Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa
File: AS42689.roa (raw, json)
Hash identifier: /c2hqs1iF1I1l6jnnI9QqXxNv04aQCTAeXgttoS/Quc=
Subject key identifier: 89:43:F6:0E:2F:82:AC:35:F0:11:EF:5C:93:2F:1F:76:7E:1D:EB:C2
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1263D5A2104BC1F8CDF2F32872B051BF292BB91D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa
Signing time: Mon 25 Aug 2025 20:39:55 +0000
ROA not before: Mon 25 Aug 2025 20:34:55 +0000
ROA not after: Mon 24 Aug 2026 20:39:55 +0000
asID: 42689
IP address blocks: 46.202.28.0/24 maxlen: 24
46.202.52.0/24 maxlen: 24
91.124.4.0/24 maxlen: 24
91.124.5.0/24 maxlen: 24
91.124.25.0/24 maxlen: 24
91.124.53.0/24 maxlen: 24
91.124.56.0/24 maxlen: 24
91.124.61.0/24 maxlen: 24
91.124.193.0/24 maxlen: 24
91.124.218.0/24 maxlen: 24
91.124.239.0/24 maxlen: 24
91.124.240.0/24 maxlen: 24
91.124.254.0/24 maxlen: 24
95.134.77.0/24 maxlen: 24
95.134.86.0/24 maxlen: 24
95.134.87.0/24 maxlen: 24
95.134.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:03:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:63:d5:a2:10:4b:c1:f8:cd:f2:f3:28:72:b0:51:bf:29:2b:b9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 25 20:34:55 2025 GMT
Not After : Aug 24 20:39:55 2026 GMT
Subject: CN=8943F60E2F82AC35F011EF5C932F1F767E1DEBC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c8:d9:2c:dd:4c:58:4b:f5:d6:2d:10:c0:ca:
67:2c:86:e2:8a:a9:04:f5:32:eb:2c:0e:3b:2d:4d:
82:ba:ea:c7:74:86:5a:8e:0a:02:b4:e9:03:00:19:
f4:f2:53:e9:65:13:80:45:b7:eb:a5:16:ae:26:f6:
8c:a2:db:ec:da:4f:bc:be:a6:ab:a7:f3:16:31:67:
8c:c1:f9:29:82:72:b7:56:fc:3a:27:af:19:22:b5:
3c:76:13:ea:6c:56:73:dd:ef:06:93:6d:c8:04:07:
a9:58:39:04:b9:65:af:a6:87:19:74:2c:3c:67:78:
2a:be:15:f2:be:6c:69:50:97:47:ea:1c:b9:85:62:
bb:ff:25:de:ae:c5:9a:e8:ec:56:81:f7:f7:73:dd:
4b:82:72:56:9c:b7:10:b6:45:27:7b:f3:11:94:0b:
3d:4d:b1:96:9f:9e:01:7b:d0:54:f8:9e:b5:03:14:
d0:80:88:c5:60:1e:e8:0b:79:5e:63:13:ef:59:d5:
af:73:5f:a9:75:2f:a8:69:32:ad:44:63:07:7a:0e:
65:5f:e0:29:41:29:1e:c5:31:e2:3d:ff:e7:e9:2f:
d9:af:a1:a7:74:b2:68:41:3e:d2:00:f5:91:fe:d7:
60:d3:f6:a2:18:e0:ee:3d:88:24:5b:b3:2c:ea:1f:
d2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:43:F6:0E:2F:82:AC:35:F0:11:EF:5C:93:2F:1F:76:7E:1D:EB:C2
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.28.0/24
46.202.52.0/24
91.124.4.0/23
91.124.25.0/24
91.124.53.0/24
91.124.56.0/24
