41:9b:85:12:4f:37:f9:
75:dc:ee:fb:62:87:ad:fc:4f:f7:a1:04:53:b4:93:1b:7b:7a:
5b:5f:44:6a:23:29:fc:03:de:6a:49:42:9d:7e:80:a8:9c:c0:
08:6e:39:79:e3:7e:50:70:e7:27:14:d3:c3:3f:3e:19:f4:80:
41:e8:12:86:e9:d7:c6:61:b0:46:ea:f3:80:91:93:02:16:a0:
c4:aa:77:91:75:06:1a:30:7a:fd:f7:a6:3c:44:23:13:0c:94:
a9:74:6f:3c:e4:39:86:ba:ad:88:84:fc:a1:93:7a:8c:03:e7:
42:4d:8f:08:ac:0b:82:4f:7c:22:0d:e7:ad:73:29:61:63:93:
d2:75:d2:af:97:0c:bd:1c:6a:d5:bc:53:74:97:ca:90:a6:93:
f5:59:b5:a9:10:87:c3:3f:45:fb:43:03:df:d4:d9:9b:12:f3:
7c:49:49:72:f9:81:a4:6a:9a:87:16:5e:fd:d6:67:46:e7:61:
d3:a4:38:20
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUfjYjoR7IK9VDjNU0/jOGoXSbKREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA1MTQxMDI0MDVaFw0yNjA1MTMxMDI5MDVaMDMxMTAvBgNV
BAMTKDkzODcwRDQ3MzlFMjA5N0RGNTE5NjY4MEMxQUIxNkEyRUY2ODk1QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnIH/Jr3WwAfHHAck68M6vYvy/
w9fdjJJ5SRu+J8BMgd2aSPnyzyN31dkEGAXfO31lv5A3cqgNv60hGHxLqhqvhGm5
EOcyK5iXhndkGm/6delapffIT+TTZobIOBVs+7un7yTyhXThjh2J+E8wiQj2exST
RpxiKcBZ2ij9N2rxfbOEDvvi4hBf1eQLlGArIRC8dHO9esRpuhMtgrrLmFt4fIGO
VkjYz43PVNLHaXlIYJ813mMmMquDxgkmpawm/BQPg2NJMw1gXBFTsmJz8UIkJU/C
3lJ3uQsxFYj0ZI0+sKF4GtNlxpl8KOx0kpqFz8UU0ICDPBacU2kELT39PkHXAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUk4cNRzniCX31GWaAwasWou9olcEwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjAyNjc4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHyjF
AwQAHyjMAwQBJd1MAwQCPrYgAwQAXPk/AwQCixwwAwQAsGCCAwQAuefgAwQC1HNk
MA0GCSqGSIb3DQEBCwUAA4IBAQBkFuyOADsyEr/kt6tIvDkiezdutxPh7coXvspg
/S/jlKbCqOJeTw5lztlKOfjUr9CVmphyrywLDslzbakCydQsfUGbhRJPN/l13O77
Yoet/E/3oQRTtJMbe3pbX0RqIyn8A95qSUKdfoConMAIbjl5435QcOcnFNPDPz4Z
9IBB6BKG6dfGYbBG6vOAkZMCFqDEqneRdQYaMHr996Y8RCMTDJSpdG885DmGuq2I
hPyhk3qMA+dCTY8IrAuCT3wiDeetcylhY5PSddKvlwy9HGrVvFN0l8qQppP1WbWp
EIfDP0X7QwPf1NmbEvN8SUly+YGkapqHFl791mdG52HTpDgg
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:23:18 2025 by rpki-client