Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS54339.roa
File: AS54339.roa (raw, json)
Hash identifier: 6yacrK8FPYZr5VwXRnU7fo+C7/Ol0s2TkcLErIxfdRQ=
Subject key identifier: 29:2A:E7:B1:20:9A:4A:B8:E0:11:12:E6:FE:1F:55:5A:CC:F0:39:AF
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 375BBFA0745BC39EEFBB4201E41166B7F4C569AB
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS54339.roa
Signing time: Sat 31 May 2025 04:34:06 +0000
ROA not before: Sat 31 May 2025 04:29:06 +0000
ROA not after: Sat 30 May 2026 04:34:06 +0000
asID: 54339
IP address blocks: 46.203.107.0/24 maxlen: 24
46.203.114.0/24 maxlen: 24
46.203.145.0/24 maxlen: 24
46.203.146.0/24 maxlen: 24
46.203.168.0/24 maxlen: 24
46.203.169.0/24 maxlen: 24
46.203.171.0/24 maxlen: 24
46.203.174.0/24 maxlen: 24
46.203.177.0/24 maxlen: 24
46.203.179.0/24 maxlen: 24
46.203.199.0/24 maxlen: 24
46.203.235.0/24 maxlen: 24
92.112.6.0/24 maxlen: 24
92.112.7.0/24 maxlen: 24
92.112.8.0/24 maxlen: 24
92.112.36.0/24 maxlen: 24
92.112.38.0/24 maxlen: 24
92.112.55.0/24 maxlen: 24
92.112.89.0/24 maxlen: 24
92.112.142.0/24 maxlen: 24
92.113.4.0/24 maxlen: 24
92.113.6.0/24 maxlen: 24
92.113.9.0/24 maxlen: 24
92.113.15.0/24 maxlen: 24
92.113.40.0/24 maxlen: 24
92.113.56.0/24 maxlen: 24
92.113.57.0/24 maxlen: 24
92.113.58.0/24 maxlen: 24
92.113.59.0/24 maxlen: 24
92.113.169.0/24 maxlen: 24
92.113.247.0/24 maxlen: 24
95.134.184.0/24 maxlen: 24
95.134.206.0/24 maxlen: 24
95.134.221.0/24 maxlen: 24
95.134.223.0/24 maxlen: 24
95.135.72.0/24 maxlen: 24
178.92.44.0/24 maxlen: 24
178.93.117.0/24 maxlen: 24
178.93.121.0/24 maxlen: 24
178.94.168.0/24 maxlen: 24
178.94.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:5b:bf:a0:74:5b:c3:9e:ef:bb:42:01:e4:11:66:b7:f4:c5:69:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 31 04:29:06 2025 GMT
Not After : May 30 04:34:06 2026 GMT
Subject: CN=292AE7B1209A4AB8E01112E6FE1F555ACCF039AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b4:b2:41:c2:58:f1:f7:d4:5b:23:17:5e:83:
cd:ac:ac:ae:fd:46:f3:0a:0b:b6:d3:8b:1d:22:53:
b5:12:c0:ae:b2:7b:1f:89:70:bf:b2:d7:2e:05:19:
88:df:1a:a6:6b:21:0e:d1:1a:13:0b:3a:ba:7b:98:
5f:1a:92:fa:73:a2:55:dc:77:55:28:32:95:e8:80:
a0:d7:b6:6a:2d:3d:9b:44:9d:01:7d:fd:d6:c8:23:
64:7a:44:b2:aa:4e:29:36:0f:95:90:bb:cb:ad:40:
bb:e4:e1:72:d8:5b:64:b7:c9:df:bc:7b:53:0a:ab:
7c:cd:ee:a9:0c:85:b7:ed:34:9b:e9:fa:f4:01:af:
83:45:44:7f:ef:60:50:6b:04:9b:e1:fb:bb:22:35:
cb:3d:a0:63:a2:f9:18:c4:a7:72:d8:33:c4:9f:76:
06:f0:a7:f6:9e:07:e4:25:ec:e0:a3:94:7f:6e:90:
c0:01:47:3a:ed:3f:ff:5f:0b:47:c6:53:4a:97:60:
a3:05:85:b4:b0:12:0c:14:94:25:1c:63:bd:99:af:
1f:cb:0a:e4:3d:0d:7a:ba:1d:f8:5b:f8:f1:eb:8c:
38:7e:5c:ff:55:66:27:38:49:49:79:03:f9:8b:a8:
8d:86:77:88:88:4f:2f:3f:2b:ae:cd:f3:00:e7:79:
41:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:2A:E7:B1:20:9A:4A:B8:E0:11:12:E6:FE:1F:55:5A:CC:F0:39:AF
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS54339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.107.0/24
