
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: n+M44Fy13jJRDPBF6b8YNJ3E4It06IL/F7P+RVRO8SU=
Subject key identifier: 42:47:85:73:40:59:FE:DD:18:26:8C:4A:A3:9F:62:A0:B7:B1:2D:3C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6F77F00D7807FA5D7CBA64D0A1C7EEAEE532ADC8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
Signing time: Mon 30 Jun 2025 10:08:09 +0000
ROA not before: Mon 30 Jun 2025 10:03:09 +0000
ROA not after: Mon 29 Jun 2026 10:08:09 +0000
asID: 137235
IP address blocks: 178.95.4.0/24 maxlen: 24
178.95.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 01:10:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:77:f0:0d:78:07:fa:5d:7c:ba:64:d0:a1:c7:ee:ae:e5:32:ad:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 30 10:03:09 2025 GMT
Not After : Jun 29 10:08:09 2026 GMT
Subject: CN=424785734059FEDD18268C4AA39F62A0B7B12D3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:97:18:a7:85:1e:16:20:f0:ce:92:55:4a:d4:
b4:b7:a6:f4:e7:b1:86:5e:5f:9f:2c:a5:10:ef:5c:
f8:62:aa:44:87:11:03:3b:32:ff:c9:61:0d:b9:46:
79:4f:9b:5e:34:fb:1e:a6:f5:80:fb:5e:3b:16:fa:
3b:da:31:e1:43:16:fa:bc:b4:3c:88:48:08:59:d8:
5e:6c:3e:d7:d7:9e:fc:e4:5d:a3:39:04:57:fd:3a:
94:c4:cf:05:7a:f6:67:14:9b:aa:6a:15:16:7e:5f:
d6:59:73:9a:14:d3:f7:c9:a6:33:85:9d:a1:99:b4:
72:59:7d:80:69:fa:f9:66:fc:41:94:a1:1f:c0:45:
82:5a:22:5a:af:bf:b4:1a:b1:17:f1:f2:52:e6:5d:
b4:55:5e:15:50:95:c2:ef:0f:2e:45:f0:aa:21:94:
b7:dc:48:b5:f0:c8:d7:9b:25:82:a6:c0:42:da:48:
fd:44:98:84:4e:af:80:0b:46:65:88:f6:df:da:7d:
5b:56:f4:11:4b:11:ab:88:1d:f2:8f:41:84:71:ee:
d2:3c:6c:8e:bf:08:bb:eb:4d:21:f6:71:f7:02:b2:
a1:99:54:ba:8c:49:09:67:b8:ad:dd:6c:93:c9:87:
5e:92:16:ab:7c:86:4b:b0:b7:d6:de:17:d9:f3:b1:
17:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:47:85:73:40:59:FE:DD:18:26:8C:4A:A3:9F:62:A0:B7:B1:2D:3C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.95.4.0/24
178.95.239.0/24
Signature Algorithm: sha256WithRSAEncryption
59:fb:b9:df:8e:ca:3c:a3:56:74:c2:dc:e9:01:4e:a0:cd:e9:
ac:02:f7:6d:cc:fe:37:14:b4:60:a0:4d:cd:35:9d:68:68:a7:
fb:79:8a:95:fa:23:5c:fb:29:a7:c4:80:1c:a1:ef:d7:6a:8b:
f4:0a:91:0d:d6:39:f4:b6:f9:b6:aa:e1:03:9e:a4:9a:8a:2d:
b3:49:1b:08:35:b1:15:c6:ed:b7:ae:84:f4:8b:e0:07:c0:e5:
84:4f:c1:d5:f6:f5:11:d9:b9:fb:a5:ab:f6:72:49:41:ed:ae:
27:87:ec:ab:d8:fc:74:32:8b:73:29:f6:4c:3b:f2:6d:8c:37:
d8:70:78:3b:89:b5:a9:76:2b:85:10:7d:b3:ca:05:3d:b3:25:
75:51:67:14:37:28:ef:72:be:d5:cb:66:f4:5c:65:ce:74:37:
21:0a:e1:bc:0b:97:d3:ae:a0:16:2c:69:43:85:97:b9:94:de:
74:ce:d3:7e:7c:aa:59:0f:79:75:c0:a7:9f:df:05:d1:44:44:
5a:d1:37:f8:49:ad:28:57:a6:a7:3d:07:7a:a7:11:64:de:76:
5d:ce:7d:ec:f5:46:e8:0d:e5:f1:b8:b8:1d:07:3d:32:2c:07:
b2:c1:96:2c:d1:d3:f8:a4:79:f7:47:e2:5b:87:fc:d3:3d:1c:
1d:16:6d:d9
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUb3fwDXgH+l18umTQocfuruUyrcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MzAxMDAzMDlaFw0yNjA2MjkxMDA4MDlaMDMxMTAvBgNV
BAMTKDQyNDc4NTczNDA1OUZFREQxODI2OEM0QUEzOUY2MkEwQjdCMTJEM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFlxinhR4WIPDOklVK1LS3pvTn
sYZeX58spRDvXPhiqkSHEQM7Mv/JYQ25RnlPm140+x6m9YD7XjsW+jvaMeFDFvq8
tDyISAhZ2F5sPtfXnvzkXaM5BFf9OpTEzwV69mcUm6pqFRZ+X9ZZc5oU0/fJpjOF
naGZtHJZfYBp+vlm/EGUoR/ARYJaIlqvv7QasRfx8lLmXbRVXhVQlcLvDy5F8Koh
lLfcSLXwyNebJYKmwELaSP1EmIROr4ALRmWI9t/afVtW9BFLEauIHfKPQYRx7tI8
bI6/CLvrTSH2cfcCsqGZVLqMSQlnuK3dbJPJh16SFqt8hkuwt9beF9nzsRfNAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUQkeFc0BZ/t0YJoxKo59ioLexLTwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsl8E
AwQAsl/vMA0GCSqGSIb3DQEBCwUAA4IBAQBZ+7nfjso8o1Z0wtzpAU6gzemsAvdt
zP43FLRgoE3NNZ1oaKf7eYqV+iNc+ymnxIAcoe/Xaov0CpEN1jn0tvm2quEDnqSa
ii2zSRsINbEVxu23roT0i+AHwOWET8HV9vUR2bn7pav2cklB7a4nh+yr2Px0Motz
KfZMO/JtjDfYcHg7ibWpdiuFEH2zygU9syV1UWcUNyjvcr7Vy2b0XGXOdDchCuG8
C5fTrqAWLGlDhZe5lN50ztN+fKpZD3l1wKef3wXRRERa0Tf4Sa0oV6anPQd6pxFk
3nZdzn3s9UboDeXxuLgdBz0yLAeywZYs0dP4pHn3R+Jbh/zTPRwdFm3Z
-----END CERTIFICATE-----
Generated at Wed Jul 2 13:35:28 2025 by rpki-client