Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2856.roa
File: AS2856.roa (raw, json)
Hash identifier: GPSVGJYt+BJQmRXxMrr+kJuvB0OHH92YMsSmfNwewjU=
Subject key identifier: 3F:D2:5B:1D:0A:DB:2E:B7:44:4C:CC:DD:54:CB:CC:C3:1F:58:70:B4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 681177EAD2AFE6ACF0E583FA79739B8943577AAB
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2856.roa
Signing time: Mon 03 Nov 2025 21:46:15 +0000
ROA not before: Mon 03 Nov 2025 21:41:15 +0000
ROA not after: Mon 02 Nov 2026 21:46:15 +0000
asID: 2856
IP address blocks: 178.92.112.0/22 maxlen: 22
178.92.180.0/22 maxlen: 24
178.93.104.0/22 maxlen: 24
178.93.192.0/22 maxlen: 24
178.94.244.0/22 maxlen: 24
178.95.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:11:77:ea:d2:af:e6:ac:f0:e5:83:fa:79:73:9b:89:43:57:7a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 3 21:41:15 2025 GMT
Not After : Nov 2 21:46:15 2026 GMT
Subject: CN=3FD25B1D0ADB2EB7444CCCDD54CBCCC31F5870B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7f:5e:52:77:44:b0:4f:8c:38:7f:60:92:aa:
bf:e2:42:1b:da:52:29:a1:a0:5e:6e:44:91:11:b8:
12:a4:e7:d6:33:fb:9e:ad:48:d2:2a:5a:2e:48:71:
1d:74:74:fa:61:3b:16:ee:3f:cd:6d:fe:66:80:c2:
47:46:2f:36:dc:65:fa:f9:02:dd:51:64:06:f8:de:
53:63:aa:d2:e0:9f:a1:f0:3d:a4:3d:08:13:83:51:
33:52:d2:3e:6e:17:8a:78:12:2a:20:97:5f:3c:e8:
50:da:cf:02:4c:8a:38:ee:a8:8b:e3:da:78:0d:97:
35:33:9a:c6:33:56:7a:cf:87:f1:db:2a:a1:9b:f8:
23:7a:58:00:1e:f3:cc:91:62:a4:43:bb:12:cd:55:
cf:2c:72:e0:c0:5d:67:38:63:59:18:5b:1d:d4:c1:
ea:84:d2:14:fd:3d:56:f0:e4:e7:91:02:41:12:48:
dc:93:79:bb:f3:04:66:02:d4:53:c6:eb:4b:55:62:
89:2d:32:e9:5b:f1:e9:7e:f6:01:79:a5:35:91:2e:
c8:d1:e0:35:91:38:0d:14:59:bf:95:36:bc:ae:e3:
6b:da:8e:af:58:3f:f3:ea:df:9d:31:22:9c:f3:bb:
5c:b0:94:24:7f:2c:dc:70:df:e8:07:4a:4d:ea:d3:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D2:5B:1D:0A:DB:2E:B7:44:4C:CC:DD:54:CB:CC:C3:1F:58:70:B4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2856.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.92.112.0/22
178.92.180.0/22
178.93.104.0/22
178.93.192.0/22
178.94.244.0/22
178.95.60.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:19:cb:d4:76:68:a1:ed:bd:42:f1:6e:f1:98:96:6a:05:2e:
50:de:b1:7c:d9:32:e1:77:ba:60:33:d9:c1:a4:7a:d4:49:47:
00:c9:87:da:f4:68:66:28:7a:d9:9d:8c:3d:0f:3b:17:ce:0f:
48:ac:72:27:8d:e2:a8:5d:31:cb:cd:3a:8c:e6:56:3e:ee:ba:
ea:f8:c4:5b:64:66:f0:6d:77:73:e8:66:79:22:28:2a:cf:95:
da:be:9d:32:8f:d5:74:be:3b:fd:2f:16:bf:b4:cb:0b:c3:ca:
27:ca:fd:ab:74:19:e6:31:a5:de:fa:2b:e3:29:8b:a7:8c:5a:
71:f0:89:0b:fd:35:a6:74:6d:80:b5:a7:c9:fd:a4:f0:9a:25:
e4:81:b7:34:25:3b:f3:3e:c8:91:eb:0e:82:a7:88:6b:0e:d8:
48:95:ab:94:aa:33:7d:51:b2:87:29:42:6e:c4:18:20:8a:64:
f9:74:cf:35:09:53:e8:0b:2e:27:4e:69:8c:9e:c7:5a:59:ba:
ba:07:c8:db:75:87:18:9b:87:3e:f5:a1:94:6a:d2:39:2c:6e:
87:30:88:bc:2b:8c:0a:73:e8:9f:e4:2c:dc:d2:25:5f:38:5e:
b3:3c:cc:59:fc:55:79:ba:0e:a4:97:f5:7e:f2:55:c9:65:74:
0d:0d:3b:93
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUaBF36tKv5qzw5YP6eXObiUNXeqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTExMDMyMTQxMTVaFw0yNjExMDIyMTQ2MTVaMDMxMTAvBgNV
BAMTKDNGRDI1QjFEMEFEQjJFQjc0NDRDQ0NERDU0Q0JDQ0MzMUY1ODcwQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDff15Sd0SwT4w4f2CSqr/iQhva
UimhoF5uRJERuBKk59Yz+56tSNIqWi5IcR10dPphOxbuP81t/maAwkdGLzbcZfr5
At1RZAb43lNjqtLgn6HwPaQ9CBODUTNS0j5uF4p4Eiogl1886FDazwJMijjuqIvj
2ngNlzUzmsYzVnrPh/HbKqGb+CN6WAAe88yRYqRDuxLNVc8scuDAXWc4Y1kYWx3U
weqE0hT9PVbw5OeRAkESSNyTebvzBGYC1FPG60tVYoktMulb8el+9gF5pTWRLsjR
4DWROA0UWb+VNryu42vajq9YP/Pq350xIpzzu1ywlCR/LNxw3+gHSk3q03a3AgMB
AAGjggImMIICIjAdBgNVHQ4EFgQUP9JbHQrbLrdETMzdVMvMwx9YcLQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjg1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEArJccAME
ArJctAMEArJdaAMEArJdwAMEArJe9AMEArJfPDANBgkqhkiG9w0BAQsFAAOCAQEA
pRnL1HZooe29QvFu8ZiWagUuUN6xfNky4Xe6YDPZwaR61ElHAMmH2vRoZih62Z2M
PQ87F84PSKxyJ43iqF0xy806jOZWPu666vjEW2Rm8G13c+hmeSIoKs+V2r6dMo/V
dL47/S8Wv7TLC8PKJ8r9q3QZ5jGl3vor4ymLp4xacfCJC/01pnRtgLWnyf2k8Jol
5IG3NCU78z7IkesOgqeIaw7YSJWrlKozfVGyhylCbsQYIIpk+XTPNQlT6AsuJ05p
jJ7HWlm6ugfI23WHGJuHPvWhlGrSOSxuhzCIvCuMCnPon+Qs3NIlXzheszzMWfxV
eboOpJf1fvJVyWV0DQ07kw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:00:16 2025 by rpki-client