Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3257.roa
File: AS3257.roa (raw, json)
Hash identifier: E8LNF1W/09MfhImSY32RuVD2w9IvLBTLMUBQKKiWTcg=
Subject key identifier: CD:9F:5E:86:7F:0F:49:BB:66:FE:3B:49:AD:8E:BD:5E:48:3C:28:22
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5F7126CBF48CC55F928F0E31CC9E4CAC03A88E6D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3257.roa
Signing time: Sat 27 Jun 2026 18:19:37 +0000
ROA not before: Sat 27 Jun 2026 18:14:37 +0000
ROA not after: Sat 26 Jun 2027 18:19:37 +0000
asID: 3257
IP address blocks: 46.202.54.0/24 maxlen: 24
46.202.56.0/24 maxlen: 24
95.134.30.0/24 maxlen: 24
178.92.131.0/24 maxlen: 24
178.92.133.0/24 maxlen: 24
178.92.148.0/24 maxlen: 24
178.92.155.0/24 maxlen: 24
178.93.244.0/24 maxlen: 24
178.95.116.0/22 maxlen: 24
178.95.159.0/24 maxlen: 24
178.95.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 21:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:71:26:cb:f4:8c:c5:5f:92:8f:0e:31:cc:9e:4c:ac:03:a8:8e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 27 18:14:37 2026 GMT
Not After : Jun 26 18:19:37 2027 GMT
Subject: CN=CD9F5E867F0F49BB66FE3B49AD8EBD5E483C2822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7b:73:0a:a9:ed:01:6c:4c:58:09:da:9f:c5:
b8:14:ab:95:cd:2b:fe:0a:17:9e:b8:67:de:9c:ed:
7f:cd:0b:e2:94:15:b3:7f:7c:d0:b2:71:a3:1e:f9:
3f:c0:0b:b0:2a:9c:62:15:21:37:35:7c:3e:b7:0f:
16:1f:e7:46:ed:bd:c8:80:5d:7f:e2:ee:3d:46:72:
c9:55:2a:69:c1:56:d9:09:20:3e:06:6b:53:eb:a8:
04:a5:b1:4f:de:e3:da:70:62:16:36:a9:59:18:47:
ce:1d:3e:ae:a9:99:b2:a6:bf:15:56:22:9f:da:3b:
d1:cf:14:f7:9f:97:d4:6f:ff:3f:4f:d6:7d:78:fa:
05:cc:bb:20:54:bc:3b:2f:ed:a2:b3:82:31:c0:b7:
d3:ab:e7:68:fa:09:42:66:bd:a8:f0:75:b3:25:88:
e5:e5:ff:85:bf:d2:35:93:e9:98:8a:40:e5:6d:4e:
10:f7:41:7b:0f:ac:f8:92:ba:a8:02:ad:98:2d:ba:
04:b6:13:91:7e:c3:7c:6f:5b:6a:33:ca:7b:5a:32:
f4:76:4b:af:9a:57:4b:1b:99:a6:30:83:1f:7e:fc:
d7:79:87:c9:60:2e:e8:93:ed:8c:92:0d:3a:2d:ea:
e8:61:65:e6:0f:09:50:57:4c:d6:65:ed:a3:93:08:
29:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:9F:5E:86:7F:0F:49:BB:66:FE:3B:49:AD:8E:BD:5E:48:3C:28:22
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.54.0/24
46.202.56.0/24
95.134.30.0/24
178.92.131.0/24
178.92.133.0/24
178.92.148.0/24
178.92.155.0/24
