Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2856.roa
File: AS2856.roa (raw, json)
Hash identifier: jZcVV4WZ06ZMk//HaL5lXv8TRvsC2MRJ3H5NCQdurL8=
Subject key identifier: 4B:C7:58:A0:DB:F3:A9:2A:B3:CC:40:F6:9C:30:BB:E8:E1:63:02:7B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3436106DB25B31F31A2F0DE17101E27082B7AF7D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2856.roa
Signing time: Mon 08 Sep 2025 10:57:15 +0000
ROA not before: Mon 08 Sep 2025 10:52:15 +0000
ROA not after: Mon 07 Sep 2026 10:57:15 +0000
asID: 2856
IP address blocks: 95.134.194.0/24 maxlen: 24
178.92.112.0/22 maxlen: 22
178.92.180.0/22 maxlen: 24
178.93.104.0/22 maxlen: 24
178.93.192.0/22 maxlen: 24
178.94.244.0/22 maxlen: 24
178.95.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:36:10:6d:b2:5b:31:f3:1a:2f:0d:e1:71:01:e2:70:82:b7:af:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 8 10:52:15 2025 GMT
Not After : Sep 7 10:57:15 2026 GMT
Subject: CN=4BC758A0DBF3A92AB3CC40F69C30BBE8E163027B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:91:1f:9c:3d:14:3f:de:5e:7e:f5:ee:d9:13:
96:e4:9d:2f:51:66:30:02:98:aa:07:95:ba:d7:97:
76:bb:7d:3e:60:66:cf:03:b6:50:f2:a8:a1:a8:e5:
19:63:85:f5:3e:b5:19:78:70:6b:fc:36:df:05:91:
d9:4f:17:3f:57:cc:b5:3b:5f:26:8d:d7:3b:95:87:
75:ee:a0:ca:1a:c0:1e:4c:a9:fd:3e:b9:ff:ae:2f:
8c:f8:f7:b7:eb:e9:13:3a:94:fc:19:b4:9b:cb:13:
b2:ae:89:c9:8c:53:57:f4:92:d3:ac:eb:cf:df:00:
70:bf:eb:62:b9:46:65:b4:b9:2a:2f:88:49:a5:d5:
19:3d:70:77:7c:89:52:62:52:62:39:7c:ca:cd:fb:
ef:a8:fa:03:20:02:bd:10:4f:11:37:41:fa:ab:0c:
ad:a9:d4:2b:92:f8:29:af:aa:a6:e9:8e:d7:d1:95:
a6:67:f5:d0:13:36:62:b4:1c:d2:e4:e5:a3:65:cd:
cb:fb:d4:7f:a3:cc:77:8c:ab:9f:60:2b:a8:e2:03:
39:54:c4:7f:f3:fb:36:aa:27:57:49:b1:d7:42:4e:
ad:06:ef:62:48:70:ac:97:da:05:12:cc:44:dd:a2:
45:30:b5:50:7b:37:e2:a2:09:56:a6:b1:2b:63:b0:
0c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C7:58:A0:DB:F3:A9:2A:B3:CC:40:F6:9C:30:BB:E8:E1:63:02:7B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2856.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.194.0/24
178.92.112.0/22
178.92.180.0/22
178.93.104.0/22
178.93.192.0/22
178.94.244.0/22
178.95.60.0/22
Signature Algorithm: sha256WithRSAEncryption
61:9d:98:1d:8c:3b:76:4f:ab:cb:9b:8b:ea:58:8e:56:fb:d0:
a8:09:b8:d4:f7:87:ee:98:34:e8:1b:ba:ee:e7:f2:a2:69:de:
9b:d3:70:7a:87:e7:de:25:20:3d:10:63:88:16:74:60:94:7b:
b1:fe:ef:07:fe:18:85:40:f9:e9:6e:72:be:f5:e4:00:81:f5:
68:9b:04:15:7f:8f:71:2d:81:9f:46:a2:68:b0:63:ff:2a:25:
69:49:be:55:22:cb:2d:3a:54:41:6a:27:e1:9e:68:8d:65:94:
5e:ef:c5:ae:f0:eb:68:c0:aa:1b:0c:00:72:b3:01:71:74:ab:
3a:ad:31:9c:e0:3c:6c:d8:4f:98:f4:e6:4a:99:87:b4:75:61:
8d:29:c8:52:a3:5b:4b:25:67:70:87:61:51:43:89:2d:b1:5c:
7a:cf:85:c3:5c:b5:06:93:9e:00:35:89:47:db:4f:aa:f0:16:
af:97:cc:b8:5c:da:7b:0c:7b:d9:a2:8d:9b:dd:cb:46:58:9c:
fb:e9:26:5e:6c:2d:26:63:0a:15:a7:20:71:d3:46:1d:30:7f:
fb:7a:08:19:23:c0:06:bf:03:4e:73:f3:07:0c:b0:e8:fb:97:
43:a1:3f:6c:a4:73:57:02:2b:38:f5:e0:00:73:b6:d2:af:03:
d0:d2:9e:66
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUNDYQbbJbMfMaLw3hcQHicIK3r30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MDgxMDUyMTVaFw0yNjA5MDcxMDU3MTVaMDMxMTAvBgNV
BAMTKDRCQzc1OEEwREJGM0E5MkFCM0NDNDBGNjlDMzBCQkU4RTE2MzAyN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwkR+cPRQ/3l5+9e7ZE5bknS9R
ZjACmKoHlbrXl3a7fT5gZs8DtlDyqKGo5RljhfU+tRl4cGv8Nt8FkdlPFz9XzLU7
XyaN1zuVh3XuoMoawB5Mqf0+uf+uL4z497fr6RM6lPwZtJvLE7KuicmMU1f0ktOs
68/fAHC/62K5RmW0uSoviEml1Rk9cHd8iVJiUmI5fMrN+++o+gMgAr0QTxE3Qfqr
DK2p1CuS+CmvqqbpjtfRlaZn9dATNmK0HNLk5aNlzcv71H+jzHeMq59gK6jiAzlU
xH/z+zaqJ1dJsddCTq0G72JIcKyX2gUSzETdokUwtVB7N+KiCVamsStjsAxxAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUS8dYoNvzqSqzzED2nDC76OFjAnswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjg1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAF+GwgME
ArJccAMEArJctAMEArJdaAMEArJdwAMEArJe9AMEArJfPDANBgkqhkiG9w0BAQsF
AAOCAQEAYZ2YHYw7dk+ry5uL6liOVvvQqAm41PeH7pg06Bu67ufyomnem9Nweofn
3iUgPRBjiBZ0YJR7sf7vB/4YhUD56W5yvvXkAIH1aJsEFX+PcS2Bn0aiaLBj/yol
aUm+VSLLLTpUQWon4Z5ojWWUXu/FrvDraMCqGwwAcrMBcXSrOq0xnOA8bNhPmPTm
SpmHtHVhjSnIUqNbSyVncIdhUUOJLbFces+Fw1y1BpOeADWJR9tPqvAWr5fMuFza
ewx72aKNm93LRlic++kmXmwtJmMKFacgcdNGHTB/+3oIGSPABr8DTnPzBwyw6PuX
Q6E/bKRzVwIrOPXgAHO20q8D0NKeZg==
-----END CERTIFICATE-----
Generated at Mon Sep 15 20:32:30 2025 by rpki-client