Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402276.roa
File: AS402276.roa (raw, json)
Hash identifier: Ufb2fD+93lmNxnwdx8WhW3hs01vQeSEKIqxJJ19UiMU=
Subject key identifier: E9:E9:6C:9B:10:6E:A9:F8:97:41:89:75:4A:B3:84:6F:C8:EF:66:A8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7296976A7F4BE75E88CDB1CDAF98F539A5524729
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402276.roa
Signing time: Thu 07 May 2026 16:54:19 +0000
ROA not before: Thu 07 May 2026 16:49:19 +0000
ROA not after: Thu 06 May 2027 16:54:19 +0000
asID: 402276
IP address blocks: 155.117.105.0/24 maxlen: 24
167.148.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:96:97:6a:7f:4b:e7:5e:88:cd:b1:cd:af:98:f5:39:a5:52:47:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 7 16:49:19 2026 GMT
Not After : May 6 16:54:19 2027 GMT
Subject: CN=E9E96C9B106EA9F8974189754AB3846FC8EF66A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6f:59:89:6f:eb:ad:4c:8b:84:1d:24:f4:98:
37:3a:bc:13:2a:78:81:82:ee:b8:97:bc:29:5b:03:
8c:07:d7:b6:fd:1b:11:f7:5c:a7:f1:4f:3c:86:9b:
25:e3:50:b5:fe:07:4d:13:85:cb:0d:ac:49:3e:80:
f2:36:42:e0:e3:1c:d0:d9:33:65:76:a3:b2:32:5f:
1c:4f:9f:72:63:69:dc:bf:e5:d3:95:8c:ab:b1:76:
69:37:69:42:db:d0:d9:08:35:2f:5b:83:0c:a9:21:
f4:91:1f:b6:39:a2:ed:3c:b9:5f:f0:7b:1c:d0:b4:
58:f3:cf:c2:e0:bf:5f:ee:17:bb:f3:97:76:ef:8c:
f0:2e:4e:93:f6:2c:4c:8a:c9:0c:49:e6:ed:51:84:
d5:f0:1f:a4:c7:7f:c7:b9:2b:12:fa:e4:33:e7:41:
10:e2:d8:11:ed:86:36:f3:c7:cf:dc:32:8f:6c:5f:
2f:0f:ec:8a:47:42:b3:ff:19:6c:61:2e:47:37:cf:
9d:a9:ca:60:63:39:d4:4f:86:39:b6:ef:5c:4c:97:
c7:e1:9d:bb:ec:26:2e:ae:26:7a:80:59:b2:47:ef:
21:41:9b:6f:9f:0c:de:33:40:9c:f4:dc:1e:f1:bc:
b6:dd:b6:3f:48:ca:77:4c:53:2d:0b:65:d4:9b:e6:
70:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E9:6C:9B:10:6E:A9:F8:97:41:89:75:4A:B3:84:6F:C8:EF:66:A8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.105.0/24
167.148.149.0/24
Signature Algorithm: sha256WithRSAEncryption
85:6e:58:d0:0f:a3:c5:01:cc:80:bd:59:e8:eb:47:94:d5:c0:
35:61:db:1c:c7:32:d7:59:fc:93:57:53:3b:1a:3b:79:4c:b1:
03:32:b3:59:64:15:f7:48:a4:cc:7f:2e:1e:2d:80:d5:79:3c:
a5:0f:8c:38:b0:d8:7b:a9:f3:32:6e:d3:36:95:a9:2c:a2:17:
65:b5:9c:21:ab:ff:8b:3f:f0:b5:bc:e0:59:94:0e:23:53:35:
1a:13:69:6f:5b:a3:3b:f4:46:ec:c7:28:f1:d8:60:68:2d:bd:
5e:8c:0a:4a:65:43:1e:6f:38:79:24:f9:da:4a:04:ad:1a:b7:
bf:ae:4f:d9:0f:8c:9b:d1:86:4a:63:41:bc:e3:4e:a2:cf:98:
a8:93:1c:97:ef:05:af:a4:30:09:ad:c9:71:f4:16:25:6b:f9:
05:9e:ee:4a:cb:88:90:74:3e:41:a3:0d:02:dc:bf:06:bd:e1:
c7:e9:53:ec:10:e6:ca:c9:ac:b4:51:e6:6d:30:a5:34:2c:f2:
38:80:5f:d2:4c:aa:c2:7e:ab:f6:d3:1b:b7:c0:66:5c:e3:a5:
b8:95:79:0a:ce:82:73:bd:17:69:64:14:39:49:a4:2f:cd:0f:
bd:da:70:f6:3b:f2:6b:78:a1:bc:dc:22:54:1a:d2:3f:6a:25:
67:51:93:6c
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUcpaXan9L516IzbHNr5j1OaVSRykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDcxNjQ5MTlaFw0yNzA1MDYxNjU0MTlaMDMxMTAvBgNV
BAMTKEU5RTk2QzlCMTA2RUE5Rjg5NzQxODk3NTRBQjM4NDZGQzhFRjY2QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkb1mJb+utTIuEHST0mDc6vBMq
eIGC7riXvClbA4wH17b9GxH3XKfxTzyGmyXjULX+B00ThcsNrEk+gPI2QuDjHNDZ
M2V2o7IyXxxPn3Jjady/5dOVjKuxdmk3aULb0NkINS9bgwypIfSRH7Y5ou08uV/w
exzQtFjzz8Lgv1/uF7vzl3bvjPAuTpP2LEyKyQxJ5u1RhNXwH6THf8e5KxL65DPn
QRDi2BHthjbzx8/cMo9sXy8P7IpHQrP/GWxhLkc3z52pymBjOdRPhjm271xMl8fh
nbvsJi6uJnqAWbJH7yFBm2+fDN4zQJz03B7xvLbdtj9IyndMUy0LZdSb5nAtAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU6elsmxBuqfiXQYl1SrOEb8jvZqgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDAyMjc2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAm3Vp
AwQAp5SVMA0GCSqGSIb3DQEBCwUAA4IBAQCFbljQD6PFAcyAvVno60eU1cA1Ydsc
xzLXWfyTV1M7Gjt5TLEDMrNZZBX3SKTMfy4eLYDVeTylD4w4sNh7qfMybtM2laks
ohdltZwhq/+LP/C1vOBZlA4jUzUaE2lvW6M79Ebsxyjx2GBoLb1ejApKZUMebzh5
JPnaSgStGre/rk/ZD4yb0YZKY0G8406iz5iokxyX7wWvpDAJrclx9BYla/kFnu5K
y4iQdD5Bow0C3L8GveHH6VPsEObKyay0UeZtMKU0LPI4gF/STKrCfqv20xu3wGZc
46W4lXkKzoJzvRdpZBQ5SaQvzQ+92nD2O/JreKG83CJUGtI/aiVnUZNs
-----END CERTIFICATE-----
Generated at Wed May 13 02:28:32 2026 by rpki-client