Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: 96TvRgw2A/8m7mEoecC4NdStqso3RBX+IrKF6Xh9WK4=
Subject key identifier: 7D:C3:A5:5B:1D:C4:F3:AB:06:4D:13:F5:EA:0E:92:00:CF:E5:5E:A3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 086DF53BF7CAC8F48E760FD2A7D8F4E290A4AF38
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
Signing time: Mon 13 Oct 2025 08:04:21 +0000
ROA not before: Mon 13 Oct 2025 07:59:21 +0000
ROA not after: Mon 12 Oct 2026 08:04:21 +0000
asID: 137235
IP address blocks: 91.124.204.0/24 maxlen: 24
92.112.54.0/24 maxlen: 24
178.92.135.0/24 maxlen: 24
178.95.4.0/24 maxlen: 24
178.95.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:6d:f5:3b:f7:ca:c8:f4:8e:76:0f:d2:a7:d8:f4:e2:90:a4:af:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 13 07:59:21 2025 GMT
Not After : Oct 12 08:04:21 2026 GMT
Subject: CN=7DC3A55B1DC4F3AB064D13F5EA0E9200CFE55EA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a8:ed:2b:03:cd:91:6b:aa:ee:9d:31:64:e4:
26:7d:6c:70:24:9c:2d:44:e0:23:35:6d:70:79:cb:
75:bf:d4:55:43:1d:32:e7:56:24:9d:d0:40:f1:82:
10:9e:f5:03:b9:cb:26:7e:a5:bb:6e:61:a9:68:c7:
ea:0d:21:9f:79:23:98:0f:b0:a8:32:ad:f8:0b:0b:
13:fa:de:7e:f4:be:23:60:73:10:81:2e:30:93:68:
88:b9:41:79:72:2e:97:72:b7:03:e0:cc:d6:1a:35:
33:cc:47:55:23:fc:05:4c:f0:e7:d6:eb:31:42:9d:
f1:8d:33:09:7f:bc:7d:f8:9f:df:65:27:28:a6:75:
5d:ed:19:67:6e:09:56:40:cd:ab:b1:c9:0f:f3:9f:
80:cb:49:24:86:3c:89:e8:01:c9:e7:d1:2c:98:08:
08:bf:e7:2c:ea:40:4a:b1:51:f2:74:ad:b4:5b:ed:
5f:09:82:69:0f:34:7e:d2:27:c7:23:9b:80:39:4d:
7b:d3:e0:7e:a4:96:4c:f0:94:ca:20:fc:45:47:1c:
c4:c7:01:c3:af:41:8b:2b:ca:96:e8:73:dd:e6:0b:
19:fb:4f:1f:1d:69:36:de:9e:b1:70:db:d4:05:1d:
68:55:c7:db:af:ef:76:e7:44:6e:fa:cc:2f:1f:94:
9e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C3:A5:5B:1D:C4:F3:AB:06:4D:13:F5:EA:0E:92:00:CF:E5:5E:A3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.204.0/24
92.112.54.0/24
178.92.135.0/24
178.95.4.0/24
178.95.239.0/24
Signature Algorithm: sha256WithRSAEncryption
72:04:a5:a1:f3:ef:14:5c:cd:65:c7:e0:7e:39:0f:d5:f0:47:
1e:f2:75:04:df:fd:35:7b:d4:2a:1a:5a:fb:92:b8:f1:15:d4:
56:eb:e2:65:45:b1:92:d7:4c:9b:bd:02:83:ae:2a:6a:72:91:
55:9a:d5:db:0b:19:e7:67:93:40:9c:36:14:79:51:f4:4a:86:
4b:7c:74:c8:1c:84:f4:10:20:4a:87:49:c2:65:36:17:b1:d8:
4e:85:c6:df:df:21:79:cc:9c:8c:e2:0e:5f:b9:77:35:ca:2d:
8f:c3:1a:7d:6e:d5:31:04:ee:08:cc:30:3f:07:31:21:b8:53:
29:6f:ad:40:ec:b0:12:fd:80:1f:19:18:1d:7f:6c:8e:19:78:
f5:ca:60:58:b3:54:70:c5:17:42:9a:a5:0c:ee:82:dd:1a:ac:
fe:02:7c:0d:27:5b:43:40:bd:a6:68:9d:31:36:db:12:b3:1e:
5b:5c:f3:77:4b:a0:63:a6:3c:88:0b:8b:15:56:1a:a6:5e:8c:
18:0a:ea:d0:87:72:4e:22:44:b4:27:44:8e:89:bb:8a:76:0f:
79:8d:32:f4:28:a1:e8:20:ab:97:fe:b9:ac:09:89:c9:ca:da:
b8:f2:a4:71:9c:be:b1:e9:cd:35:08:0b:9d:99:60:08:ca:25:
56:cb:77:a5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUCG31O/fKyPSOdg/Sp9j04pCkrzgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTMwNzU5MjFaFw0yNjEwMTIwODA0MjFaMDMxMTAvBgNV
BAMTKDdEQzNBNTVCMURDNEYzQUIwNjREMTNGNUVBMEU5MjAwQ0ZFNTVFQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFqO0rA82Ra6runTFk5CZ9bHAk
nC1E4CM1bXB5y3W/1FVDHTLnViSd0EDxghCe9QO5yyZ+pbtuYalox+oNIZ95I5gP
sKgyrfgLCxP63n70viNgcxCBLjCTaIi5QXlyLpdytwPgzNYaNTPMR1Uj/AVM8OfW
6zFCnfGNMwl/vH34n99lJyimdV3tGWduCVZAzauxyQ/zn4DLSSSGPInoAcnn0SyY
CAi/5yzqQEqxUfJ0rbRb7V8JgmkPNH7SJ8cjm4A5TXvT4H6klkzwlMog/EVHHMTH
AcOvQYsrypboc93mCxn7Tx8daTbenrFw29QFHWhVx9uv73bnRG76zC8flJ6VAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUfcOlWx3E86sGTRP16g6SAM/lXqMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW3zM
AwQAXHA2AwQAslyHAwQAsl8EAwQAsl/vMA0GCSqGSIb3DQEBCwUAA4IBAQByBKWh
8+8UXM1lx+B+OQ/V8Ece8nUE3/01e9QqGlr7krjxFdRW6+JlRbGS10ybvQKDripq
cpFVmtXbCxnnZ5NAnDYUeVH0SoZLfHTIHIT0ECBKh0nCZTYXsdhOhcbf3yF5zJyM
4g5fuXc1yi2Pwxp9btUxBO4IzDA/BzEhuFMpb61A7LAS/YAfGRgdf2yOGXj1ymBY
s1RwxRdCmqUM7oLdGqz+AnwNJ1tDQL2maJ0xNtsSsx5bXPN3S6BjpjyIC4sVVhqm
XowYCurQh3JOIkS0J0SOibuKdg95jTL0KKHoIKuX/rmsCYnJytq48qRxnL6x6c01
CAudmWAIyiVWy3el
-----END CERTIFICATE-----
Generated at Thu Oct 16 21:33:13 2025 by rpki-client