Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402215.roa
File: AS402215.roa (raw, json)
Hash identifier: pwvgD9djbUlI2IdFhXmpcmiGEmp14eVTzDRYoc2KR7U=
Subject key identifier: ED:21:81:C0:9F:36:D1:7F:EB:1E:16:13:0E:AB:A3:CA:E0:01:9D:DB
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 606E2D495D7B0007449116E00DA5B5F090CDA39C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402215.roa
Signing time: Sat 09 May 2026 07:46:44 +0000
ROA not before: Sat 09 May 2026 07:41:44 +0000
ROA not after: Sat 08 May 2027 07:46:44 +0000
asID: 402215
IP address blocks: 168.222.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:6e:2d:49:5d:7b:00:07:44:91:16:e0:0d:a5:b5:f0:90:cd:a3:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 9 07:41:44 2026 GMT
Not After : May 8 07:46:44 2027 GMT
Subject: CN=ED2181C09F36D17FEB1E16130EABA3CAE0019DDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:89:23:7f:80:b1:e9:68:e4:d0:8a:20:0b:81:
28:f6:84:7c:73:a1:78:14:cb:07:91:a7:d5:21:32:
a1:95:92:8f:cf:c9:28:d3:ba:3c:50:27:81:20:a7:
4b:3f:2a:28:7a:4f:56:62:31:00:b7:3a:5e:6b:96:
37:4e:6f:f7:bf:e8:67:29:5e:5f:cf:bc:90:74:94:
b0:fd:87:76:f5:3a:d9:fa:42:c6:07:e6:99:00:8c:
3a:2b:d1:bd:0b:e4:71:71:4b:e3:fe:25:0f:d6:4e:
cf:86:8e:eb:93:62:ac:13:42:37:01:b1:22:d2:cc:
b4:30:fa:46:0c:48:86:13:89:09:73:49:9a:af:93:
a1:9c:4a:31:23:75:ec:fb:cf:db:8b:06:9b:14:93:
4b:b2:eb:04:e3:77:5c:ad:9d:bf:73:47:0e:b8:e9:
a7:3a:0b:a8:65:e7:98:28:15:d4:75:dc:ba:41:b5:
7f:8f:d8:ca:e7:28:8f:5e:3c:49:4b:66:97:20:f7:
71:97:12:f7:69:71:f4:33:3b:83:5a:8d:01:93:6f:
ae:ef:94:0e:d7:62:a9:e5:00:b2:2e:ec:67:09:eb:
94:94:b6:f1:ed:ea:a2:85:b7:78:63:23:80:9b:29:
aa:f8:26:59:46:e8:f2:f9:60:81:eb:6a:e4:de:11:
19:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:21:81:C0:9F:36:D1:7F:EB:1E:16:13:0E:AB:A3:CA:E0:01:9D:DB
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402215.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.222.24.0/24
Signature Algorithm: sha256WithRSAEncryption
61:c0:e3:e2:9f:73:28:7f:bb:97:cf:77:ee:52:bc:dd:e0:21:
46:5b:e9:db:e0:ae:0b:76:b9:95:5e:1d:d9:c4:2b:a9:16:67:
39:d9:ea:e7:47:4c:b0:56:aa:ba:5c:58:04:8a:94:9e:f0:94:
a2:2e:03:17:74:ff:7d:ee:31:bc:c9:e5:6b:33:48:fc:87:cb:
14:13:ac:2e:d9:9c:e6:ad:81:65:1c:a2:59:61:32:ed:83:fd:
3d:44:14:2f:ad:11:4a:29:b1:5d:6e:fa:3b:91:f4:2b:91:a1:
85:0e:c3:fc:b0:3f:7c:5e:54:d0:a8:d6:fd:c7:07:8a:99:8b:
22:96:e3:e1:e3:b4:8a:81:66:1f:9e:9d:0c:48:19:19:7f:f0:
f8:06:a4:f9:6d:15:94:26:03:5f:97:3f:6b:ba:84:00:c4:35:
21:97:71:35:36:9b:47:1d:04:a9:cf:cf:39:25:b2:67:6c:b0:
16:80:a2:89:99:b8:28:d0:de:0f:d5:78:e9:83:ec:af:a3:07:
31:13:91:ab:7e:b5:40:12:24:c8:a5:0d:57:83:8b:b9:57:a8:
b9:0c:50:29:ed:f7:8c:31:f1:83:5f:36:74:eb:64:eb:62:c3:
aa:52:00:5c:83:31:39:70:6f:96:66:ee:81:3e:ce:05:ec:58:
2c:b4:00:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUYG4tSV17AAdEkRbgDaW18JDNo5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDkwNzQxNDRaFw0yNzA1MDgwNzQ2NDRaMDMxMTAvBgNV
BAMTKEVEMjE4MUMwOUYzNkQxN0ZFQjFFMTYxMzBFQUJBM0NBRTAwMTlEREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyiSN/gLHpaOTQiiALgSj2hHxz
oXgUyweRp9UhMqGVko/PySjTujxQJ4Egp0s/Kih6T1ZiMQC3Ol5rljdOb/e/6Gcp
Xl/PvJB0lLD9h3b1Otn6QsYH5pkAjDor0b0L5HFxS+P+JQ/WTs+GjuuTYqwTQjcB
sSLSzLQw+kYMSIYTiQlzSZqvk6GcSjEjdez7z9uLBpsUk0uy6wTjd1ytnb9zRw64
6ac6C6hl55goFdR13LpBtX+P2MrnKI9ePElLZpcg93GXEvdpcfQzO4NajQGTb67v
lA7XYqnlALIu7GcJ65SUtvHt6qKFt3hjI4CbKar4JllG6PL5YIHrauTeERnrAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU7SGBwJ820X/rHhYTDqujyuABndswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDAyMjE1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqN4Y
MA0GCSqGSIb3DQEBCwUAA4IBAQBhwOPin3Mof7uXz3fuUrzd4CFGW+nb4K4LdrmV
Xh3ZxCupFmc52ernR0ywVqq6XFgEipSe8JSiLgMXdP997jG8yeVrM0j8h8sUE6wu
2ZzmrYFlHKJZYTLtg/09RBQvrRFKKbFdbvo7kfQrkaGFDsP8sD98XlTQqNb9xweK
mYsiluPh47SKgWYfnp0MSBkZf/D4BqT5bRWUJgNflz9ruoQAxDUhl3E1NptHHQSp
z885JbJnbLAWgKKJmbgo0N4P1Xjpg+yvowcxE5GrfrVAEiTIpQ1Xg4u5V6i5DFAp
7feMMfGDXzZ062TrYsOqUgBcgzE5cG+WZu6BPs4F7FgstACr
-----END CERTIFICATE-----
Generated at Wed May 13 00:34:56 2026 by rpki-client