Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS996.roa
File: AS996.roa (raw, json)
Hash identifier: O9RPVWh0AocBHCZ6GaspVIuFPxo50Gip2vJenksT2lw=
Subject key identifier: 3E:AD:FB:3D:70:11:2A:D9:E7:7C:11:A8:DB:99:E5:A7:EC:F5:73:E2
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5F41E730E7F7ABC141C637576084A6677AE2AE14
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS996.roa
Signing time: Sat 31 May 2025 04:34:06 +0000
ROA not before: Sat 31 May 2025 04:29:06 +0000
ROA not after: Sat 30 May 2026 04:34:06 +0000
asID: 996
IP address blocks: 46.203.107.0/24 maxlen: 24
46.203.114.0/24 maxlen: 24
46.203.145.0/24 maxlen: 24
46.203.146.0/24 maxlen: 24
46.203.168.0/24 maxlen: 24
46.203.169.0/24 maxlen: 24
46.203.171.0/24 maxlen: 24
46.203.174.0/24 maxlen: 24
46.203.177.0/24 maxlen: 24
46.203.179.0/24 maxlen: 24
92.112.6.0/24 maxlen: 24
92.112.7.0/24 maxlen: 24
92.112.8.0/24 maxlen: 24
92.112.36.0/24 maxlen: 24
92.112.38.0/24 maxlen: 24
92.112.55.0/24 maxlen: 24
92.112.89.0/24 maxlen: 24
92.112.142.0/24 maxlen: 24
92.113.15.0/24 maxlen: 24
92.113.40.0/24 maxlen: 24
92.113.56.0/24 maxlen: 24
92.113.57.0/24 maxlen: 24
92.113.58.0/24 maxlen: 24
92.113.59.0/24 maxlen: 24
92.113.169.0/24 maxlen: 24
92.113.247.0/24 maxlen: 24
95.134.184.0/24 maxlen: 24
95.134.206.0/24 maxlen: 24
95.134.221.0/24 maxlen: 24
95.134.223.0/24 maxlen: 24
95.135.72.0/24 maxlen: 24
178.92.44.0/24 maxlen: 24
178.93.117.0/24 maxlen: 24
178.93.121.0/24 maxlen: 24
178.94.168.0/24 maxlen: 24
178.94.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:41:e7:30:e7:f7:ab:c1:41:c6:37:57:60:84:a6:67:7a:e2:ae:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 31 04:29:06 2025 GMT
Not After : May 30 04:34:06 2026 GMT
Subject: CN=3EADFB3D70112AD9E77C11A8DB99E5A7ECF573E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0f:d2:4e:f3:df:2b:ee:77:9e:73:86:95:27:
31:8c:65:36:1c:86:f7:d0:fd:6e:32:14:35:cc:89:
38:6e:93:a6:36:97:b0:d8:0d:ca:12:e8:56:7f:7c:
aa:e1:15:34:89:f8:4e:32:90:8f:52:fb:2b:16:a9:
56:25:79:e9:a1:29:fb:bb:8c:6d:d0:2d:77:68:6b:
e6:b9:67:e5:81:aa:cb:67:92:4a:66:96:26:fc:a4:
0c:a6:ec:f7:60:bc:f9:82:39:b1:9c:12:c1:9e:fd:
49:d1:4c:5f:ee:89:65:ca:20:e8:40:a8:e8:78:b1:
16:c0:e8:37:98:f2:be:8a:4d:e1:13:84:23:10:f9:
17:f0:63:2d:28:92:6e:eb:dc:b7:fa:e4:08:c3:a0:
9c:ca:c4:f2:7a:41:73:cb:e0:fb:68:b5:5b:7a:aa:
b9:a6:9c:8d:7e:b0:38:49:92:7e:3c:e6:a5:51:e0:
db:b6:dc:d7:48:57:56:82:a5:cc:34:32:b4:00:ac:
7f:2b:6a:28:a1:85:0e:51:18:e4:e8:28:0e:22:5d:
47:4d:3e:96:cd:a9:26:d1:53:c7:59:bf:81:60:a4:
00:98:69:b8:fb:af:32:55:9a:31:be:fd:36:2b:2c:
7f:25:b8:c7:5c:2b:9d:48:4c:64:11:72:33:6b:6c:
c1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:AD:FB:3D:70:11:2A:D9:E7:7C:11:A8:DB:99:E5:A7:EC:F5:73:E2
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.107.0/24
46.203.114.0/24
