Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
File: AS137235.roa (raw, json)
Hash identifier: /0rvzoR9TU/Bx3Gf2UeOKfsyBOm4WaZoNER6JN1X13I=
Subject key identifier: 67:5F:46:D4:50:1E:91:CB:3F:AC:3B:47:D8:16:E4:76:51:72:43:13
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7285674733CB3AC62BB7E077F24E5EB4C1E4B859
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
Signing time: Tue 24 Feb 2026 10:34:00 +0000
ROA not before: Tue 24 Feb 2026 10:29:00 +0000
ROA not after: Tue 23 Feb 2027 10:34:00 +0000
asID: 137235
IP address blocks: 95.134.40.0/24 maxlen: 24
95.134.127.0/24 maxlen: 24
95.134.141.0/24 maxlen: 24
178.92.135.0/24 maxlen: 24
178.95.4.0/24 maxlen: 24
178.95.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 08:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:85:67:47:33:cb:3a:c6:2b:b7:e0:77:f2:4e:5e:b4:c1:e4:b8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 24 10:29:00 2026 GMT
Not After : Feb 23 10:34:00 2027 GMT
Subject: CN=675F46D4501E91CB3FAC3B47D816E47651724313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6c:98:01:86:b1:2d:2c:d8:dd:1b:9f:88:73:
4b:45:aa:bf:a1:29:5a:dd:21:b7:ee:22:1c:6a:7e:
34:07:c8:a2:f4:e9:54:0e:4d:09:15:1d:24:be:76:
57:3c:5d:10:f4:20:2b:f8:3c:9f:8c:35:d7:10:57:
b2:2a:18:9d:23:e5:60:36:7b:cb:17:30:75:c0:73:
2a:a9:6f:e3:a7:cc:23:85:08:3e:7e:b0:31:7b:d2:
75:02:79:34:55:65:b5:ba:d0:20:49:b2:11:34:ff:
70:56:5b:a2:19:c5:b3:b0:9f:26:8b:30:fc:74:7c:
58:5c:0a:f1:36:c4:bf:1a:7f:ba:78:77:89:4e:e3:
f5:4c:a4:4d:32:1b:71:75:cb:f6:8f:eb:45:c5:a1:
99:ad:1e:31:cc:5b:3d:ed:14:57:54:71:e1:2d:89:
0b:63:ce:68:96:0f:3b:13:c9:19:b2:29:26:6f:6a:
aa:98:a3:2a:e6:11:33:d2:ac:88:49:3e:57:6e:e1:
01:a2:45:50:b2:26:80:91:dd:e1:8c:e0:f0:9e:db:
ee:36:ab:51:fe:b2:38:72:c0:c6:f4:6a:db:9b:36:
3f:ac:57:9f:d5:06:51:9e:4e:5a:92:60:97:a4:65:
d5:3c:db:35:4d:4a:a6:38:74:5b:36:9b:27:53:8c:
fb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5F:46:D4:50:1E:91:CB:3F:AC:3B:47:D8:16:E4:76:51:72:43:13
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS137235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.40.0/24
95.134.127.0/24
95.134.141.0/24
178.92.135.0/24
178.95.4.0/24
178.95.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:2b:45:c3:39:30:cd:5e:17:8b:5d:d4:cb:a3:89:13:f8:6c:
48:6f:9e:c4:74:d4:94:4c:4a:1b:a1:cb:f9:2a:ce:cf:2b:1f:
0c:74:23:29:16:98:d3:54:ed:7a:3d:4d:7c:2b:90:65:7f:98:
2e:65:ae:0c:db:a2:20:41:e8:1c:64:8a:54:58:88:0c:5f:9c:
20:bb:b2:7d:ec:ef:cb:8b:a5:0a:14:9e:6f:0d:81:4e:b5:9e:
f0:4b:14:26:cf:2b:6e:bd:d0:03:2c:b9:e9:b8:5a:c1:b8:85:
01:20:59:34:d7:9d:07:4c:29:b9:49:7e:70:c6:0e:0a:f0:d9:
5b:89:05:e2:52:39:06:5a:7a:d5:1d:16:66:32:9c:93:20:e7:
cd:c6:20:99:eb:93:8f:27:6e:f1:89:67:6d:e2:1c:c2:44:6b:
2b:42:e6:bf:28:19:64:0e:d7:1a:83:f6:41:cd:6a:f4:1d:92:
c8:98:79:43:a0:93:25:77:7c:46:b4:84:f3:dc:f0:b2:f7:29:
c4:2f:3f:8a:03:a8:2e:1e:f2:5f:37:96:68:fd:b1:93:20:c4:
ea:05:1c:40:05:fd:16:41:54:2a:a0:b6:aa:dc:08:37:d1:f2:
eb:e2:9e:4b:6f:e7:d8:a2:12:f3:14:7f:09:3b:26:78:e2:cc:
1c:b4:cb:42
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUcoVnRzPLOsYrt+B38k5etMHkuFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAyMjQxMDI5MDBaFw0yNzAyMjMxMDM0MDBaMDMxMTAvBgNV
BAMTKDY3NUY0NkQ0NTAxRTkxQ0IzRkFDM0I0N0Q4MTZFNDc2NTE3MjQzMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4bJgBhrEtLNjdG5+Ic0tFqr+h
KVrdIbfuIhxqfjQHyKL06VQOTQkVHSS+dlc8XRD0ICv4PJ+MNdcQV7IqGJ0j5WA2
e8sXMHXAcyqpb+OnzCOFCD5+sDF70nUCeTRVZbW60CBJshE0/3BWW6IZxbOwnyaL
MPx0fFhcCvE2xL8af7p4d4lO4/VMpE0yG3F1y/aP60XFoZmtHjHMWz3tFFdUceEt
iQtjzmiWDzsTyRmyKSZvaqqYoyrmETPSrIhJPldu4QGiRVCyJoCR3eGM4PCe2+42
q1H+sjhywMb0atubNj+sV5/VBlGeTlqSYJekZdU82zVNSqY4dFs2mydTjPupAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUZ19G1FAekcs/rDtH2BbkdlFyQxMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX4Yo
AwQAX4Z/AwQAX4aNAwQAslyHAwQAsl8EAwQAsl/vMA0GCSqGSIb3DQEBCwUAA4IB
AQCpK0XDOTDNXheLXdTLo4kT+GxIb57EdNSUTEobocv5Ks7PKx8MdCMpFpjTVO16
PU18K5Blf5guZa4M26IgQegcZIpUWIgMX5wgu7J97O/Li6UKFJ5vDYFOtZ7wSxQm
zytuvdADLLnpuFrBuIUBIFk0150HTCm5SX5wxg4K8NlbiQXiUjkGWnrVHRZmMpyT
IOfNxiCZ65OPJ27xiWdt4hzCRGsrQua/KBlkDtcag/ZBzWr0HZLImHlDoJMld3xG
tITz3PCy9ynELz+KA6guHvJfN5Zo/bGTIMTqBRxABf0WQVQqoLaq3Ag30fLr4p5L
b+fYohLzFH8JOyZ44swctMtC
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:12:42 2026 by rpki-client