Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401163.roa
File: AS401163.roa (raw, json)
Hash identifier: pSVRFfWVsp+1haaL2wDsMuArDcKbMfC8b8VMiwdpvh0=
Subject key identifier: 8C:91:89:0A:8C:A5:7F:0C:06:0D:CC:4B:A7:A3:0D:70:82:AE:C8:69
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1B3F2D7B71F8D7118E60C6FCE7591914787BDB6B
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401163.roa
Signing time: Mon 18 Aug 2025 18:42:55 +0000
ROA not before: Mon 18 Aug 2025 18:37:55 +0000
ROA not after: Mon 17 Aug 2026 18:42:55 +0000
asID: 401163
IP address blocks: 91.124.34.0/24 maxlen: 24
91.124.168.0/24 maxlen: 24
91.124.175.0/24 maxlen: 24
92.113.10.0/24 maxlen: 24
92.113.60.0/24 maxlen: 24
92.113.100.0/24 maxlen: 24
95.134.112.0/24 maxlen: 24
95.134.122.0/24 maxlen: 24
95.134.132.0/24 maxlen: 24
95.134.180.0/24 maxlen: 24
95.134.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 16:54:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:3f:2d:7b:71:f8:d7:11:8e:60:c6:fc:e7:59:19:14:78:7b:db:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 18 18:37:55 2025 GMT
Not After : Aug 17 18:42:55 2026 GMT
Subject: CN=8C91890A8CA57F0C060DCC4BA7A30D7082AEC869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:28:48:d3:bc:6d:d2:b2:f1:f9:40:cc:0d:80:
06:64:79:ab:b0:2c:43:e7:c6:9b:cc:b5:84:d9:38:
c9:59:2a:b6:22:cc:fd:5c:e5:b4:21:66:27:59:40:
8e:78:cc:d7:10:b5:b7:15:ae:42:f7:2c:34:e9:8c:
dd:14:4b:4f:75:18:38:4d:cb:db:a8:4d:31:b6:65:
ed:82:89:e1:13:1d:b6:be:40:6b:7a:d8:9b:c2:9b:
c8:7d:52:51:57:85:f5:49:28:62:00:d3:34:0e:9b:
53:bf:77:d3:28:65:ac:de:f2:4b:c3:d9:a6:5c:ca:
a9:a9:99:47:4f:0b:38:36:2a:66:bf:71:9a:bc:bd:
d3:27:7b:39:78:83:92:ed:2d:4b:2e:82:b0:f5:af:
7d:35:69:26:f4:36:38:bb:49:6d:ca:a3:9f:a5:5f:
80:b9:74:73:af:2b:12:1b:3d:67:2f:54:14:8b:6b:
7f:dd:d5:92:40:54:d3:84:75:9f:b6:1a:53:99:34:
d6:f6:97:8b:48:d3:2b:6b:95:ff:c3:83:ce:d0:78:
ea:24:32:88:a5:8c:f1:10:f6:2d:02:47:ee:ec:1c:
63:c4:83:c6:2d:cb:c1:e1:bc:2b:17:6a:3f:57:3c:
69:25:de:03:61:f4:fb:ca:22:6f:a2:a9:e2:09:8a:
a2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:91:89:0A:8C:A5:7F:0C:06:0D:CC:4B:A7:A3:0D:70:82:AE:C8:69
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401163.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.34.0/24
91.124.168.0/24
91.124.175.0/24
92.113.10.0/24
92.113.60.0/24
