Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS398704.roa
File: AS398704.roa (raw, json)
Hash identifier: 6vXL41QflWHmoLRYeK0ZjXxBYsKMg7tbb1t0LHu3X/0=
Subject key identifier: 61:97:99:6C:56:55:4F:32:2C:DB:CB:1A:8C:FA:05:31:D2:9B:05:75
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 16C087C54484261A8630882AD60A4790572588C5
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS398704.roa
Signing time: Tue 29 Jul 2025 00:01:10 +0000
ROA not before: Mon 28 Jul 2025 23:56:10 +0000
ROA not after: Tue 28 Jul 2026 00:01:10 +0000
asID: 398704
IP address blocks: 178.92.8.0/22 maxlen: 24
178.92.16.0/22 maxlen: 24
178.92.24.0/22 maxlen: 24
178.92.36.0/22 maxlen: 24
178.92.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:c0:87:c5:44:84:26:1a:86:30:88:2a:d6:0a:47:90:57:25:88:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 28 23:56:10 2025 GMT
Not After : Jul 28 00:01:10 2026 GMT
Subject: CN=6197996C56554F322CDBCB1A8CFA0531D29B0575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6a:8f:af:84:ad:8e:dc:3a:57:51:71:0e:f3:
73:15:a6:bc:99:54:26:9b:d0:cf:70:20:1b:de:5b:
57:82:7a:0d:16:b7:a3:23:92:34:d9:80:64:dd:c6:
c8:56:88:da:24:9f:2a:ee:90:d1:f5:23:2f:7a:f3:
d9:a8:c7:e7:21:5b:07:ad:7c:1a:78:6f:46:df:09:
05:6a:79:10:ef:1f:d3:2a:b1:fc:2e:a9:67:2f:50:
9b:60:6c:c9:39:5b:8b:68:7c:80:06:db:46:0b:46:
75:61:13:cb:8c:06:10:e7:b6:7e:fe:0d:ba:f0:7a:
47:3b:a8:30:c6:d2:a8:05:66:7f:1b:d4:ee:0e:83:
a6:2e:8e:be:7a:3a:45:b7:b4:c6:34:75:e0:0b:b1:
37:70:4e:aa:a1:32:f2:56:e7:c5:3a:aa:b6:70:e7:
93:39:22:b4:54:04:db:7e:37:47:dc:d5:8d:b1:55:
5b:e4:b6:49:08:9e:b2:f3:bf:f1:fe:9a:89:c8:f4:
00:58:77:cf:75:d9:a3:50:4b:28:85:1f:0c:c8:20:
eb:99:a8:5c:13:40:4b:2e:72:66:da:0c:01:b3:37:
c1:8b:29:80:8d:ce:35:48:74:e8:3c:c8:c0:b2:5d:
cd:6a:90:d6:d4:14:18:0e:59:b7:37:29:7d:4c:97:
ee:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:97:99:6C:56:55:4F:32:2C:DB:CB:1A:8C:FA:05:31:D2:9B:05:75
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS398704.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.92.8.0/22
178.92.16.0/22
178.92.24.0/22
178.92.36.0/22
178.92.64.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:65:07:43:e9:2f:ac:66:f3:7d:ea:39:9e:78:b2:7e:bc:e8:
e9:55:37:6a:67:8b:b4:dc:d7:b6:41:97:4a:93:8f:dc:c5:d0:
7d:c0:be:73:77:13:39:d8:9d:b8:4f:08:0d:83:2b:cb:6e:3d:
24:d7:93:e6:d0:a7:f7:a7:a1:45:4f:f2:3d:5f:6c:2c:a6:56:
f2:c7:d5:51:10:8c:63:6a:64:01:d7:0e:5b:8e:70:4e:3a:8e:
f6:d7:64:b3:48:fd:41:a3:b2:46:5c:58:1e:81:e7:84:44:f4:
3d:3d:3b:e9:9f:3b:b2:6c:22:3c:46:4b:26:af:87:34:b0:c9:
69:19:15:15:5c:ce:78:1b:32:b5:06:fd:be:22:74:33:7d:29:
97:ff:5e:e9:99:9a:28:c4:88:de:28:bb:3d:22:52:7e:cf:38:
9c:15:11:67:60:d7:20:bf:ee:ff:39:87:ab:fb:c8:5e:4b:07:
fd:02:b0:86:9a:33:21:b9:28:47:23:0a:fc:8f:b2:ae:d7:a7:
7a:16:d3:76:7b:b8:42:21:8b:70:f1:b9:89:89:73:2d:c0:7f:
22:40:a7:05:45:0d:23:20:f7:6c:d3:2d:76:7c:d0:ea:bf:e3:
e0:0c:8c:70:71:5a:46:57:fc:fe:00:b0:2a:52:b4:63:05:7b:
cf:5e:95:6f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUFsCHxUSEJhqGMIgq1gpHkFcliMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MjgyMzU2MTBaFw0yNjA3MjgwMDAxMTBaMDMxMTAvBgNV
BAMTKDYxOTc5OTZDNTY1NTRGMzIyQ0RCQ0IxQThDRkEwNTMxRDI5QjA1NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQao+vhK2O3DpXUXEO83MVpryZ
VCab0M9wIBveW1eCeg0Wt6MjkjTZgGTdxshWiNoknyrukNH1Iy9689mox+chWwet
fBp4b0bfCQVqeRDvH9MqsfwuqWcvUJtgbMk5W4tofIAG20YLRnVhE8uMBhDntn7+
Dbrwekc7qDDG0qgFZn8b1O4Og6Yujr56OkW3tMY0deALsTdwTqqhMvJW58U6qrZw
55M5IrRUBNt+N0fc1Y2xVVvktkkInrLzv/H+monI9ABYd8912aNQSyiFHwzIIOuZ
qFwTQEsucmbaDAGzN8GLKYCNzjVIdOg8yMCyXc1qkNbUFBgOWbc3KX1Ml+5RAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUYZeZbFZVTzIs28sajPoFMdKbBXUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk4NzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCslwI
AwQCslwQAwQCslwYAwQCslwkAwQCslxAMA0GCSqGSIb3DQEBCwUAA4IBAQBvZQdD
6S+sZvN96jmeeLJ+vOjpVTdqZ4u03Ne2QZdKk4/cxdB9wL5zdxM52J24TwgNgyvL
bj0k15Pm0Kf3p6FFT/I9X2wsplbyx9VREIxjamQB1w5bjnBOOo7212SzSP1Bo7JG
XFgegeeERPQ9PTvpnzuybCI8Rksmr4c0sMlpGRUVXM54GzK1Bv2+InQzfSmX/17p
mZooxIjeKLs9IlJ+zzicFRFnYNcgv+7/OYer+8heSwf9ArCGmjMhuShHIwr8j7Ku
16d6FtN2e7hCIYtw8bmJiXMtwH8iQKcFRQ0jIPds0y12fNDqv+PgDIxwcVpGV/z+
ALAqUrRjBXvPXpVv
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:26 2025 by rpki-client