Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS134351.roa
File: AS134351.roa (raw, json)
Hash identifier: kI6D7zBxluzUKwCt9UqToH29etqeB7GXgxr+oQASkq4=
Subject key identifier: 42:4D:5B:64:E7:9C:D7:72:AD:18:1C:83:AB:D9:AA:57:5C:42:66:62
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 66A7F06D2C8E0A541B3A449FE93517D5BFF83C78
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS134351.roa
Signing time: Wed 29 Oct 2025 13:55:10 +0000
ROA not before: Wed 29 Oct 2025 13:50:10 +0000
ROA not after: Wed 28 Oct 2026 13:55:10 +0000
asID: 134351
IP address blocks: 46.202.253.0/24 maxlen: 24
46.202.255.0/24 maxlen: 24
46.203.23.0/24 maxlen: 24
46.203.28.0/24 maxlen: 24
46.203.45.0/24 maxlen: 24
46.203.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:a7:f0:6d:2c:8e:0a:54:1b:3a:44:9f:e9:35:17:d5:bf:f8:3c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 29 13:50:10 2025 GMT
Not After : Oct 28 13:55:10 2026 GMT
Subject: CN=424D5B64E79CD772AD181C83ABD9AA575C426662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ca:28:cf:af:91:de:8f:a2:24:af:e9:f2:f6:
e7:b2:b9:c6:2b:7f:3a:01:08:56:bc:dc:ef:0d:9a:
ed:ae:f4:7e:3d:8b:88:1f:10:ef:ee:fe:88:b2:44:
4d:83:ca:3c:48:d1:f7:64:fc:98:ca:98:93:a6:6f:
75:24:6b:c5:20:b7:05:58:23:8e:16:d7:7f:9a:94:
54:91:fd:b3:77:a1:a0:81:02:45:44:b8:2f:1d:8b:
40:b9:62:7f:ae:33:e7:98:61:97:47:2b:38:a0:c3:
ce:a8:ab:05:10:ba:20:93:68:66:12:60:13:12:1a:
92:60:4e:79:04:99:bd:d8:af:b4:1b:b7:6f:e6:f2:
18:24:f8:ab:3c:3c:f2:f9:68:48:b2:5f:da:55:2d:
ea:45:e1:5f:a5:e3:22:98:c5:16:b4:54:18:1e:fc:
71:21:46:01:49:37:5c:23:30:80:70:cc:88:b3:e8:
d6:f6:89:f6:af:b0:33:69:d0:aa:ae:67:57:5c:78:
73:e0:40:26:83:22:bc:b2:30:ab:fe:3e:c2:1f:0c:
15:7c:5b:dc:ec:ad:c7:30:36:23:7d:aa:31:da:a5:
52:7b:e6:79:51:b2:bb:fa:a0:3f:38:74:dd:0b:b2:
67:70:5e:59:5e:c8:1d:c6:0b:c2:3d:bd:49:e1:7e:
2c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4D:5B:64:E7:9C:D7:72:AD:18:1C:83:AB:D9:AA:57:5C:42:66:62
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS134351.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.253.0/24
46.202.255.0/24
46.203.23.0/24
46.203.28.0/24
46.203.45.0/24
46.203.52.0/24
Signature Algorithm: sha256WithRSAEncryption
24:1c:69:e0:16:db:fe:50:6a:a8:d2:42:82:e7:93:6b:20:f8:
f9:ea:76:63:47:d4:81:47:ff:26:68:f7:b4:e0:9b:91:e5:be:
97:5f:5a:2d:f0:80:16:a2:c3:26:a8:34:b9:e1:3d:f0:24:5e:
cb:94:f9:0c:73:3e:84:23:9d:fd:cc:cc:b3:48:fe:86:2d:a5:
5e:33:54:15:62:30:59:ec:ff:2e:7d:05:3a:d0:16:9e:ca:55:
a1:99:6e:cb:02:db:37:b9:7b:e1:30:e4:ea:c2:b3:ad:b9:cc:
ed:17:02:bc:60:bb:e6:4d:0d:46:c3:ce:2e:e3:6b:54:b5:eb:
c9:41:5a:d8:7f:c0:2a:8a:59:bd:74:51:33:d7:ce:be:93:7f:
52:61:7c:84:49:ba:6d:b8:a9:a5:62:94:c5:27:57:12:b6:11:
66:89:a7:71:8d:b3:8f:6c:d1:4c:2c:6e:7c:9d:71:93:8c:5b:
be:52:6b:45:47:84:3e:73:77:c5:3b:90:56:8c:7f:45:51:37:
df:89:ae:ec:7e:8f:d5:8e:bf:8a:4d:bb:db:5d:de:35:a4:a8:
12:c8:ef:55:24:c9:23:8c:50:39:2a:0a:82:ac:ae:2f:d3:93:
3b:6c:8c:a0:4e:a2:57:c1:ac:9c:85:36:fd:50:74:98:5d:22:
5d:a9:91:3c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUZqfwbSyOClQbOkSf6TUX1b/4PHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjkxMzUwMTBaFw0yNjEwMjgxMzU1MTBaMDMxMTAvBgNV
BAMTKDQyNEQ1QjY0RTc5Q0Q3NzJBRDE4MUM4M0FCRDlBQTU3NUM0MjY2NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtyijPr5Hej6Ikr+ny9ueyucYr
fzoBCFa83O8Nmu2u9H49i4gfEO/u/oiyRE2DyjxI0fdk/JjKmJOmb3Uka8UgtwVY
I44W13+alFSR/bN3oaCBAkVEuC8di0C5Yn+uM+eYYZdHKzigw86oqwUQuiCTaGYS
YBMSGpJgTnkEmb3Yr7Qbt2/m8hgk+Ks8PPL5aEiyX9pVLepF4V+l4yKYxRa0VBge
/HEhRgFJN1wjMIBwzIiz6Nb2ifavsDNp0KquZ1dceHPgQCaDIryyMKv+PsIfDBV8
W9zsrccwNiN9qjHapVJ75nlRsrv6oD84dN0LsmdwXlleyB3GC8I9vUnhfizjAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUQk1bZOec13KtGByDq9mqV1xCZmIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM0MzUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALsr9
AwQALsr/AwQALssXAwQALsscAwQALsstAwQALss0MA0GCSqGSIb3DQEBCwUAA4IB
AQAkHGngFtv+UGqo0kKC55NrIPj56nZjR9SBR/8maPe04JuR5b6XX1ot8IAWosMm
qDS54T3wJF7LlPkMcz6EI539zMyzSP6GLaVeM1QVYjBZ7P8ufQU60BaeylWhmW7L
Ats3uXvhMOTqwrOtucztFwK8YLvmTQ1Gw84u42tUtevJQVrYf8Aqilm9dFEz186+
k39SYXyESbptuKmlYpTFJ1cSthFmiadxjbOPbNFMLG58nXGTjFu+UmtFR4Q+c3fF
O5BWjH9FUTffia7sfo/Vjr+KTbvbXd41pKgSyO9VJMkjjFA5KgqCrK4v05M7bIyg
TqJXwaychTb9UHSYXSJdqZE8
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:50:54 2025 by rpki-client