Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS205733.roa
File: AS205733.roa (raw, json)
Hash identifier: JZSb/msRPh8HzrRkHdqAK0cIg//sdeCYp0eBYb/LvC0=
Subject key identifier: 24:E2:FC:D7:2B:AF:E3:F6:F6:E7:E4:F4:A2:C0:F6:7E:B6:07:09:31
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7506F65F6116CD6F427FAA30D72205CE1A2E5FB6
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS205733.roa
Signing time: Tue 12 Aug 2025 18:07:43 +0000
ROA not before: Tue 12 Aug 2025 18:02:43 +0000
ROA not after: Tue 11 Aug 2026 18:07:43 +0000
asID: 205733
IP address blocks: 91.124.37.0/24 maxlen: 24
92.112.71.0/24 maxlen: 24
95.134.31.0/24 maxlen: 24
95.134.70.0/24 maxlen: 24
95.135.173.0/24 maxlen: 24
95.135.228.0/24 maxlen: 24
178.92.96.0/24 maxlen: 24
178.92.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 16:54:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:06:f6:5f:61:16:cd:6f:42:7f:aa:30:d7:22:05:ce:1a:2e:5f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 12 18:02:43 2025 GMT
Not After : Aug 11 18:07:43 2026 GMT
Subject: CN=24E2FCD72BAFE3F6F6E7E4F4A2C0F67EB6070931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b5:fd:bf:fc:6c:51:0c:43:ff:4e:c7:c4:50:
fb:00:89:69:f6:e4:a3:4b:1f:1a:66:ef:af:19:37:
be:ef:ff:7a:1a:64:d2:7c:ab:39:f5:bf:01:ae:24:
7c:e9:5d:67:73:f6:ef:19:fe:2e:38:d5:9d:2c:c9:
fb:3a:34:2f:42:9c:03:20:09:a3:8a:f7:3b:83:ab:
f3:f3:5c:f1:a1:32:a1:9b:15:95:71:da:84:b3:7a:
70:84:6f:d8:63:85:97:14:24:af:6d:2f:4d:7d:80:
8a:d4:0d:63:4a:4c:08:2c:52:97:d0:5d:b6:4d:85:
ff:0c:bc:9e:4b:07:2d:76:d0:27:32:72:50:72:cb:
dd:13:02:c1:34:36:ae:f8:93:68:47:d4:19:8c:35:
ee:f8:e5:25:8f:2e:51:aa:3b:d2:a3:d8:46:a7:79:
ba:b5:86:0b:88:06:d4:89:d6:3d:3e:af:66:a4:9f:
c9:9f:b5:3d:c8:55:1d:4e:c1:2b:35:81:f4:45:c8:
a3:a4:3b:d9:c5:c0:e7:a9:1b:20:70:09:d3:9d:d2:
4b:6a:e3:a7:5f:8d:ca:95:52:51:4c:f8:e4:b7:1d:
2d:07:0f:26:21:b6:59:bd:b1:51:33:de:4c:7d:74:
df:8a:b0:cd:b5:fb:7e:63:b9:dc:b8:a8:1b:f5:db:
0b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E2:FC:D7:2B:AF:E3:F6:F6:E7:E4:F4:A2:C0:F6:7E:B6:07:09:31
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS205733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.37.0/24
92.112.71.0/24
95.134.31.0/24
95.134.70.0/24
95.135.173.0/24
95.135.228.0/24
178.92.96.0/24
178.92.255.0/24
Signature Algorithm: sha256WithRSAEncryption
68:01:a3:6e:6f:29:ec:c6:6d:aa:3f:a6:ee:e8:63:63:b8:5f:
7a:ce:52:74:ad:83:88:8a:12:9d:6d:88:4b:1b:f6:f2:0f:08:
c8:b2:0d:76:56:34:02:41:80:c3:29:f4:11:79:04:27:83:0f:
bb:36:ea:69:32:b1:98:f9:59:21:63:92:02:c3:6a:94:2f:3d:
11:03:20:0f:d2:91:6d:37:10:e7:a5:a2:74:62:6f:20:a3:93:
ed:c1:0f:f7:da:80:b7:35:05:74:01:86:27:19:46:01:18:d4:
26:14:7b:e9:c9:db:19:d3:5c:70:64:cf:d9:0d:3b:b9:30:aa:
6e:ec:6a:8f:a6:83:4b:c3:51:40:2d:b8:2f:90:57:ef:11:92:
15:82:ef:6d:af:96:c3:4f:86:4d:1f:7a:56:ab:eb:48:bb:f5:
6e:fc:8a:a6:0f:7f:8b:cd:8e:c3:fd:16:bd:7f:df:93:a7:d1:
52:94:f6:20:7c:34:01:8c:47:1b:f4:72:1a:67:41:31:e1:22:
0a:68:0c:13:77:b4:21:30:81:ce:7d:3b:da:08:c1:d5:5a:53:
da:6a:e1:86:bb:a9:39:eb:25:9d:d1:ff:34:73:38:3b:e9:e2:
01:cd:e2:58:23:b4:cd:ca:be:24:17:40:d4:be:59:99:f9:d0:
75:70:ee:4b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUdQb2X2EWzW9Cf6ow1yIFzhouX7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MTIxODAyNDNaFw0yNjA4MTExODA3NDNaMDMxMTAvBgNV
BAMTKDI0RTJGQ0Q3MkJBRkUzRjZGNkU3RTRGNEEyQzBGNjdFQjYwNzA5MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDtf2//GxRDEP/TsfEUPsAiWn2
5KNLHxpm768ZN77v/3oaZNJ8qzn1vwGuJHzpXWdz9u8Z/i441Z0syfs6NC9CnAMg
CaOK9zuDq/PzXPGhMqGbFZVx2oSzenCEb9hjhZcUJK9tL019gIrUDWNKTAgsUpfQ
XbZNhf8MvJ5LBy120CcyclByy90TAsE0Nq74k2hH1BmMNe745SWPLlGqO9Kj2Ean
ebq1hguIBtSJ1j0+r2akn8mftT3IVR1OwSs1gfRFyKOkO9nFwOepGyBwCdOd0ktq
46dfjcqVUlFM+OS3HS0HDyYhtlm9sVEz3kx9dN+KsM21+35judy4qBv12wtzAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUJOL81yuv4/b25+T0osD2frYHCTEwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA1NzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAW3wl
AwQAXHBHAwQAX4YfAwQAX4ZGAwQAX4etAwQAX4fkAwQAslxgAwQAslz/MA0GCSqG
SIb3DQEBCwUAA4IBAQBoAaNubynsxm2qP6bu6GNjuF96zlJ0rYOIihKdbYhLG/by
DwjIsg12VjQCQYDDKfQReQQngw+7NuppMrGY+VkhY5ICw2qULz0RAyAP0pFtNxDn
paJ0Ym8go5PtwQ/32oC3NQV0AYYnGUYBGNQmFHvpydsZ01xwZM/ZDTu5MKpu7GqP
poNLw1FALbgvkFfvEZIVgu9tr5bDT4ZNH3pWq+tIu/Vu/IqmD3+LzY7D/Ra9f9+T
p9FSlPYgfDQBjEcb9HIaZ0Ex4SIKaAwTd7QhMIHOfTvaCMHVWlPaauGGu6k56yWd
0f80czg76eIBzeJYI7TNyr4kF0DUvlmZ+dB1cO5L
-----END CERTIFICATE-----
Generated at Thu Aug 21 06:06:41 2025 by rpki-client