91.124.61.0/24
91.124.193.0/24
91.124.218.0/24
91.124.239.0-91.124.240.255
91.124.254.0/24
95.134.77.0/24
95.134.86.0/23
95.134.149.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:8d:6f:db:9d:26:f6:7b:37:94:07:47:96:54:09:92:ab:69:
bf:73:e9:4b:64:56:ed:fe:be:f5:06:83:99:de:8a:29:39:5e:
ef:ed:e6:43:8b:7a:22:0c:ef:6f:ff:c0:06:22:49:21:c1:26:
ce:22:b6:0d:67:5b:8f:29:6a:6d:11:26:3f:36:6b:50:3f:f9:
87:97:75:a0:10:68:a8:28:ee:19:78:a2:dd:3d:b2:4e:81:5c:
21:ca:b8:e3:38:48:66:02:08:a6:3e:59:86:9c:75:c4:9b:77:
de:42:f0:e8:a2:81:c1:0f:6b:70:0f:ac:67:27:82:f2:59:b9:
dc:d8:bb:1f:3c:e8:a1:57:e9:91:6f:9b:20:f7:a7:68:4c:f1:
d1:13:17:db:8f:ae:74:a2:e4:e2:63:9c:cc:e9:f3:0e:4f:25:
55:32:aa:26:12:2a:b4:39:6e:74:7c:60:51:6d:30:a3:5c:ff:
30:55:ce:33:79:51:1c:6c:ef:53:c2:d1:4f:5f:c7:1e:4a:2e:
4a:95:0d:a5:64:1e:39:6c:5c:31:1e:27:1d:08:e3:c8:2c:7a:
64:f0:55:ff:64:98:7a:f6:07:8a:a6:cd:8f:8e:72:52:02:dd:
8c:9b:55:21:81:a7:eb:6a:3d:5a:a0:9d:21:ac:0e:6a:61:84:
c2:bb:90:5d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIUEmPVohBLwfjN8vMocrBRvykruR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MjUyMDM0NTVaFw0yNjA4MjQyMDM5NTVaMDMxMTAvBgNV
BAMTKDg5NDNGNjBFMkY4MkFDMzVGMDExRUY1QzkzMkYxRjc2N0UxREVCQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsyNks3UxYS/XWLRDAymcshuKK
qQT1MussDjstTYK66sd0hlqOCgK06QMAGfTyU+llE4BFt+ulFq4m9oyi2+zaT7y+
pqun8xYxZ4zB+SmCcrdW/DonrxkitTx2E+psVnPd7waTbcgEB6lYOQS5Za+mhxl0
LDxneCq+FfK+bGlQl0fqHLmFYrv/Jd6uxZro7FaB9/dz3UuCclactxC2RSd78xGU
Cz1NsZafngF70FT4nrUDFNCAiMVgHugLeV5jE+9Z1a9zX6l1L6hpMq1EYwd6DmVf
4ClBKR7FMeI9/+fpL9mvoad0smhBPtIA9ZH+12DT9qIY4O49iCRbsyzqH9JhAgMB
AAGjggJfMIICWzAdBgNVHQ4EFgQUiUP2Di+CrDXwEe9cky8fdn4d68IwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDI2ODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdQYIKwYBBQUHAQcBAf8EZjBkMGIEAgABMFwDBAAuyhwD
BAAuyjQDBAFbfAQDBABbfBkDBABbfDUDBABbfDgDBABbfD0DBABbfMEDBABbfNow
DAMEAFt87wMEAFt88AMEAFt8/gMEAF+GTQMEAV+GVgMEAF+GlTANBgkqhkiG9w0B
AQsFAAOCAQEAfI1v250m9ns3lAdHllQJkqtpv3PpS2RW7f6+9QaDmd6KKTle7+3m
Q4t6Igzvb//ABiJJIcEmziK2DWdbjylqbREmPzZrUD/5h5d1oBBoqCjuGXii3T2y
ToFcIcq44zhIZgIIpj5Zhpx1xJt33kLw6KKBwQ9rcA+sZyeC8lm53Ni7HzzooVfp
kW+bIPenaEzx0RMX24+udKLk4mOczOnzDk8lVTKqJhIqtDludHxgUW0wo1z/MFXO
M3lRHGzvU8LRT1/HHkouSpUNpWQeOWxcMR4nHQjjyCx6ZPBV/2SYevYHiqbNj45y
UgLdjJtVIYGn62o9WqCdIawOamGEwruQXQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:52 2025 by rpki-client