Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS393942.roa
File: AS393942.roa (raw, json)
Hash identifier: UiLnzsAUJB+Doj99Xy8sOu2H0spXyIjKYOzwp0N7qGw=
Subject key identifier: 87:55:0F:62:F1:85:29:20:C6:78:95:FA:CC:0C:E6:F0:AC:7F:4B:C0
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 51151D866260F588BD4B746E28FA6FD600CD3B69
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS393942.roa
Signing time: Tue 24 Feb 2026 10:19:51 +0000
ROA not before: Tue 24 Feb 2026 10:14:51 +0000
ROA not after: Tue 23 Feb 2027 10:19:51 +0000
asID: 393942
IP address blocks: 95.134.23.0/24 maxlen: 24
95.134.70.0/24 maxlen: 24
95.135.50.0/24 maxlen: 24
178.92.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:15:1d:86:62:60:f5:88:bd:4b:74:6e:28:fa:6f:d6:00:cd:3b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 24 10:14:51 2026 GMT
Not After : Feb 23 10:19:51 2027 GMT
Subject: CN=87550F62F1852920C67895FACC0CE6F0AC7F4BC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b7:33:4e:3d:2c:02:b3:d9:08:7f:26:1d:df:
d8:d9:e7:45:b6:9d:d3:0a:b3:58:8e:3c:6b:fc:ba:
53:38:cd:33:a2:de:17:05:06:ae:da:0b:ae:3f:81:
bc:eb:ad:c8:a7:e8:07:7d:10:97:39:28:ed:85:b1:
7a:1d:91:4b:dc:29:7f:2c:c6:a4:93:01:8d:a7:02:
ee:e1:f4:6b:1a:48:c0:76:6e:3a:7d:f1:95:65:53:
99:f2:25:fd:2f:64:89:b7:06:e2:67:4f:8b:4d:24:
1f:1b:f8:04:b6:38:57:dd:d6:53:39:b6:cd:c3:ff:
c7:ee:78:97:38:d7:a7:75:ad:d1:f0:c3:bf:dc:6e:
c9:d1:69:ca:df:cd:a6:4e:89:e5:2e:d2:79:68:3a:
62:5e:c1:0e:64:d5:da:3b:13:9c:9c:32:2b:d4:a8:
17:f3:84:75:03:5a:75:5a:bd:d0:b3:f4:b8:af:57:
ac:b0:35:b0:df:de:f3:47:c4:01:f1:28:1e:ef:18:
ba:45:2a:d9:b7:45:72:a3:b3:6d:22:01:1e:06:13:
b6:b2:57:39:cd:e4:bd:81:97:4c:82:bb:64:82:9f:
36:fe:14:69:46:8c:68:7b:10:63:c2:2a:2e:5b:f1:
c1:25:90:b9:2d:e6:8d:43:c0:f2:b0:fa:c2:d6:f2:
9b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:55:0F:62:F1:85:29:20:C6:78:95:FA:CC:0C:E6:F0:AC:7F:4B:C0
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS393942.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.134.23.0/24
95.134.70.0/24
95.135.50.0/24
178.92.117.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ab:48:5f:44:a9:c9:ba:a5:99:e4:5e:9a:c9:1e:60:02:8f:
ae:d4:35:42:cc:d3:a7:47:95:66:cf:7d:8a:d9:2e:f4:9b:b3:
a7:38:aa:44:12:0f:56:24:43:6d:4e:e5:3f:41:e0:0f:1f:6d:
f3:51:23:45:c8:ac:9a:1f:61:66:c7:a0:53:80:b0:14:0f:bd:
20:98:e5:0e:13:d9:5a:77:7d:dc:ef:ac:bf:74:b6:cd:c3:b3:
3f:40:b2:26:60:0b:d7:4d:79:eb:1c:63:4e:22:ac:75:e3:c7:
44:53:07:08:7a:80:43:24:15:50:64:49:47:04:5b:9f:fa:4b:
ba:d6:91:fa:83:aa:7e:d4:e2:7a:30:2d:d1:e1:e7:ea:19:bd:
14:df:ce:90:de:c3:10:07:11:1a:ba:a2:7b:1f:46:c1:ff:46:
43:40:33:d4:29:28:81:9c:8b:26:06:81:02:c0:72:35:53:e7:
5a:35:90:fc:5f:e3:c0:ee:1b:64:a6:d7:0d:69:28:6a:6e:19:
a7:a5:18:c8:ee:42:5a:a0:e0:eb:3e:e7:40:24:90:b8:6e:ef:
d4:20:66:68:99:2d:7d:50:02:4c:cf:a0:41:a5:d1:b3:20:07:
70:4a:ca:4a:f3:db:dd:fa:fb:d5:dd:9c:59:1b:c8:97:47:2d:
4a:17:26:d2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUURUdhmJg9Yi9S3RuKPpv1gDNO2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAyMjQxMDE0NTFaFw0yNzAyMjMxMDE5NTFaMDMxMTAvBgNV
BAMTKDg3NTUwRjYyRjE4NTI5MjBDNjc4OTVGQUNDMENFNkYwQUM3RjRCQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCctzNOPSwCs9kIfyYd39jZ50W2
ndMKs1iOPGv8ulM4zTOi3hcFBq7aC64/gbzrrcin6Ad9EJc5KO2FsXodkUvcKX8s
xqSTAY2nAu7h9GsaSMB2bjp98ZVlU5nyJf0vZIm3BuJnT4tNJB8b+AS2OFfd1lM5
ts3D/8fueJc416d1rdHww7/cbsnRacrfzaZOieUu0nloOmJewQ5k1do7E5ycMivU
qBfzhHUDWnVavdCz9LivV6ywNbDf3vNHxAHxKB7vGLpFKtm3RXKjs20iAR4GE7ay
VznN5L2Bl0yCu2SCnzb+FGlGjGh7EGPCKi5b8cElkLkt5o1DwPKw+sLW8psvAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUh1UPYvGFKSDGeJX6zAzm8Kx/S8AwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzkzOTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX4YX
AwQAX4ZGAwQAX4cyAwQAslx1MA0GCSqGSIb3DQEBCwUAA4IBAQCZq0hfRKnJuqWZ
5F6ayR5gAo+u1DVCzNOnR5Vmz32K2S70m7OnOKpEEg9WJENtTuU/QeAPH23zUSNF
yKyaH2Fmx6BTgLAUD70gmOUOE9lad33c76y/dLbNw7M/QLImYAvXTXnrHGNOIqx1
48dEUwcIeoBDJBVQZElHBFuf+ku61pH6g6p+1OJ6MC3R4efqGb0U386Q3sMQBxEa
uqJ7H0bB/0ZDQDPUKSiBnIsmBoECwHI1U+daNZD8X+PA7htkptcNaShqbhmnpRjI
7kJaoODrPudAJJC4bu/UIGZomS19UAJMz6BBpdGzIAdwSspK89vd+vvV3ZxZG8iX
Ry1KFybS
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:38:05 2026 by rpki-client