Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS200017.roa
File: AS200017.roa (raw, json)
Hash identifier: XN7Kp4OU4Iua3a/g9lIChYB0aPor3gvg8rQdJpOTtwA=
Subject key identifier: 98:26:3A:4D:F4:1C:33:0F:A7:E9:F2:F7:9F:BB:D5:C0:FB:57:67:B7
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 392E7AAF18D06BC6BFC2B8DD776362578D4D6A64
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS200017.roa
Signing time: Tue 21 Apr 2026 09:34:22 +0000
ROA not before: Tue 21 Apr 2026 09:29:22 +0000
ROA not after: Tue 20 Apr 2027 09:34:22 +0000
asID: 200017
IP address blocks: 95.135.240.0/24 maxlen: 24
178.93.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 07:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:2e:7a:af:18:d0:6b:c6:bf:c2:b8:dd:77:63:62:57:8d:4d:6a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 21 09:29:22 2026 GMT
Not After : Apr 20 09:34:22 2027 GMT
Subject: CN=98263A4DF41C330FA7E9F2F79FBBD5C0FB5767B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:db:4a:ba:49:93:14:e3:cc:6c:f9:3e:ff:57:
76:bf:27:d5:4e:b8:74:47:98:01:85:69:b1:3d:0e:
2f:39:84:42:49:65:84:d6:9f:0f:c6:18:6f:bf:d4:
70:02:bc:dc:e5:5d:db:a6:8f:4a:bd:bf:e4:00:9c:
b0:a6:cd:af:1a:f5:55:5d:92:09:be:2f:fe:56:4e:
07:60:1a:42:1a:c6:e0:08:8d:3b:91:02:ef:45:16:
0f:65:14:9f:2b:66:32:d9:9c:58:36:8b:1b:d1:d8:
e9:9c:6d:f6:af:ec:9f:89:83:a4:e4:37:7a:fd:98:
37:e0:46:b1:58:96:00:06:aa:43:f6:70:41:f1:8c:
ee:87:6b:b7:26:bc:d8:4e:c7:01:19:d5:8e:a3:e2:
6b:fc:96:57:50:25:fb:1b:c4:a2:6b:06:55:33:d1:
8e:11:b6:bb:cf:a1:6e:a0:9d:63:0d:97:d9:7c:a2:
0b:cb:29:72:e3:8b:62:81:cf:aa:c2:87:65:32:62:
d2:9f:5a:e7:4f:ce:86:66:82:ee:2f:57:39:07:a3:
0c:c1:c0:27:6a:a4:a3:ab:4d:53:ad:f2:1c:b0:b7:
17:11:4d:ac:1d:0a:d2:ea:cf:3b:be:ad:bf:7f:c2:
dd:bf:3c:78:f9:60:be:d6:42:e9:8e:7a:b6:49:35:
94:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:26:3A:4D:F4:1C:33:0F:A7:E9:F2:F7:9F:BB:D5:C0:FB:57:67:B7
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS200017.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.135.240.0/24
178.93.79.0/24
Signature Algorithm: sha256WithRSAEncryption
29:99:1c:ae:f0:b3:22:af:a5:27:91:17:6c:6f:3d:4c:d9:00:
ee:9d:0d:cc:ae:16:c8:09:47:a6:d9:63:62:e5:04:a0:e1:15:
b4:25:50:d0:80:ad:c6:57:48:8e:62:97:d5:b3:ec:a6:76:e1:
ac:25:d4:b3:78:9e:b1:ff:30:f4:67:fa:60:f7:ae:89:78:b1:
a3:68:64:b5:48:43:bc:01:f1:94:a9:0a:5a:fa:2f:28:74:2d:
cc:e1:d2:6c:49:eb:0a:7b:7c:59:0b:c1:69:d6:bb:cd:7f:c6:
99:1a:e7:dc:16:93:b6:97:a2:b3:79:f5:d3:15:2d:27:b4:3d:
63:3a:c0:9a:99:54:ce:cc:af:fd:c2:6d:a8:5b:d6:cd:ed:8d:
cc:3a:5d:7e:0a:a0:20:03:18:4c:98:4f:aa:4f:7b:23:70:6d:
3a:90:ef:cc:9e:dc:20:08:53:04:08:60:ab:b8:59:58:17:9e:
89:23:9a:0e:87:6f:d1:38:cc:43:13:fe:59:3d:57:95:53:30:
4d:43:e3:c6:af:e7:0d:5d:90:3a:ee:ae:2a:bd:2e:62:4d:05:
4d:33:1e:ff:e5:9a:ca:5d:05:d8:46:0a:1d:70:18:be:3c:19:
04:4b:c7:f4:1d:83:fc:ed:fc:eb:a2:56:5d:b4:e8:ef:9c:b2:
50:78:ae:e8
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUOS56rxjQa8a/wrjdd2NiV41NamQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA0MjEwOTI5MjJaFw0yNzA0MjAwOTM0MjJaMDMxMTAvBgNV
BAMTKDk4MjYzQTRERjQxQzMzMEZBN0U5RjJGNzlGQkJENUMwRkI1NzY3QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP20q6SZMU48xs+T7/V3a/J9VO
uHRHmAGFabE9Di85hEJJZYTWnw/GGG+/1HACvNzlXdumj0q9v+QAnLCmza8a9VVd
kgm+L/5WTgdgGkIaxuAIjTuRAu9FFg9lFJ8rZjLZnFg2ixvR2Omcbfav7J+Jg6Tk
N3r9mDfgRrFYlgAGqkP2cEHxjO6Ha7cmvNhOxwEZ1Y6j4mv8lldQJfsbxKJrBlUz
0Y4RtrvPoW6gnWMNl9l8ogvLKXLji2KBz6rCh2UyYtKfWudPzoZmgu4vVzkHowzB
wCdqpKOrTVOt8hywtxcRTawdCtLqzzu+rb9/wt2/PHj5YL7WQumOerZJNZSXAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUmCY6TfQcMw+n6fL3n7vVwPtXZ7cwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjAwMDE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX4fw
AwQAsl1PMA0GCSqGSIb3DQEBCwUAA4IBAQApmRyu8LMir6UnkRdsbz1M2QDunQ3M
rhbICUem2WNi5QSg4RW0JVDQgK3GV0iOYpfVs+ymduGsJdSzeJ6x/zD0Z/pg966J
eLGjaGS1SEO8AfGUqQpa+i8odC3M4dJsSesKe3xZC8Fp1rvNf8aZGufcFpO2l6Kz
efXTFS0ntD1jOsCamVTOzK/9wm2oW9bN7Y3MOl1+CqAgAxhMmE+qT3sjcG06kO/M
ntwgCFMECGCruFlYF56JI5oOh2/ROMxDE/5ZPVeVUzBNQ+PGr+cNXZA67q4qvS5i
TQVNMx7/5ZrKXQXYRgodcBi+PBkES8f0HYP87fzrolZdtOjvnLJQeK7o
-----END CERTIFICATE-----
Generated at Tue Apr 21 15:25:43 2026 by rpki-client