92.113.100.0/24
95.134.112.0/24
95.134.122.0/24
95.134.132.0/24
95.134.180.0/24
95.134.192.0/24
Signature Algorithm: sha256WithRSAEncryption
11:06:ef:cf:4b:c7:bc:13:a3:98:aa:85:e4:28:a4:8c:f1:35:
d6:ad:e4:8f:9f:5c:03:49:9d:02:a4:7d:a6:54:9e:da:0c:03:
7a:dc:2f:2e:88:51:2e:9e:63:d7:15:52:a2:18:01:40:3e:5c:
c5:a3:5f:81:28:c4:3a:54:67:42:aa:4b:66:ef:82:c4:1a:b5:
56:1d:15:49:5c:0b:02:92:35:db:e5:7d:d2:97:eb:0c:fe:1d:
4e:a3:d1:25:d4:07:80:83:48:65:eb:86:16:43:57:f0:a4:0d:
8f:07:a9:cd:dd:fd:a8:0d:46:71:fc:c9:4f:a0:66:93:52:78:
63:f3:73:39:32:41:fa:66:3f:45:7e:7b:01:b4:81:15:d2:dd:
1f:e4:a4:44:cd:18:f5:93:cf:0c:c7:72:e0:d2:42:11:1b:37:
bd:96:3f:b5:54:36:ec:d7:c5:76:6f:50:c4:f2:19:a8:59:fd:
2b:d2:a5:04:f5:82:e8:ce:78:6f:10:72:bc:e0:46:7d:b6:03:
c3:6c:6b:31:c1:8d:f8:d6:b4:aa:cd:a6:60:65:89:1d:27:8e:
db:be:13:5c:c1:0e:fa:0c:83:35:ca:ef:54:45:f9:5d:be:ef:
95:a3:11:c3:ab:44:06:d9:c4:37:6c:06:59:e7:6a:8f:67:03:
73:f1:b9:8a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUGz8te3H41xGOYMb851kZFHh722swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MTgxODM3NTVaFw0yNjA4MTcxODQyNTVaMDMxMTAvBgNV
BAMTKDhDOTE4OTBBOENBNTdGMEMwNjBEQ0M0QkE3QTMwRDcwODJBRUM4NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfKEjTvG3SsvH5QMwNgAZkeauw
LEPnxpvMtYTZOMlZKrYizP1c5bQhZidZQI54zNcQtbcVrkL3LDTpjN0US091GDhN
y9uoTTG2Ze2CieETHba+QGt62JvCm8h9UlFXhfVJKGIA0zQOm1O/d9MoZaze8kvD
2aZcyqmpmUdPCzg2Kma/cZq8vdMnezl4g5LtLUsugrD1r301aSb0Nji7SW3Ko5+l
X4C5dHOvKxIbPWcvVBSLa3/d1ZJAVNOEdZ+2GlOZNNb2l4tI0ytrlf/Dg87QeOok
MoiljPEQ9i0CR+7sHGPEg8Yty8HhvCsXaj9XPGkl3gNh9PvKIm+iqeIJiqJnAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUjJGJCoylfwwGDcxLp6MNcIKuyGkwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDAxMTYzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAW3wi
AwQAW3yoAwQAW3yvAwQAXHEKAwQAXHE8AwQAXHFkAwQAX4ZwAwQAX4Z6AwQAX4aE
AwQAX4a0AwQAX4bAMA0GCSqGSIb3DQEBCwUAA4IBAQARBu/PS8e8E6OYqoXkKKSM
8TXWreSPn1wDSZ0CpH2mVJ7aDAN63C8uiFEunmPXFVKiGAFAPlzFo1+BKMQ6VGdC
qktm74LEGrVWHRVJXAsCkjXb5X3Sl+sM/h1Oo9El1AeAg0hl64YWQ1fwpA2PB6nN
3f2oDUZx/MlPoGaTUnhj83M5MkH6Zj9FfnsBtIEV0t0f5KREzRj1k88Mx3Lg0kIR
Gze9lj+1VDbs18V2b1DE8hmoWf0r0qUE9YLoznhvEHK84EZ9tgPDbGsxwY341rSq
zaZgZYkdJ47bvhNcwQ76DIM1yu9URfldvu+VoxHDq0QG2cQ3bAZZ52qPZwNz8bmK
-----END CERTIFICATE-----
Generated at Thu Aug 21 04:51:36 2025 by rpki-client