Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS398704.roa
File: AS398704.roa (raw, json)
Hash identifier: lhjfX/zr6SR9D/f/916OXN93gPWwniZr4yVKLMJrsfs=
Subject key identifier: 75:6A:7E:F3:B4:0B:E8:B4:C9:5A:28:F6:6A:14:E3:C8:59:50:6B:F9
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 65C1ED9ADE00C63D6268CAE8C5A9FF32D0142871
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS398704.roa
Signing time: Fri 20 Mar 2026 12:32:05 +0000
ROA not before: Fri 20 Mar 2026 12:27:05 +0000
ROA not after: Fri 19 Mar 2027 12:32:05 +0000
asID: 398704
IP address blocks: 178.92.16.0/22 maxlen: 24
178.92.36.0/22 maxlen: 24
178.93.0.0/22 maxlen: 24
178.94.45.0/24 maxlen: 24
178.94.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Mar 2026 01:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:c1:ed:9a:de:00:c6:3d:62:68:ca:e8:c5:a9:ff:32:d0:14:28:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 20 12:27:05 2026 GMT
Not After : Mar 19 12:32:05 2027 GMT
Subject: CN=756A7EF3B40BE8B4C95A28F66A14E3C859506BF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7b:96:38:a8:9a:6d:5c:93:22:bc:20:15:ee:
67:9c:46:8d:aa:99:b2:38:bc:ba:92:4a:cc:a5:8d:
2d:ce:c1:ad:92:f1:2b:87:e9:18:69:8d:9d:85:b9:
91:92:b7:92:16:64:08:67:3d:dc:b2:e0:a3:43:95:
2e:ff:b4:46:6a:0e:d5:77:04:cd:34:c1:2c:18:88:
07:96:f6:fa:96:82:8f:ff:51:67:31:50:f3:3d:0e:
40:40:1d:23:36:52:6e:ed:1e:38:04:49:03:b8:32:
ec:79:0c:5e:11:e4:b6:21:05:be:f0:e2:74:3e:f4:
4e:2b:3a:fe:b9:c5:bb:1c:72:5c:b1:4e:50:4b:da:
9b:0d:d4:e9:74:ca:49:ec:0e:31:b7:60:7b:8e:d4:
1f:4e:23:80:59:16:9d:7c:c2:f5:b9:4b:40:7e:77:
a9:0d:c6:91:97:87:16:eb:b3:ca:3c:53:2f:eb:03:
dd:e6:0b:aa:34:7f:b1:1e:af:0c:4d:b1:12:47:04:
01:68:97:ca:6e:c2:10:26:f0:02:52:fb:7d:11:0a:
3f:4c:9e:26:33:f2:44:9a:12:c8:db:7e:ba:f0:9d:
a5:78:6d:e6:c4:ec:7d:be:18:87:49:d4:14:c0:57:
9c:18:9f:ca:d5:48:0e:b8:b1:c2:70:c8:54:38:85:
9a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6A:7E:F3:B4:0B:E8:B4:C9:5A:28:F6:6A:14:E3:C8:59:50:6B:F9
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS398704.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.92.16.0/22
178.92.36.0/22
178.93.0.0/22
178.94.45.0-178.94.46.255
Signature Algorithm: sha256WithRSAEncryption
20:2f:10:2c:a0:75:10:ba:64:7b:63:a4:25:df:c1:e5:76:43:
02:5a:40:4d:88:b1:0c:67:fb:7c:e1:d5:0d:c7:27:35:46:dd:
14:fa:af:ae:43:19:67:77:1c:04:11:89:cb:b0:1d:53:ad:05:
ea:78:d8:0a:3f:41:8c:12:1c:14:a7:c0:93:d1:05:09:50:29:
eb:aa:45:66:41:05:09:1d:ed:0a:44:ef:e7:04:3a:9b:3e:be:
58:4b:2e:c6:75:11:9c:46:d7:76:cd:4c:1b:bd:e8:9c:32:90:
2c:17:d7:7d:5f:12:c8:68:76:c6:35:3e:4c:cb:7b:bf:6e:73:
5b:ad:0b:c8:f6:e7:e4:13:85:ef:36:c6:81:b6:14:03:99:ab:
6e:7a:24:c6:a0:14:c9:a6:84:35:a7:20:ee:f5:9a:f5:1f:ae:
05:5e:31:2b:82:14:9b:90:36:64:2c:00:84:ad:0d:2b:70:e0:
0f:db:45:57:bf:a7:9e:e6:35:31:40:d7:26:ac:bc:2f:3d:86:
25:8a:53:30:0d:fb:ab:b2:3d:a1:aa:c4:67:98:fd:2d:9a:cb:
98:ee:03:f5:f7:d7:05:13:73:43:8f:39:bf:34:60:12:2d:ec:
ec:17:b4:66:0b:cc:da:7d:2b:07:b7:77:82:55:8f:87:6d:cc:
c8:09:e1:4a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUZcHtmt4Axj1iaMroxan/MtAUKHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMjAxMjI3MDVaFw0yNzAzMTkxMjMyMDVaMDMxMTAvBgNV
BAMTKDc1NkE3RUYzQjQwQkU4QjRDOTVBMjhGNjZBMTRFM0M4NTk1MDZCRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCte5Y4qJptXJMivCAV7mecRo2q
mbI4vLqSSsyljS3Owa2S8SuH6RhpjZ2FuZGSt5IWZAhnPdyy4KNDlS7/tEZqDtV3
BM00wSwYiAeW9vqWgo//UWcxUPM9DkBAHSM2Um7tHjgESQO4Mux5DF4R5LYhBb7w
4nQ+9E4rOv65xbscclyxTlBL2psN1Ol0yknsDjG3YHuO1B9OI4BZFp18wvW5S0B+
d6kNxpGXhxbrs8o8Uy/rA93mC6o0f7EerwxNsRJHBAFol8puwhAm8AJS+30RCj9M
niYz8kSaEsjbfrrwnaV4bebE7H2+GIdJ1BTAV5wYn8rVSA64scJwyFQ4hZpHAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUdWp+87QL6LTJWij2ahTjyFlQa/kwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk4NzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCslwQ
AwQCslwkAwQCsl0AMAwDBACyXi0DBACyXi4wDQYJKoZIhvcNAQELBQADggEBACAv
ECygdRC6ZHtjpCXfweV2QwJaQE2IsQxn+3zh1Q3HJzVG3RT6r65DGWd3HAQRicuw
HVOtBep42Ao/QYwSHBSnwJPRBQlQKeuqRWZBBQkd7QpE7+cEOps+vlhLLsZ1EZxG
13bNTBu96JwykCwX131fEshodsY1PkzLe79uc1utC8j25+QThe82xoG2FAOZq256
JMagFMmmhDWnIO71mvUfrgVeMSuCFJuQNmQsAIStDStw4A/bRVe/p57mNTFA1yas
vC89hiWKUzAN+6uyPaGqxGeY/S2ay5juA/X31wUTc0OPOb80YBIt7OwXtGYLzNp9
Kwe3d4JVj4dtzMgJ4Uo=
-----END CERTIFICATE-----
Generated at Tue Mar 24 05:33:06 2026 by rpki-client