Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2856.roa
File: AS2856.roa (raw, json)
Hash identifier: nlWy9p6T0Cynu3X/GfyyUzJklFSpN2fDTBa7XdcfDJI=
Subject key identifier: 1B:6E:E6:C3:C0:C0:7E:8F:E6:BD:46:88:FC:8C:72:D9:9D:29:CE:88
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 62B2CBD1F412597E6D525B1AACFDCAAC6925B22E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2856.roa
Signing time: Wed 17 Jun 2026 00:03:36 +0000
ROA not before: Tue 16 Jun 2026 23:58:36 +0000
ROA not after: Wed 16 Jun 2027 00:03:36 +0000
asID: 2856
IP address blocks: 178.92.112.0/22 maxlen: 22
178.92.180.0/22 maxlen: 24
178.93.104.0/22 maxlen: 24
178.94.244.0/22 maxlen: 24
178.95.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Jun 2026 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:b2:cb:d1:f4:12:59:7e:6d:52:5b:1a:ac:fd:ca:ac:69:25:b2:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 16 23:58:36 2026 GMT
Not After : Jun 16 00:03:36 2027 GMT
Subject: CN=1B6EE6C3C0C07E8FE6BD4688FC8C72D99D29CE88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:10:6e:ad:43:d2:98:59:75:d1:d3:b1:be:ba:
43:3f:80:d3:44:7f:c5:15:d2:4d:ac:a6:07:dd:fb:
10:8e:21:90:5b:15:b4:f7:79:9c:b6:6d:c1:3b:e3:
2c:b6:fe:02:e7:17:5b:f3:b5:b6:91:91:00:c9:92:
8d:0f:e8:ff:bd:e8:af:a3:8b:dd:e0:62:b3:59:b3:
15:be:ac:02:8e:d0:8f:37:d9:89:37:3c:e6:e4:5d:
df:e9:ba:ad:91:02:3f:4d:f2:1d:fc:05:b2:27:03:
cf:87:75:6c:00:c5:3a:9b:03:5e:eb:33:da:13:40:
76:1b:ab:bb:cd:03:d5:13:37:86:e8:4b:bd:3a:0f:
84:0a:b5:a8:13:83:4b:0e:34:33:2d:84:f2:6d:2f:
79:22:7f:04:43:2c:b4:4e:29:4f:5b:7a:0b:24:76:
e8:2f:3b:0c:ec:db:04:14:07:2a:14:62:39:08:fd:
ab:67:69:77:c8:32:cc:a7:a5:fe:8c:39:20:f4:a1:
57:e1:3a:ec:e8:03:f2:f4:86:c7:0b:ea:80:7f:59:
a5:78:43:da:b3:6f:18:bc:a5:3c:e4:7b:dc:4b:e2:
37:a9:96:11:95:fe:20:c2:10:e1:ec:81:3b:bd:b4:
7f:ff:5e:36:de:0b:9b:38:92:34:44:c6:3c:0a:31:
30:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6E:E6:C3:C0:C0:7E:8F:E6:BD:46:88:FC:8C:72:D9:9D:29:CE:88
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2856.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.92.112.0/22
178.92.180.0/22
178.93.104.0/22
178.94.244.0/22
178.95.60.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:0b:33:8d:dc:da:af:22:b6:16:a3:8a:22:ef:7e:72:87:df:
82:a3:e1:c7:bd:16:2a:ec:96:09:23:d7:f3:cc:6c:59:e6:0b:
09:7d:f2:59:1c:87:90:53:ca:1b:ab:74:17:88:98:e8:2d:ae:
9e:26:cb:ea:da:f2:d5:b0:98:fc:a0:b8:09:04:11:2a:40:39:
13:40:04:d6:1b:e3:bf:48:e6:72:0d:34:16:4e:84:8d:58:e7:
d6:b3:23:36:c0:b1:ed:ee:06:87:74:22:6d:cf:06:b5:a7:cd:
66:a3:16:af:1e:7b:dd:61:df:a1:05:f9:74:b0:f5:7a:0e:bd:
79:48:d5:ad:32:8c:48:ec:00:f0:9b:dd:c6:f9:91:46:81:92:
b1:fb:3c:41:34:99:d8:5b:c6:85:17:c1:c0:0d:8e:0e:94:4a:
93:75:d5:c2:2b:85:fe:99:4b:00:6d:e4:25:1a:52:41:d1:63:
9d:da:f1:16:70:26:43:8e:75:88:61:b6:90:46:e4:4c:61:f9:
6e:f8:b8:b7:9b:a9:8d:f8:2d:8f:f0:84:84:d1:20:c3:b3:aa:
9d:9d:44:fd:3d:3d:2c:56:3a:90:9d:dd:21:8e:04:9f:14:ea:
42:60:1f:42:c1:4f:70:dd:43:d9:36:e7:e3:5a:8c:da:01:0e:
2e:73:22:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUYrLL0fQSWX5tUlsarP3KrGklsi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA2MTYyMzU4MzZaFw0yNzA2MTYwMDAzMzZaMDMxMTAvBgNV
BAMTKDFCNkVFNkMzQzBDMDdFOEZFNkJENDY4OEZDOEM3MkQ5OUQyOUNFODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOEG6tQ9KYWXXR07G+ukM/gNNE
f8UV0k2spgfd+xCOIZBbFbT3eZy2bcE74yy2/gLnF1vztbaRkQDJko0P6P+96K+j
i93gYrNZsxW+rAKO0I832Yk3PObkXd/puq2RAj9N8h38BbInA8+HdWwAxTqbA17r
M9oTQHYbq7vNA9UTN4boS706D4QKtagTg0sONDMthPJtL3kifwRDLLROKU9begsk
dugvOwzs2wQUByoUYjkI/atnaXfIMsynpf6MOSD0oVfhOuzoA/L0hscL6oB/WaV4
Q9qzbxi8pTzke9xL4jeplhGV/iDCEOHsgTu9tH//XjbeC5s4kjRExjwKMTCTAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUG27mw8DAfo/mvUaI/Ixy2Z0pzogwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjg1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEArJccAME
ArJctAMEArJdaAMEArJe9AMEArJfPDANBgkqhkiG9w0BAQsFAAOCAQEAfAszjdza
ryK2FqOKIu9+coffgqPhx70WKuyWCSPX88xsWeYLCX3yWRyHkFPKG6t0F4iY6C2u
nibL6try1bCY/KC4CQQRKkA5E0AE1hvjv0jmcg00Fk6EjVjn1rMjNsCx7e4Gh3Qi
bc8GtafNZqMWrx573WHfoQX5dLD1eg69eUjVrTKMSOwA8JvdxvmRRoGSsfs8QTSZ
2FvGhRfBwA2ODpRKk3XVwiuF/plLAG3kJRpSQdFjndrxFnAmQ451iGG2kEbkTGH5
bvi4t5upjfgtj/CEhNEgw7OqnZ1E/T09LFY6kJ3dIY4EnxTqQmAfQsFPcN1D2Tbn
41qM2gEOLnMi8A==
-----END CERTIFICATE-----
Generated at Sat Jun 20 15:39:02 2026 by rpki-client