Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS398704.roa
File: AS398704.roa (raw, json)
Hash identifier: 4w3rHYKsPzC4F/4PmuPYJN9ImP96iOEue/jDbK+M5zk=
Subject key identifier: BE:B0:30:28:1E:4C:72:72:17:AD:F0:EC:DF:E4:8F:AD:3A:1D:BA:66
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1325FC072A07C2097E25B1856AB7B9553A9E7604
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS398704.roa
Signing time: Thu 29 May 2025 11:24:45 +0000
ROA not before: Thu 29 May 2025 11:19:45 +0000
ROA not after: Thu 28 May 2026 11:24:45 +0000
asID: 398704
IP address blocks: 178.92.0.0/22 maxlen: 24
178.92.8.0/22 maxlen: 24
178.92.16.0/22 maxlen: 24
178.92.24.0/22 maxlen: 24
178.92.36.0/22 maxlen: 24
178.92.64.0/22 maxlen: 24
178.92.72.0/22 maxlen: 24
178.92.80.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:25:fc:07:2a:07:c2:09:7e:25:b1:85:6a:b7:b9:55:3a:9e:76:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 29 11:19:45 2025 GMT
Not After : May 28 11:24:45 2026 GMT
Subject: CN=BEB030281E4C727217ADF0ECDFE48FAD3A1DBA66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3b:5e:51:32:a0:c5:6b:00:8b:3b:11:5d:08:
62:32:52:e5:2c:bd:09:df:5b:33:cd:dd:c3:af:1d:
5a:6b:e9:ec:84:f4:1d:45:74:f1:7d:f6:ef:d2:48:
ef:42:5d:e0:14:d3:e6:d0:9a:c7:45:41:a6:4f:e7:
d5:f5:e4:2b:1f:1a:c4:ae:67:d7:29:7d:e7:45:02:
6d:20:bd:75:d2:f6:bb:6c:31:90:aa:96:cc:8c:a0:
a1:a5:d0:3b:53:25:48:8c:51:15:9b:6c:f3:30:3a:
fe:c0:49:f0:78:4f:13:4c:61:0e:c7:7d:c1:4a:e6:
13:a3:37:3a:c4:6e:4f:81:86:de:bc:ad:30:65:37:
55:a6:37:ec:dd:31:df:3e:9e:36:07:0a:2a:e3:ca:
46:95:77:f5:86:d5:10:54:35:29:0e:1a:f1:09:ab:
aa:4e:59:2a:16:23:de:dc:2a:f2:db:83:5d:e2:69:
e7:74:05:7f:ba:3e:16:d9:fd:5e:a2:53:eb:ba:e8:
09:92:11:3a:57:e8:c8:08:7c:d5:2f:fd:e5:e4:49:
d9:69:94:26:a6:ee:c1:4c:eb:16:45:52:59:ba:84:
47:b9:2f:52:69:16:ec:14:75:62:cc:0b:c9:ec:f3:
ad:37:5a:b8:66:ca:cb:c5:45:6f:86:98:16:2b:04:
24:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B0:30:28:1E:4C:72:72:17:AD:F0:EC:DF:E4:8F:AD:3A:1D:BA:66
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS398704.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.92.0.0/22
178.92.8.0/22
178.92.16.0/22
178.92.24.0/22
178.92.36.0/22
178.92.64.0/22
178.92.72.0/22
178.92.80.0/22
Signature Algorithm: sha256WithRSAEncryption
48:a6:b6:b6:74:a5:8b:df:62:86:66:54:6c:f3:ab:ee:06:64:
8f:92:22:c1:7e:99:4b:60:3e:d8:30:d9:9c:f1:c6:ba:fc:dc:
79:91:e7:88:29:40:4c:3f:82:99:9d:d7:57:43:14:ea:4d:4a:
36:6a:cc:c6:e2:1e:2f:23:f8:92:ce:dc:2d:d9:a1:74:a3:8a:
81:77:81:a3:dd:fe:2e:d8:94:fa:e5:36:d7:e0:83:0c:9d:1f:
f5:9b:88:b7:05:d3:82:bc:0e:f2:93:59:a4:e2:40:e5:64:0f:
46:27:90:a9:f4:59:cf:c8:a9:1e:37:53:9c:e5:85:50:cf:a5:
5f:56:8a:c2:a8:5d:1d:03:54:89:37:8d:f7:8d:f3:ba:81:90:
30:c6:dc:ec:21:71:39:5e:87:5b:29:b7:39:e0:b7:12:4e:38:
c5:7d:03:3d:20:f2:b6:8d:9a:79:7f:13:25:fd:d2:04:0f:91:
83:63:5e:1f:27:ec:c9:8e:c2:be:f1:2f:0f:86:a8:77:d0:3b:
29:76:e5:53:a2:45:7e:46:5f:d3:9d:e8:f6:4f:5e:45:8b:8a:
2c:dd:94:13:50:82:0b:af:c5:66:bc:66:5d:25:30:8d:66:f0:
d9:46:02:2d:1a:18:23:d8:38:f9:1e:5b:0d:34:34:8b:c5:a5:
13:d7:00:50
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUEyX8ByoHwgl+JbGFare5VTqedgQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjkxMTE5NDVaFw0yNjA1MjgxMTI0NDVaMDMxMTAvBgNV
BAMTKEJFQjAzMDI4MUU0QzcyNzIxN0FERjBFQ0RGRTQ4RkFEM0ExREJBNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/O15RMqDFawCLOxFdCGIyUuUs
vQnfWzPN3cOvHVpr6eyE9B1FdPF99u/SSO9CXeAU0+bQmsdFQaZP59X15CsfGsSu
Z9cpfedFAm0gvXXS9rtsMZCqlsyMoKGl0DtTJUiMURWbbPMwOv7ASfB4TxNMYQ7H
fcFK5hOjNzrEbk+Bht68rTBlN1WmN+zdMd8+njYHCirjykaVd/WG1RBUNSkOGvEJ
q6pOWSoWI97cKvLbg13iaed0BX+6PhbZ/V6iU+u66AmSETpX6MgIfNUv/eXkSdlp
lCam7sFM6xZFUlm6hEe5L1JpFuwUdWLMC8ns8603WrhmysvFRW+GmBYrBCRLAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUvrAwKB5McnIXrfDs3+SPrTodumYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk4NzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCslwA
AwQCslwIAwQCslwQAwQCslwYAwQCslwkAwQCslxAAwQCslxIAwQCslxQMA0GCSqG
SIb3DQEBCwUAA4IBAQBIpra2dKWL32KGZlRs86vuBmSPkiLBfplLYD7YMNmc8ca6
/Nx5keeIKUBMP4KZnddXQxTqTUo2aszG4h4vI/iSztwt2aF0o4qBd4Gj3f4u2JT6
5TbX4IMMnR/1m4i3BdOCvA7yk1mk4kDlZA9GJ5Cp9FnPyKkeN1Oc5YVQz6VfVorC
qF0dA1SJN433jfO6gZAwxtzsIXE5XodbKbc54LcSTjjFfQM9IPK2jZp5fxMl/dIE
D5GDY14fJ+zJjsK+8S8Phqh30DspduVTokV+Rl/Tnej2T15Fi4os3ZQTUIILr8Vm
vGZdJTCNZvDZRgItGhgj2Dj5HlsNNDSLxaUT1wBQ
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:00:28 2025 by rpki-client