Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: foeD4OHtSTnC51nx5FR3Txfpxd0PLMRIpH9dWFRunBM=
Subject key identifier: F3:BD:00:E3:77:F8:4F:D3:4C:BD:A2:B9:8D:74:C4:96:D2:56:92:AE
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 09F9C080D18DC860BFE263F3104D0B78A99FD896
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
Signing time: Mon 13 Oct 2025 08:03:30 +0000
ROA not before: Mon 13 Oct 2025 07:58:30 +0000
ROA not after: Mon 12 Oct 2026 08:03:30 +0000
asID: 395374
IP address blocks: 95.134.121.0/24 maxlen: 24
178.93.128.0/24 maxlen: 24
178.94.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:f9:c0:80:d1:8d:c8:60:bf:e2:63:f3:10:4d:0b:78:a9:9f:d8:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 13 07:58:30 2025 GMT
Not After : Oct 12 08:03:30 2026 GMT
Subject: CN=F3BD00E377F84FD34CBDA2B98D74C496D25692AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f3:c2:b3:bb:38:dd:3d:9e:20:e3:c3:2b:9f:
cd:49:ba:98:de:50:af:7b:a9:36:4a:7d:7b:c7:45:
85:fc:d7:f5:32:d3:bd:18:12:a5:3a:70:cd:dc:59:
bc:b9:10:a4:b6:bb:0e:6a:dd:e4:01:e4:ed:78:8f:
06:69:5a:f4:9e:e7:e8:b8:db:94:c7:ea:c7:4b:fa:
1a:bc:b1:b8:db:fb:af:f0:a5:37:0e:c9:09:bf:be:
50:d3:f5:23:c1:50:84:ae:14:d9:f5:27:c8:94:bc:
46:cd:3a:a0:16:70:4e:21:af:af:28:56:f0:8c:e8:
4c:fa:c2:46:31:7a:20:2a:34:0e:38:fa:50:33:0d:
5c:82:bb:d7:9f:81:2f:eb:5d:1c:5e:d7:35:0f:df:
c7:f6:1c:d8:1a:df:08:99:50:c7:98:22:4c:c4:37:
36:23:3c:ad:b0:bc:4b:bd:ca:ae:e7:f6:87:a9:d7:
73:ee:dd:9d:61:c2:8e:9d:5e:6a:f7:36:81:1f:c5:
f2:8c:fd:18:59:ed:a5:25:61:23:56:de:49:a6:e9:
23:d3:05:0e:8b:42:e3:2f:dd:1c:53:23:4c:f6:3c:
d0:c5:59:9f:47:f5:22:68:8f:16:00:ee:b6:28:6f:
1f:81:76:b4:a4:1e:61:db:6f:a8:e0:3b:05:a2:c1:
1f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:BD:00:E3:77:F8:4F:D3:4C:BD:A2:B9:8D:74:C4:96:D2:56:92:AE
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.121.0/24
178.93.128.0/24
178.94.241.0/24
Signature Algorithm: sha256WithRSAEncryption
77:f0:08:38:f8:ce:32:ed:fe:47:52:64:d6:bb:e4:4a:ac:ee:
5f:e2:7b:04:97:a2:7b:72:c4:3b:cc:71:bb:99:4d:61:e0:b5:
3c:8d:36:a5:bb:f8:73:bb:6c:3b:cc:fa:45:66:18:eb:f5:33:
1b:90:3e:f9:01:97:df:35:6f:d5:9d:ed:f8:f2:af:5f:b4:98:
22:80:d9:46:58:26:43:90:23:50:c0:78:04:fd:93:38:c4:f1:
a7:55:4f:d8:c1:a3:c8:f6:6f:43:64:e1:f2:6b:24:4f:48:60:
9c:d1:f5:72:51:cd:00:6a:b9:6a:d4:55:94:4c:0d:16:d1:72:
fd:0c:b1:3c:82:bb:a3:6b:f5:0c:3f:a7:60:4f:8e:40:d9:05:
80:22:1a:fb:6e:29:92:21:fb:58:a8:02:b0:ad:11:82:4e:62:
a5:3e:39:e1:d4:24:27:83:a8:4c:2a:af:80:6a:ba:49:82:6e:
06:5f:d2:dd:bd:e7:83:83:c3:7f:4d:65:fd:86:82:93:f9:b7:
6f:c3:e3:17:90:98:5d:d6:52:18:83:cc:1e:d6:fd:4f:a8:8f:
e5:b5:ae:71:56:bf:02:3f:0b:1f:d3:ef:6b:85:85:af:90:8b:
b5:35:af:40:10:36:12:c7:be:06:fb:ae:9d:dc:4c:fb:a0:2c:
b6:37:e1:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUCfnAgNGNyGC/4mPzEE0LeKmf2JYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTMwNzU4MzBaFw0yNjEwMTIwODAzMzBaMDMxMTAvBgNV
BAMTKEYzQkQwMEUzNzdGODRGRDM0Q0JEQTJCOThENzRDNDk2RDI1NjkyQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDt88KzuzjdPZ4g48Mrn81Jupje
UK97qTZKfXvHRYX81/Uy070YEqU6cM3cWby5EKS2uw5q3eQB5O14jwZpWvSe5+i4
25TH6sdL+hq8sbjb+6/wpTcOyQm/vlDT9SPBUISuFNn1J8iUvEbNOqAWcE4hr68o
VvCM6Ez6wkYxeiAqNA44+lAzDVyCu9efgS/rXRxe1zUP38f2HNga3wiZUMeYIkzE
NzYjPK2wvEu9yq7n9oep13Pu3Z1hwo6dXmr3NoEfxfKM/RhZ7aUlYSNW3kmm6SPT
BQ6LQuMv3RxTI0z2PNDFWZ9H9SJojxYA7rYobx+BdrSkHmHbb6jgOwWiwR8dAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU870A43f4T9NMvaK5jXTEltJWkq4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX4Z5
AwQAsl2AAwQAsl7xMA0GCSqGSIb3DQEBCwUAA4IBAQB38Ag4+M4y7f5HUmTWu+RK
rO5f4nsEl6J7csQ7zHG7mU1h4LU8jTalu/hzu2w7zPpFZhjr9TMbkD75AZffNW/V
ne348q9ftJgigNlGWCZDkCNQwHgE/ZM4xPGnVU/YwaPI9m9DZOHyayRPSGCc0fVy
Uc0Aarlq1FWUTA0W0XL9DLE8gruja/UMP6dgT45A2QWAIhr7bimSIftYqAKwrRGC
TmKlPjnh1CQng6hMKq+AarpJgm4GX9LdveeDg8N/TWX9hoKT+bdvw+MXkJhd1lIY
g8we1v1PqI/lta5xVr8CPwsf0+9rhYWvkIu1Na9AEDYSx74G+66d3Ez7oCy2N+EL
-----END CERTIFICATE-----
Generated at Thu Oct 16 21:33:36 2025 by rpki-client