Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: bdwbgtVD3jZRsVAFZRvFOEZk9iytd75Ws2PTQcXbmgU=
Subject key identifier: 74:4C:FF:D9:B9:17:F3:F6:71:9D:16:E7:7D:5A:F1:56:8E:59:8B:32
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5A5968D5E6310020D9A62A72FA53033D03C9BD8A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
Signing time: Fri 15 May 2026 01:49:03 +0000
ROA not before: Fri 15 May 2026 01:44:03 +0000
ROA not after: Fri 14 May 2027 01:49:03 +0000
asID: 395374
IP address blocks: 95.134.28.0/24 maxlen: 24
95.134.76.0/24 maxlen: 24
95.134.105.0/24 maxlen: 24
95.134.117.0/24 maxlen: 24
95.134.121.0/24 maxlen: 24
95.134.152.0/24 maxlen: 24
95.135.153.0/24 maxlen: 24
95.135.193.0/24 maxlen: 24
95.135.250.0/24 maxlen: 24
178.93.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:59:68:d5:e6:31:00:20:d9:a6:2a:72:fa:53:03:3d:03:c9:bd:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 15 01:44:03 2026 GMT
Not After : May 14 01:49:03 2027 GMT
Subject: CN=744CFFD9B917F3F6719D16E77D5AF1568E598B32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ee:91:86:1c:6d:7b:b0:a5:3c:16:9d:df:8e:
0d:ad:23:12:26:be:da:d6:be:b3:f1:a0:a1:5c:55:
40:85:09:15:ed:6c:22:43:8f:6a:a8:a1:55:bc:95:
fe:5e:33:4e:f4:3c:9b:c2:e2:6e:b5:c6:ce:59:d3:
e6:51:a0:be:90:7c:a9:6a:e8:24:c8:7c:d8:6b:37:
b5:d7:9a:8e:de:5a:fe:06:8d:16:36:c9:e3:83:ca:
75:27:10:c5:94:a2:e8:e1:8c:07:b2:0f:31:fd:32:
ac:e7:64:05:5b:36:09:3a:3b:78:6c:d3:6f:25:ee:
b6:5c:41:86:01:a7:92:de:f7:c4:a6:9b:50:f0:9c:
fa:65:fb:b9:d5:7b:f2:1d:08:d3:92:6e:a8:48:b0:
4f:a5:22:c7:91:e9:71:bb:9a:7d:6f:8f:52:7c:8e:
ee:9e:4d:25:05:f5:4d:a1:72:52:93:3f:1e:ed:c8:
d0:75:6b:67:b7:fa:99:63:87:46:9b:39:07:f2:cd:
9a:11:bd:a2:39:bf:a0:36:76:d7:9d:f6:8a:8a:8a:
63:c8:5b:95:3f:47:01:a4:87:04:13:fa:0e:1e:8b:
fa:ce:75:43:50:5a:99:a9:af:b9:eb:81:f2:da:51:
a4:99:9d:7c:5e:60:76:2e:ea:86:4c:7d:f6:53:a0:
67:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4C:FF:D9:B9:17:F3:F6:71:9D:16:E7:7D:5A:F1:56:8E:59:8B:32
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.28.0/24
95.134.76.0/24
95.134.105.0/24
95.134.117.0/24
95.134.121.0/24
95.134.152.0/24
95.135.153.0/24
95.135.193.0/24
95.135.250.0/24
178.93.128.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:52:0f:d6:65:bd:ff:dd:cc:6d:a3:e5:d0:5f:c7:ee:64:72:
fa:a3:ef:9b:5f:bd:80:6f:97:47:0c:75:08:44:3f:92:13:ec:
b8:7f:0c:15:97:02:93:93:f4:36:90:cd:7f:4a:49:70:6f:e5:
02:d9:10:ac:88:c2:36:27:61:7f:25:ec:97:ab:4a:65:1e:b9:
6f:50:e0:ec:f1:ab:63:d8:b8:05:88:ea:4d:bc:52:2b:85:79:
c2:c2:0c:4a:0c:8d:38:85:56:4e:fe:4b:5a:11:ef:52:3e:96:
e8:57:d3:24:cc:ed:02:d9:3d:bb:07:62:56:ca:97:24:b6:3f:
6c:9f:d5:36:73:85:c4:50:00:d9:0f:99:b1:da:8e:9d:89:8c:
46:a1:82:03:9f:66:35:b7:44:10:64:86:c3:e4:ff:6b:9c:25:
b1:c9:da:14:fc:f8:58:27:52:d4:94:42:c3:3c:cb:b4:6c:cc:
f2:0a:65:c4:e1:2d:89:f6:b8:03:ab:98:00:0a:f7:b1:2c:38:
68:f9:54:4c:df:a8:b9:c6:fc:33:94:25:47:a0:33:44:1f:07:
60:ba:e5:77:9d:df:e5:0e:d9:9a:5e:31:46:64:a9:25:dc:0c:
b5:e5:35:15:0a:46:81:f8:ea:f1:09:11:f3:47:fe:ed:88:ee:
73:52:7b:80
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUWllo1eYxACDZpipy+lMDPQPJvYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MTUwMTQ0MDNaFw0yNzA1MTQwMTQ5MDNaMDMxMTAvBgNV
BAMTKDc0NENGRkQ5QjkxN0YzRjY3MTlEMTZFNzdENUFGMTU2OEU1OThCMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl7pGGHG17sKU8Fp3fjg2tIxIm
vtrWvrPxoKFcVUCFCRXtbCJDj2qooVW8lf5eM070PJvC4m61xs5Z0+ZRoL6QfKlq
6CTIfNhrN7XXmo7eWv4GjRY2yeODynUnEMWUoujhjAeyDzH9MqznZAVbNgk6O3hs
028l7rZcQYYBp5Le98Smm1DwnPpl+7nVe/IdCNOSbqhIsE+lIseR6XG7mn1vj1J8
ju6eTSUF9U2hclKTPx7tyNB1a2e3+pljh0abOQfyzZoRvaI5v6A2dted9oqKimPI
W5U/RwGkhwQT+g4ei/rOdUNQWpmpr7nrgfLaUaSZnXxeYHYu6oZMffZToGczAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUdEz/2bkX8/ZxnRbnfVrxVo5ZizIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAX4Yc
AwQAX4ZMAwQAX4ZpAwQAX4Z1AwQAX4Z5AwQAX4aYAwQAX4eZAwQAX4fBAwQAX4f6
AwQAsl2AMA0GCSqGSIb3DQEBCwUAA4IBAQAtUg/WZb3/3cxto+XQX8fuZHL6o++b
X72Ab5dHDHUIRD+SE+y4fwwVlwKTk/Q2kM1/Sklwb+UC2RCsiMI2J2F/JeyXq0pl
HrlvUODs8atj2LgFiOpNvFIrhXnCwgxKDI04hVZO/ktaEe9SPpboV9MkzO0C2T27
B2JWypcktj9sn9U2c4XEUADZD5mx2o6diYxGoYIDn2Y1t0QQZIbD5P9rnCWxydoU
/PhYJ1LUlELDPMu0bMzyCmXE4S2J9rgDq5gACvexLDho+VRM36i5xvwzlCVHoDNE
HwdguuV3nd/lDtmaXjFGZKkl3Ay15TUVCkaB+OrxCRHzR/7tiO5zUnuA
-----END CERTIFICATE-----
Generated at Mon Jun 1 16:21:48 2026 by rpki-client