Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
File: AS400040.roa (raw, json)
Hash identifier: DFFowxj6YUqYS9o6s9O9Tj7I2TN8dwBwfiRSlUTnoAM=
Subject key identifier: 9F:41:55:B6:36:BC:57:1D:9A:59:39:BB:BC:A9:AE:7B:E1:CD:7B:5A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7331EAE9C7B73E80D797E2F1B85A494E893363F8
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
Signing time: Wed 04 Mar 2026 01:46:45 +0000
ROA not before: Wed 04 Mar 2026 01:41:45 +0000
ROA not after: Wed 03 Mar 2027 01:46:45 +0000
asID: 400040
IP address blocks: 181.214.84.0/24 maxlen: 24
181.215.198.0/24 maxlen: 24
191.96.61.0/24 maxlen: 24
191.96.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:18:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:31:ea:e9:c7:b7:3e:80:d7:97:e2:f1:b8:5a:49:4e:89:33:63:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 4 01:41:45 2026 GMT
Not After : Mar 3 01:46:45 2027 GMT
Subject: CN=9F4155B636BC571D9A5939BBBCA9AE7BE1CD7B5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:31:22:b6:0c:55:ee:20:0d:ce:58:8f:25:ec:
c1:07:ad:84:ba:0c:6a:a4:2c:53:41:d6:5e:b8:7a:
d6:f7:ec:03:f2:b2:e7:b6:02:83:9e:95:9a:f6:00:
5d:af:92:85:91:d5:5c:43:52:e8:36:74:54:7d:91:
76:d1:f8:15:15:20:03:1c:a1:73:c1:39:7d:aa:3e:
c3:8f:65:29:c8:5c:60:c4:82:e1:8a:cf:f6:5c:6e:
ce:28:55:f5:10:93:0d:7d:a4:ab:c6:fb:e7:84:9b:
b4:ed:3d:bc:06:6e:f1:ca:9f:e1:5b:73:f4:dd:e4:
4a:7b:c0:07:67:eb:dd:e6:e6:d5:52:7d:61:b5:09:
6a:5b:23:b6:42:02:e8:08:36:20:95:8b:f7:37:6d:
35:e3:56:1e:69:8a:bb:56:f7:05:a5:5b:74:a8:90:
98:f7:3e:13:91:d0:a7:03:42:07:3d:30:2d:cb:5d:
82:d9:f4:fc:42:47:0d:07:de:cd:10:cc:ee:fe:bb:
bc:0b:3c:c0:a5:ed:30:10:c7:2f:74:71:de:bf:a8:
a1:2c:d6:e4:87:3b:99:43:77:eb:c7:cb:db:49:0e:
41:a4:0b:16:2c:80:04:13:32:a2:ec:0f:e4:f1:58:
45:5d:b1:b3:84:14:ce:e9:48:64:96:a8:ac:9d:33:
7d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:41:55:B6:36:BC:57:1D:9A:59:39:BB:BC:A9:AE:7B:E1:CD:7B:5A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.84.0/24
181.215.198.0/24
191.96.61.0/24
191.96.223.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:08:be:95:47:e0:e1:32:61:0c:2e:1e:6d:d5:e9:a3:2e:96:
1e:56:d7:6b:84:c1:e2:5c:22:03:d6:22:a7:71:0e:92:be:f5:
bb:b9:51:39:0f:ff:f5:a5:6e:30:ca:67:34:2c:85:fd:2d:39:
5c:92:17:0d:eb:40:cc:f7:21:7c:05:91:6a:65:7a:b3:88:b7:
70:55:26:be:d3:65:e8:8b:e5:9e:97:e7:6e:87:73:b9:bf:f5:
75:06:2f:03:6e:6d:e2:04:3d:fb:4c:2a:ac:24:98:b7:1e:76:
62:f6:e5:02:e3:c5:bb:7d:44:45:05:e2:6c:37:cb:59:35:f0:
a9:05:a3:48:37:c9:8e:d3:e8:7c:84:ee:ca:cf:14:2c:da:32:
1e:49:7c:af:fe:6c:57:a5:f4:ca:0b:22:6d:b6:d1:06:40:80:
fa:3c:08:cb:75:ef:79:df:b4:3a:4e:71:0d:e0:a3:4e:21:34:
f6:da:56:38:a8:d9:59:ad:5b:20:3c:4f:d7:02:3a:f0:c3:30:
03:e0:87:e1:ab:3a:c1:3f:74:4c:dd:6e:1b:84:27:c8:46:58:
63:3c:fd:46:ee:b7:67:df:91:ad:02:6d:76:ca:98:7f:97:29:
ba:43:c3:c2:07:83:28:dd:18:20:30:3d:d0:35:6e:ab:03:45:
88:ed:c1:00
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUczHq6ce3PoDXl+LxuFpJTokzY/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMDQwMTQxNDVaFw0yNzAzMDMwMTQ2NDVaMDMxMTAvBgNV
BAMTKDlGNDE1NUI2MzZCQzU3MUQ5QTU5MzlCQkJDQTlBRTdCRTFDRDdCNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLMSK2DFXuIA3OWI8l7MEHrYS6
DGqkLFNB1l64etb37APysue2AoOelZr2AF2vkoWR1VxDUug2dFR9kXbR+BUVIAMc
oXPBOX2qPsOPZSnIXGDEguGKz/Zcbs4oVfUQkw19pKvG++eEm7TtPbwGbvHKn+Fb
c/Td5Ep7wAdn693m5tVSfWG1CWpbI7ZCAugINiCVi/c3bTXjVh5pirtW9wWlW3So
kJj3PhOR0KcDQgc9MC3LXYLZ9PxCRw0H3s0QzO7+u7wLPMCl7TAQxy90cd6/qKEs
1uSHO5lDd+vHy9tJDkGkCxYsgAQTMqLsD+TxWEVdsbOEFM7pSGSWqKydM33tAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUn0FVtja8Vx2aWTm7vKmue+HNe1owHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAwMDQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAtdZU
AwQAtdfGAwQAv2A9AwQAv2DfMA0GCSqGSIb3DQEBCwUAA4IBAQBNCL6VR+DhMmEM
Lh5t1emjLpYeVtdrhMHiXCID1iKncQ6SvvW7uVE5D//1pW4wymc0LIX9LTlckhcN
60DM9yF8BZFqZXqziLdwVSa+02Xoi+Wel+duh3O5v/V1Bi8Dbm3iBD37TCqsJJi3
HnZi9uUC48W7fURFBeJsN8tZNfCpBaNIN8mO0+h8hO7KzxQs2jIeSXyv/mxXpfTK
CyJtttEGQID6PAjLde9537Q6TnEN4KNOITT22lY4qNlZrVsgPE/XAjrwwzAD4Ifh
qzrBP3RM3W4bhCfIRlhjPP1G7rdn35GtAm12yph/lym6Q8PCB4Mo3RggMD3QNW6r
A0WI7cEA
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:09:09 2026 by rpki-client