Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: KYPCQt3rW5xoEj7QIqQTK8cuIKWxJUaB+RovKq8BN4Q=
Subject key identifier: 55:6A:D6:B5:9B:AA:61:A5:26:FD:21:D4:C3:95:80:21:12:BC:20:EC
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 260904BBCA5101BA0CB65FAD3E37FBC1FF213327
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
Signing time: Wed 01 Apr 2026 10:30:38 +0000
ROA not before: Wed 01 Apr 2026 10:25:38 +0000
ROA not after: Wed 31 Mar 2027 10:30:38 +0000
asID: 395374
IP address blocks: 95.134.5.0/24 maxlen: 24
95.134.28.0/24 maxlen: 24
95.134.76.0/24 maxlen: 24
95.134.105.0/24 maxlen: 24
95.134.117.0/24 maxlen: 24
95.134.121.0/24 maxlen: 24
95.134.152.0/24 maxlen: 24
95.135.153.0/24 maxlen: 24
95.135.193.0/24 maxlen: 24
95.135.250.0/24 maxlen: 24
178.93.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:09:04:bb:ca:51:01:ba:0c:b6:5f:ad:3e:37:fb:c1:ff:21:33:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 1 10:25:38 2026 GMT
Not After : Mar 31 10:30:38 2027 GMT
Subject: CN=556AD6B59BAA61A526FD21D4C395802112BC20EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:52:d1:d8:34:c1:5c:7a:16:1e:5d:f9:f3:51:
39:a8:1c:64:a0:cc:fb:6c:2c:d5:91:65:cb:b7:9b:
42:84:b9:e3:95:ca:8c:42:ae:3f:e8:e7:2c:5f:e1:
72:4e:74:a3:af:47:ae:9a:44:3b:c4:04:71:03:1f:
bc:b7:f1:37:72:75:a5:06:78:63:5f:27:92:a0:01:
65:41:22:dd:6b:b1:8f:8e:fa:95:ec:79:ad:a4:7f:
81:f7:ab:9b:7b:fa:52:f2:a4:57:61:f3:86:de:4e:
a9:34:b4:ce:e5:80:0b:2b:61:30:3d:dc:00:e6:c3:
85:15:c6:73:a4:4d:8d:17:0a:b1:58:72:22:17:92:
59:bf:6e:20:c7:26:ba:1f:95:95:07:36:96:1b:1d:
85:f8:b7:39:a1:fd:a0:6f:ec:91:f9:f0:f6:9c:3e:
fc:18:e0:a5:f9:13:05:65:9e:23:d4:fd:20:c1:cd:
ce:18:f8:ae:83:87:2f:63:ab:f6:3e:8c:9e:2e:15:
af:b6:5b:d0:06:43:ba:71:51:f5:86:a1:45:62:84:
9f:f3:9d:65:2d:81:ac:8a:2d:3d:29:bd:9f:ba:2d:
ed:ef:e9:9e:39:4c:1a:50:84:ce:72:8f:af:61:a1:
ea:f6:45:f0:f0:26:75:9f:e1:4d:c4:99:dd:31:da:
ff:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:6A:D6:B5:9B:AA:61:A5:26:FD:21:D4:C3:95:80:21:12:BC:20:EC
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.5.0/24
95.134.28.0/24
95.134.76.0/24
95.134.105.0/24
95.134.117.0/24
95.134.121.0/24
95.134.152.0/24
95.135.153.0/24
95.135.193.0/24
95.135.250.0/24
178.93.128.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:d1:3f:30:3d:e6:0e:47:75:e6:62:40:3a:52:50:b4:d1:a4:
ac:8d:71:e7:3e:db:0f:87:e6:d7:21:ed:d7:0b:91:1e:0f:4c:
3a:79:3b:07:21:49:93:ef:09:1b:cf:3e:ed:c8:29:77:85:3a:
12:9c:d8:dd:52:d9:09:c4:ec:6c:7a:a7:1a:6c:c6:a6:40:80:
8f:af:67:d8:c1:e6:37:7d:d4:a3:09:6c:1c:fc:75:81:72:dd:
1a:ae:28:e4:c4:e8:2c:75:ef:02:40:c5:e7:18:9d:61:c4:a5:
b1:9b:b8:0d:ce:63:84:21:f2:5a:9e:24:f1:d1:2b:5e:b5:a4:
a9:e4:3d:98:c8:93:b6:0f:d6:24:10:a7:d4:82:a2:da:29:24:
20:39:b4:b5:2c:24:10:2d:4e:53:d9:cb:5f:88:c0:79:1e:92:
ab:bb:22:a5:4d:1a:79:1f:17:49:23:e4:1c:b6:33:72:ff:9d:
79:8f:2b:db:26:db:8f:75:c3:f9:bf:99:2c:e8:17:aa:52:ca:
6b:92:2b:b5:9e:a0:07:be:e0:7e:13:41:9b:95:9c:03:15:c8:
f3:8f:0a:30:58:71:a8:5a:a2:62:8b:6a:e2:5d:ce:4c:b5:cf:
26:25:89:4c:5b:71:0b:01:8b:02:e3:f9:5e:5a:24:4c:6b:29:
d4:46:f6:85
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUJgkEu8pRAboMtl+tPjf7wf8hMycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA0MDExMDI1MzhaFw0yNzAzMzExMDMwMzhaMDMxMTAvBgNV
BAMTKDU1NkFENkI1OUJBQTYxQTUyNkZEMjFENEMzOTU4MDIxMTJCQzIwRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwUtHYNMFcehYeXfnzUTmoHGSg
zPtsLNWRZcu3m0KEueOVyoxCrj/o5yxf4XJOdKOvR66aRDvEBHEDH7y38TdydaUG
eGNfJ5KgAWVBIt1rsY+O+pXsea2kf4H3q5t7+lLypFdh84beTqk0tM7lgAsrYTA9
3ADmw4UVxnOkTY0XCrFYciIXklm/biDHJroflZUHNpYbHYX4tzmh/aBv7JH58Pac
PvwY4KX5EwVlniPU/SDBzc4Y+K6Dhy9jq/Y+jJ4uFa+2W9AGQ7pxUfWGoUVihJ/z
nWUtgayKLT0pvZ+6Le3v6Z45TBpQhM5yj69hoer2RfDwJnWf4U3Emd0x2v9FAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUVWrWtZuqYaUm/SHUw5WAIRK8IOwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAX4YF
AwQAX4YcAwQAX4ZMAwQAX4ZpAwQAX4Z1AwQAX4Z5AwQAX4aYAwQAX4eZAwQAX4fB
AwQAX4f6AwQAsl2AMA0GCSqGSIb3DQEBCwUAA4IBAQAb0T8wPeYOR3XmYkA6UlC0
0aSsjXHnPtsPh+bXIe3XC5EeD0w6eTsHIUmT7wkbzz7tyCl3hToSnNjdUtkJxOxs
eqcabMamQICPr2fYweY3fdSjCWwc/HWBct0arijkxOgsde8CQMXnGJ1hxKWxm7gN
zmOEIfJaniTx0StetaSp5D2YyJO2D9YkEKfUgqLaKSQgObS1LCQQLU5T2ctfiMB5
HpKruyKlTRp5HxdJI+QctjNy/515jyvbJtuPdcP5v5ks6BeqUsprkiu1nqAHvuB+
E0GblZwDFcjzjwowWHGoWqJii2riXc5Mtc8mJYlMW3ELAYsC4/leWiRMaynURvaF
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:51:48 2026 by rpki-client