178.93.244.0/24
178.95.116.0/22
178.95.159.0/24
178.95.240.0/24
Signature Algorithm: sha256WithRSAEncryption
71:b0:50:6e:b6:b6:3e:7c:52:de:fd:ab:a5:1d:25:60:90:32:
ee:a4:da:40:1b:47:a0:0d:b6:13:58:11:66:2b:38:c7:47:52:
81:eb:05:1f:a1:e7:a4:c4:ba:84:53:95:ca:4d:a7:ce:5f:14:
ea:48:26:b8:ff:a1:98:5e:83:1f:04:87:e3:9c:64:b1:b0:fe:
0e:ac:7d:6e:56:f6:f4:e2:82:47:c6:12:e4:f9:0b:f5:05:44:
e6:3a:1d:eb:7a:b1:4c:2d:56:e6:02:c4:86:f7:8c:b3:d5:04:
80:22:87:4f:1d:ea:e2:5b:f2:d1:d5:14:a1:fe:da:65:16:6d:
51:05:38:fa:69:65:50:30:af:71:67:84:ee:93:c4:0c:26:61:
b8:ed:3b:ad:65:aa:43:ac:51:70:9d:23:b6:e5:94:d9:aa:86:
b3:36:97:06:68:a2:31:94:bd:b6:ee:73:22:c9:f0:16:da:8c:
0a:ed:31:da:05:1f:61:44:d1:ff:95:39:65:46:26:f4:84:90:
31:94:96:62:7d:b2:0b:b6:d6:58:1c:64:2f:2e:53:54:bf:3c:
03:d8:83:d9:c3:44:d8:5d:7a:fa:66:bb:6e:27:ef:18:a9:71:
38:ea:1f:47:98:d1:14:4d:fb:0c:ce:79:3e:10:80:c3:ed:0b:
14:93:15:d3
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUX3Emy/SMxV+Sjw4xzJ5MrAOojm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA2MjcxODE0MzdaFw0yNzA2MjYxODE5MzdaMDMxMTAvBgNV
BAMTKENEOUY1RTg2N0YwRjQ5QkI2NkZFM0I0OUFEOEVCRDVFNDgzQzI4MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCee3MKqe0BbExYCdqfxbgUq5XN
K/4KF564Z96c7X/NC+KUFbN/fNCycaMe+T/AC7AqnGIVITc1fD63DxYf50btvciA
XX/i7j1GcslVKmnBVtkJID4Ga1PrqASlsU/e49pwYhY2qVkYR84dPq6pmbKmvxVW
Ip/aO9HPFPefl9Rv/z9P1n14+gXMuyBUvDsv7aKzgjHAt9Or52j6CUJmvajwdbMl
iOXl/4W/0jWT6ZiKQOVtThD3QXsPrPiSuqgCrZgtugS2E5F+w3xvW2ozyntaMvR2
S6+aV0sbmaYwgx9+/Nd5h8lgLuiT7YySDTot6uhhZeYPCVBXTNZl7aOTCCm9AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUzZ9ehn8PSbtm/jtJrY69Xkg8KCIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBbBggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAC7KNgME
AC7KOAMEAF+GHgMEALJcgwMEALJchQMEALJclAMEALJcmwMEALJd9AMEArJfdAME
ALJfnwMEALJf8DANBgkqhkiG9w0BAQsFAAOCAQEAcbBQbra2PnxS3v2rpR0lYJAy
7qTaQBtHoA22E1gRZis4x0dSgesFH6HnpMS6hFOVyk2nzl8U6kgmuP+hmF6DHwSH
45xksbD+Dqx9blb29OKCR8YS5PkL9QVE5jod63qxTC1W5gLEhveMs9UEgCKHTx3q
4lvy0dUUof7aZRZtUQU4+mllUDCvcWeE7pPEDCZhuO07rWWqQ6xRcJ0jtuWU2aqG
szaXBmiiMZS9tu5zIsnwFtqMCu0x2gUfYUTR/5U5ZUYm9ISQMZSWYn2yC7bWWBxk
Ly5TVL88A9iD2cNE2F16+ma7bifvGKlxOOofR5jRFE37DM55PhCAw+0LFJMV0w==
-----END CERTIFICATE-----
Generated at Tue Jun 30 01:21:19 2026 by rpki-client