Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS397630.roa
File: AS397630.roa (raw, json)
Hash identifier: FvepUWf3Bh/+BtxnzD8vVZCucVA4f1GbnvAi/dfdKJU=
Subject key identifier: 2B:8D:27:A2:6A:C1:5B:80:FC:37:54:3D:28:B7:52:1D:1E:38:D0:AD
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4D4C9964164978F7C84348B08A96ADFE42ABB6BD
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS397630.roa
Signing time: Fri 10 Oct 2025 12:27:00 +0000
ROA not before: Fri 10 Oct 2025 12:22:00 +0000
ROA not after: Fri 09 Oct 2026 12:27:00 +0000
asID: 397630
IP address blocks: 91.124.36.0/24 maxlen: 24
92.112.141.0/24 maxlen: 24
95.135.183.0/24 maxlen: 24
178.92.246.0/24 maxlen: 24
178.93.30.0/24 maxlen: 24
178.94.149.0/24 maxlen: 24
178.95.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:4c:99:64:16:49:78:f7:c8:43:48:b0:8a:96:ad:fe:42:ab:b6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 10 12:22:00 2025 GMT
Not After : Oct 9 12:27:00 2026 GMT
Subject: CN=2B8D27A26AC15B80FC37543D28B7521D1E38D0AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7f:4a:58:bd:ef:ba:a3:91:c3:f1:e3:12:a3:
7d:ca:b3:b8:6c:50:48:ae:ee:fb:74:9c:b7:0a:03:
cb:4e:a1:d5:8a:78:01:cf:af:87:08:2f:70:98:7e:
a1:5d:c0:78:80:8f:6d:7b:4c:bc:ba:7b:1e:90:8f:
25:16:43:c0:6f:ae:91:2d:ed:d7:8a:5f:95:0a:0f:
92:38:c8:71:aa:4f:95:bc:49:ca:13:99:6b:d5:04:
93:67:40:f4:3d:9d:c3:a6:b0:80:58:01:4a:df:5e:
60:8c:c3:c4:f6:f7:15:50:e0:61:cb:46:0f:1c:4b:
0d:44:33:76:dc:97:e8:9e:11:0a:10:8c:ef:3b:c9:
1e:71:79:b0:e3:fa:1c:f1:b9:cd:d3:9f:53:67:36:
e1:fd:a8:f6:23:65:80:1c:3b:cb:24:2b:49:fd:fd:
83:15:be:96:87:f1:a6:d0:4b:11:01:1d:b2:92:fe:
d5:cc:4c:0e:ee:00:dd:7a:43:19:02:74:1c:03:d5:
81:6f:f7:49:d8:8b:b2:77:75:82:36:6d:85:98:33:
97:55:61:2b:58:db:46:b7:dc:d5:e3:17:b0:9b:51:
dc:68:12:f9:2d:4e:30:ae:56:28:25:0d:b0:de:21:
77:a3:9c:21:73:0d:e8:88:1c:24:d1:9a:0c:2c:c1:
31:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:8D:27:A2:6A:C1:5B:80:FC:37:54:3D:28:B7:52:1D:1E:38:D0:AD
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS397630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.36.0/24
92.112.141.0/24
95.135.183.0/24
178.92.246.0/24
178.93.30.0/24
178.94.149.0/24
178.95.225.0/24
Signature Algorithm: sha256WithRSAEncryption
31:8b:5e:e7:18:b5:3b:7b:f8:9e:c1:c7:5e:01:5c:59:41:cf:
d2:f2:7b:2b:d7:44:d0:ed:c4:27:9c:9f:2c:fa:29:d2:87:0f:
cb:5f:8f:13:ee:05:5a:69:ea:43:ce:c9:31:a8:30:92:ae:f4:
59:2e:14:fb:6a:14:a0:30:67:d2:08:cd:11:6c:e2:88:8a:13:
38:51:84:c0:5b:8f:aa:3b:95:e1:37:99:b3:28:ff:ea:cd:46:
c1:02:9f:3f:36:f1:b3:1a:d0:d0:99:91:52:7b:e9:4d:5c:f1:
eb:dc:b3:35:13:b2:75:1a:bc:85:9c:20:3c:1c:53:8f:1e:c4:
4c:6b:2b:63:4d:8d:fa:51:58:dc:d5:16:da:13:c5:4b:fb:a0:
87:56:ac:ac:68:cf:95:fb:9b:5c:df:2c:39:4b:82:3d:4b:3b:
6d:af:44:8f:a5:ad:b4:1b:33:11:61:2b:d8:b9:ba:e8:49:be:
26:4c:7e:6c:07:2c:ad:e2:e7:e9:a2:e6:70:e8:e0:15:5d:1f:
49:5f:87:4c:74:4c:e6:27:a9:3e:11:3e:05:3f:ba:2a:55:a0:
12:59:33:1d:9a:20:2f:31:05:0f:cc:6d:68:df:cc:84:5c:02:
35:e6:45:c5:26:31:6b:02:43:cc:06:58:79:a1:7d:4e:d0:73:
22:f2:eb:de
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUTUyZZBZJePfIQ0iwipat/kKrtr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTAxMjIyMDBaFw0yNjEwMDkxMjI3MDBaMDMxMTAvBgNV
BAMTKDJCOEQyN0EyNkFDMTVCODBGQzM3NTQzRDI4Qjc1MjFEMUUzOEQwQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/f0pYve+6o5HD8eMSo33Ks7hs
UEiu7vt0nLcKA8tOodWKeAHPr4cIL3CYfqFdwHiAj217TLy6ex6QjyUWQ8BvrpEt
7deKX5UKD5I4yHGqT5W8ScoTmWvVBJNnQPQ9ncOmsIBYAUrfXmCMw8T29xVQ4GHL
Rg8cSw1EM3bcl+ieEQoQjO87yR5xebDj+hzxuc3Tn1NnNuH9qPYjZYAcO8skK0n9
/YMVvpaH8abQSxEBHbKS/tXMTA7uAN16QxkCdBwD1YFv90nYi7J3dYI2bYWYM5dV
YStY20a33NXjF7CbUdxoEvktTjCuViglDbDeIXejnCFzDeiIHCTRmgwswTFvAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUK40nomrBW4D8N1Q9KLdSHR440K0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk3NjMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAW3wk
AwQAXHCNAwQAX4e3AwQAslz2AwQAsl0eAwQAsl6VAwQAsl/hMA0GCSqGSIb3DQEB
CwUAA4IBAQAxi17nGLU7e/iewcdeAVxZQc/S8nsr10TQ7cQnnJ8s+inShw/LX48T
7gVaaepDzskxqDCSrvRZLhT7ahSgMGfSCM0RbOKIihM4UYTAW4+qO5XhN5mzKP/q
zUbBAp8/NvGzGtDQmZFSe+lNXPHr3LM1E7J1GryFnCA8HFOPHsRMaytjTY36UVjc
1RbaE8VL+6CHVqysaM+V+5tc3yw5S4I9Szttr0SPpa20GzMRYSvYubroSb4mTH5s
Byyt4ufpouZw6OAVXR9JX4dMdEzmJ6k+ET4FP7oqVaASWTMdmiAvMQUPzG1o38yE
XAI15kXFJjFrAkPMBlh5oX1O0HMi8uve
-----END CERTIFICATE-----
Generated at Thu Oct 16 21:27:49 2025 by rpki-client