46.203.145.0-46.203.146.255
46.203.168.0/23
46.203.171.0/24
46.203.174.0/24
46.203.177.0/24
46.203.179.0/24
92.112.6.0-92.112.8.255
92.112.36.0/24
92.112.38.0/24
92.112.55.0/24
92.112.89.0/24
92.112.142.0/24
92.113.15.0/24
92.113.40.0/24
92.113.56.0/22
92.113.169.0/24
92.113.247.0/24
95.134.184.0/24
95.134.206.0/24
95.134.221.0/24
95.134.223.0/24
95.135.72.0/24
178.92.44.0/24
178.93.117.0/24
178.93.121.0/24
178.94.168.0/24
178.94.175.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:8b:ce:ca:9a:60:9c:cc:14:88:35:dc:c4:23:d3:3b:3f:01:
c3:0e:0a:09:60:eb:21:1b:7e:e3:53:83:05:dc:fc:13:5e:60:
38:9d:9a:7a:0f:04:fb:91:54:5d:12:a1:1f:b5:7e:ca:98:61:
58:e2:92:68:13:0b:fe:9e:42:07:1a:c9:92:c1:f3:7a:c8:b0:
fc:8c:a8:cc:19:a6:e1:dd:d5:d7:14:3d:c3:e7:6a:92:e3:10:
3c:d1:95:b6:ed:5c:8b:dc:f2:c7:22:cf:19:9d:ce:75:8b:ff:
e0:91:cf:7f:a9:39:46:ff:da:82:13:8f:3d:74:ae:bd:93:c5:
a6:37:c3:c1:22:d2:10:c7:cb:26:ce:e8:68:5b:14:b8:6a:bf:
67:8a:25:fd:0d:2a:7d:ec:8a:67:3a:bd:38:0b:ac:de:ee:01:
b8:e0:34:a9:45:59:39:9d:37:54:76:14:f0:9e:c5:c6:d1:d9:
f3:cb:13:c4:6f:f6:83:ab:3b:b9:ca:01:85:d6:df:ea:e6:49:
5a:35:de:97:4f:1a:6f:44:fd:85:6a:c9:6a:40:0f:43:01:28:
24:29:b6:3b:e2:68:52:61:5e:34:f2:38:2f:40:45:b7:dc:03:
50:a2:05:05:8b:4a:a7:e8:01:fd:02:2b:4d:1f:08:02:01:fc:
fb:fa:d3:e2
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUX0HnMOf3q8FBxjdXYISmZ3rirhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MzEwNDI5MDZaFw0yNjA1MzAwNDM0MDZaMDMxMTAvBgNV
BAMTKDNFQURGQjNENzAxMTJBRDlFNzdDMTFBOERCOTlFNUE3RUNGNTczRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCD9JO898r7neec4aVJzGMZTYc
hvfQ/W4yFDXMiThuk6Y2l7DYDcoS6FZ/fKrhFTSJ+E4ykI9S+ysWqVYleemhKfu7
jG3QLXdoa+a5Z+WBqstnkkpmlib8pAym7PdgvPmCObGcEsGe/UnRTF/uiWXKIOhA
qOh4sRbA6DeY8r6KTeEThCMQ+RfwYy0okm7r3Lf65AjDoJzKxPJ6QXPL4PtotVt6
qrmmnI1+sDhJkn485qVR4Nu23NdIV1aCpcw0MrQArH8raiihhQ5RGOToKA4iXUdN
PpbNqSbRU8dZv4FgpACYabj7rzJVmjG+/TYrLH8luMdcK51ITGQRcjNrbMGRAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUPq37PXARKtnnfBGo25nlp+z1c+IwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTk2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAAu
y2sDBAAuy3IwDAMEAC7LkQMEAC7LkgMEAS7LqAMEAC7LqwMEAC7LrgMEAC7LsQME
AC7LszAMAwQBXHAGAwQAXHAIAwQAXHAkAwQAXHAmAwQAXHA3AwQAXHBZAwQAXHCO
AwQAXHEPAwQAXHEoAwQCXHE4AwQAXHGpAwQAXHH3AwQAX4a4AwQAX4bOAwQAX4bd
AwQAX4bfAwQAX4dIAwQAslwsAwQAsl11AwQAsl15AwQAsl6oAwQAsl6vMA0GCSqG
SIb3DQEBCwUAA4IBAQCmi87KmmCczBSINdzEI9M7PwHDDgoJYOshG37jU4MF3PwT
XmA4nZp6DwT7kVRdEqEftX7KmGFY4pJoEwv+nkIHGsmSwfN6yLD8jKjMGabh3dXX
FD3D52qS4xA80ZW27VyL3PLHIs8Znc51i//gkc9/qTlG/9qCE489dK69k8WmN8PB
ItIQx8smzuhoWxS4ar9niiX9DSp97IpnOr04C6ze7gG44DSpRVk5nTdUdhTwnsXG
0dnzyxPEb/aDqzu5ygGF1t/q5klaNd6XTxpvRP2FaslqQA9DASgkKbY74mhSYV40
8jgvQEW33ANQogUFi0qn6AH9AitNHwgCAfz7+tPi
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:12:08 2025 by rpki-client