46.203.114.0/24
46.203.145.0-46.203.146.255
46.203.168.0/23
46.203.171.0/24
46.203.174.0/24
46.203.177.0/24
46.203.179.0/24
46.203.199.0/24
46.203.235.0/24
92.112.6.0-92.112.8.255
92.112.36.0/24
92.112.38.0/24
92.112.55.0/24
92.112.89.0/24
92.112.142.0/24
92.113.4.0/24
92.113.6.0/24
92.113.9.0/24
92.113.15.0/24
92.113.40.0/24
92.113.56.0/22
92.113.169.0/24
92.113.247.0/24
95.134.184.0/24
95.134.206.0/24
95.134.221.0/24
95.134.223.0/24
95.135.72.0/24
178.92.44.0/24
178.93.117.0/24
178.93.121.0/24
178.94.168.0/24
178.94.175.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:e7:7a:9e:5b:ab:7c:fb:1d:6b:87:50:49:b0:ca:0c:4e:f7:
6f:8b:b3:67:4b:ed:23:bc:70:06:b9:b1:50:59:80:54:2d:e1:
2c:78:ad:6e:aa:bd:16:cb:66:38:d8:7f:6f:91:98:c8:5b:2c:
ca:c5:6d:6e:07:e1:a2:cc:44:e2:7a:ed:72:42:98:59:43:17:
12:ef:72:93:fb:ba:51:eb:4d:27:f6:fc:fc:49:52:10:35:17:
c5:9f:8b:89:33:e9:54:2c:4a:48:0b:6b:58:76:8e:a8:53:ff:
6d:41:09:8a:5e:33:e4:21:4f:e0:40:77:14:a0:43:60:71:92:
d4:4f:ae:cc:a9:49:b5:a9:61:ce:5b:34:f7:7b:bf:09:c4:09:
7a:2b:df:17:9e:4b:67:17:8c:d0:71:99:d1:10:93:fd:01:84:
3a:60:37:d3:df:c9:ea:d2:65:12:63:68:79:5c:70:a7:96:a6:
3e:ee:0a:9e:76:c6:ce:09:be:af:dc:b6:b2:7b:96:ea:5e:0e:
11:b9:b9:98:bb:73:12:7c:11:3b:f1:97:f8:07:68:78:58:4a:
20:c7:fa:b3:c8:a6:3a:e8:7e:a1:c1:93:36:8b:01:cb:cf:68:
3e:29:ce:2a:07:95:b7:ad:ea:a7:f6:74:d0:3f:f6:9f:34:b3:
a1:77:5c:7b
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgIUN1u/oHRbw57vu0IB5BFmt/TFaaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MzEwNDI5MDZaFw0yNjA1MzAwNDM0MDZaMDMxMTAvBgNV
BAMTKDI5MkFFN0IxMjA5QTRBQjhFMDExMTJFNkZFMUY1NTVBQ0NGMDM5QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6tLJBwljx99RbIxdeg82srK79
RvMKC7bTix0iU7USwK6yex+JcL+y1y4FGYjfGqZrIQ7RGhMLOrp7mF8akvpzolXc
d1UoMpXogKDXtmotPZtEnQF9/dbII2R6RLKqTik2D5WQu8utQLvk4XLYW2S3yd+8
e1MKq3zN7qkMhbftNJvp+vQBr4NFRH/vYFBrBJvh+7siNcs9oGOi+RjEp3LYM8Sf
dgbwp/aeB+Ql7OCjlH9ukMABRzrtP/9fC0fGU0qXYKMFhbSwEgwUlCUcY72Zrx/L
CuQ9DXq6Hfhb+PHrjDh+XP9VZic4SUl5A/mLqI2Gd4iITy8/K67N8wDneUHTAgMB
AAGjggLkMIIC4DAdBgNVHQ4EFgQUKSrnsSCaSrjgERLm/h9VWszwOa8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTQzMzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgfkGCCsGAQUFBwEHAQH/BIHpMIHmMIHjBAIAATCB3AME
AC7LawMEAC7LcjAMAwQALsuRAwQALsuSAwQBLsuoAwQALsurAwQALsuuAwQALsux
AwQALsuzAwQALsvHAwQALsvrMAwDBAFccAYDBABccAgDBABccCQDBABccCYDBABc
cDcDBABccFkDBABccI4DBABccQQDBABccQYDBABccQkDBABccQ8DBABccSgDBAJc
cTgDBABccakDBABccfcDBABfhrgDBABfhs4DBABfht0DBABfht8DBABfh0gDBACy
XCwDBACyXXUDBACyXXkDBACyXqgDBACyXq8wDQYJKoZIhvcNAQELBQADggEBAB3n
ep5bq3z7HWuHUEmwygxO92+Ls2dL7SO8cAa5sVBZgFQt4Sx4rW6qvRbLZjjYf2+R
mMhbLMrFbW4H4aLMROJ67XJCmFlDFxLvcpP7ulHrTSf2/PxJUhA1F8Wfi4kz6VQs
SkgLa1h2jqhT/21BCYpeM+QhT+BAdxSgQ2BxktRPrsypSbWpYc5bNPd7vwnECXor
3xeeS2cXjNBxmdEQk/0BhDpgN9PfyerSZRJjaHlccKeWpj7uCp52xs4Jvq/ctrJ7
lupeDhG5uZi7cxJ8ETvxl/gHaHhYSiDH+rPIpjrofqHBkzaLAcvPaD4pzioHlbet
6qf2dNA/9p80s6F3XHs=
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:12:16 2025 by rpki-client