Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS198487.roa
File: AS198487.roa (raw, json)
Hash identifier: Q1eI/cyHILuf55gBujKmMgIJjreWUuBMmGuq9yoxD34=
Subject key identifier: 4A:4A:0A:B6:90:7B:00:CC:C7:28:7D:D1:E1:44:28:F5:A6:52:AC:48
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 68A89C0EA5B5D2904483977B265B36640D6F2AD7
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS198487.roa
Signing time: Thu 11 Jun 2026 07:25:41 +0000
ROA not before: Thu 11 Jun 2026 07:20:41 +0000
ROA not after: Thu 10 Jun 2027 07:25:41 +0000
asID: 198487
IP address blocks: 46.202.46.0/24 maxlen: 24
92.112.42.0/24 maxlen: 24
95.134.70.0/24 maxlen: 24
178.94.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a8:9c:0e:a5:b5:d2:90:44:83:97:7b:26:5b:36:64:0d:6f:2a:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 11 07:20:41 2026 GMT
Not After : Jun 10 07:25:41 2027 GMT
Subject: CN=4A4A0AB6907B00CCC7287DD1E14428F5A652AC48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:87:dc:34:ca:2e:0f:21:9e:b1:28:ae:9c:b8:
b5:4f:eb:9f:3d:61:27:e2:67:f0:94:3a:60:8e:b0:
05:c2:93:f9:31:60:fd:91:9c:99:e1:87:00:e4:12:
6c:fa:4f:2c:68:c3:89:cd:49:ee:26:60:5d:52:98:
de:99:f4:61:31:2e:5c:ce:5f:da:ca:c0:78:d5:28:
d1:00:91:8f:ef:88:e7:77:34:82:34:37:f5:c5:6b:
42:b7:6b:e9:04:7d:a7:78:4f:f2:9c:78:ff:3e:31:
e2:f6:95:a1:5c:ea:ad:c9:d8:78:90:f2:a4:07:32:
5e:77:55:f5:0d:e5:1b:b3:7d:8f:5f:9a:80:30:ca:
ad:cd:4e:13:cf:d1:24:ba:1f:12:2b:63:49:e8:19:
b2:48:f0:d4:be:d2:54:93:ec:ac:36:e0:0d:f3:fb:
b3:37:c3:39:92:5a:21:c0:28:40:77:f1:1f:38:07:
d3:7b:8e:1f:3c:09:8c:e1:aa:63:2a:69:df:90:a8:
f8:bb:e6:1a:e2:7a:e7:7f:82:b9:69:b1:c6:f1:40:
d1:76:ff:e8:e2:85:0e:13:e0:a1:8b:7a:f0:09:79:
fe:73:0a:fd:56:f3:22:8d:8a:83:ac:a8:fb:2a:7b:
41:8f:c6:6c:6a:c2:4f:07:e1:6f:a9:f7:e8:72:e1:
db:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4A:0A:B6:90:7B:00:CC:C7:28:7D:D1:E1:44:28:F5:A6:52:AC:48
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS198487.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.46.0/24
92.112.42.0/24
95.134.70.0/24
178.94.187.0/24
Signature Algorithm: sha256WithRSAEncryption
96:4d:3c:47:b0:c1:5a:81:9c:7e:ca:7b:96:ca:42:d1:ae:f9:
fa:6c:a3:63:da:e8:ec:86:de:55:e5:11:30:bf:85:10:57:1f:
a4:1b:66:cf:8f:cb:27:3d:f6:d2:66:0d:c1:ea:2e:4d:cc:b8:
b2:e8:e0:68:ba:89:25:d7:ae:ea:cc:a2:cd:5f:eb:cc:d6:30:
fc:17:8e:6b:41:1b:e4:15:c9:5f:45:5e:70:9a:f2:7f:e2:7f:
04:93:f4:ff:3c:d5:d6:ce:a1:dc:60:02:38:7a:9e:3d:9a:62:
78:ee:d8:f5:fd:bd:1a:bc:9f:6a:3f:3a:94:19:8c:29:de:08:
0a:20:f8:fa:18:c9:1d:35:a6:5e:ca:bd:c7:e0:13:8d:be:d9:
83:1b:74:cb:20:2b:a4:cb:ab:56:66:70:85:a7:56:81:a7:30:
f5:60:54:8d:e1:51:5d:fd:47:4e:76:ad:10:d0:27:e2:82:f9:
42:f8:f7:fb:a0:b1:f0:e1:e9:8e:95:25:02:6d:04:3b:97:86:
98:a6:3d:16:7e:61:b8:06:4b:48:be:b5:4f:da:c7:ef:07:0e:
5d:96:b1:e5:a8:7c:6b:2c:b1:6c:d9:e0:df:f3:79:36:2a:31:
76:97:06:cd:02:15:14:b9:84:f9:0c:d0:1c:cc:9e:ce:cd:94:
bf:0c:06:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUaKicDqW10pBEg5d7Jls2ZA1vKtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA2MTEwNzIwNDFaFw0yNzA2MTAwNzI1NDFaMDMxMTAvBgNV
BAMTKDRBNEEwQUI2OTA3QjAwQ0NDNzI4N0REMUUxNDQyOEY1QTY1MkFDNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUh9w0yi4PIZ6xKK6cuLVP6589
YSfiZ/CUOmCOsAXCk/kxYP2RnJnhhwDkEmz6Tyxow4nNSe4mYF1SmN6Z9GExLlzO
X9rKwHjVKNEAkY/viOd3NII0N/XFa0K3a+kEfad4T/KceP8+MeL2laFc6q3J2HiQ
8qQHMl53VfUN5RuzfY9fmoAwyq3NThPP0SS6HxIrY0noGbJI8NS+0lST7Kw24A3z
+7M3wzmSWiHAKEB38R84B9N7jh88CYzhqmMqad+QqPi75hrieud/grlpscbxQNF2
/+jihQ4T4KGLevAJef5zCv1W8yKNioOsqPsqe0GPxmxqwk8H4W+p9+hy4dtRAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUSkoKtpB7AMzHKH3R4UQo9aZSrEgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTk4NDg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALsou
AwQAXHAqAwQAX4ZGAwQAsl67MA0GCSqGSIb3DQEBCwUAA4IBAQCWTTxHsMFagZx+
ynuWykLRrvn6bKNj2ujsht5V5REwv4UQVx+kG2bPj8snPfbSZg3B6i5NzLiy6OBo
uokl167qzKLNX+vM1jD8F45rQRvkFclfRV5wmvJ/4n8Ek/T/PNXWzqHcYAI4ep49
mmJ47tj1/b0avJ9qPzqUGYwp3ggKIPj6GMkdNaZeyr3H4BONvtmDG3TLICuky6tW
ZnCFp1aBpzD1YFSN4VFd/UdOdq0Q0CfigvlC+Pf7oLHw4emOlSUCbQQ7l4aYpj0W
fmG4BktIvrVP2sfvBw5dlrHlqHxrLLFs2eDf83k2KjF2lwbNAhUUuYT5DNAczJ7O
zZS/DAbV
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:34:58 2026 by rpki-client