Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS402276.roa
File: AS402276.roa (raw, json)
Hash identifier: fbgGGhkQSKRDK4DWMQf0RSCc0lCDNCYTf4qTSlXcFWk=
Subject key identifier: 7B:B9:66:EA:ED:7D:3B:C9:2A:55:B4:85:7A:53:AF:C7:C9:86:5D:02
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 5660077C8DD7CC0BFB43BCC722211592941CFE43
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS402276.roa
Signing time: Thu 30 Apr 2026 10:52:09 +0000
ROA not before: Thu 30 Apr 2026 10:47:09 +0000
ROA not after: Thu 29 Apr 2027 10:52:09 +0000
asID: 402276
IP address blocks: 143.20.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:60:07:7c:8d:d7:cc:0b:fb:43:bc:c7:22:21:15:92:94:1c:fe:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Apr 30 10:47:09 2026 GMT
Not After : Apr 29 10:52:09 2027 GMT
Subject: CN=7BB966EAED7D3BC92A55B4857A53AFC7C9865D02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a6:51:e3:1e:39:33:49:57:1a:48:08:05:a6:
85:cf:84:29:db:4e:df:69:e3:91:05:57:2b:26:73:
19:e0:9e:1f:22:b8:6e:68:e6:7b:69:2b:42:01:3d:
1d:42:25:c3:39:5d:ea:5a:b0:34:09:a6:0a:4c:f3:
64:59:83:1d:4a:12:62:39:c2:e5:aa:30:8d:af:0f:
ae:91:af:92:8a:57:87:23:6b:60:25:7f:cd:1e:1b:
8b:df:74:b7:9a:15:b3:91:a9:f1:b9:40:bd:68:ee:
4a:8b:f1:60:01:1c:cc:30:00:9f:3f:25:e4:56:a5:
95:59:5a:fa:1e:a9:c6:75:d2:b7:8a:31:42:ac:9b:
ae:99:b4:5f:1c:22:be:16:64:33:ee:7f:85:f6:65:
72:4c:21:da:7f:ac:02:e1:ac:f3:72:4e:73:bd:91:
fe:f8:e0:50:0f:bd:f2:fe:96:46:f3:e0:92:a8:76:
df:16:0d:d9:f2:60:37:31:d5:85:2c:bb:da:29:c1:
d5:0f:f9:13:59:8d:99:58:aa:66:02:bf:8d:4b:eb:
86:39:1d:97:31:98:a4:8a:0f:ae:b5:e0:76:a9:13:
0b:69:51:ca:9f:b7:da:f5:21:61:a8:7d:a2:09:fa:
cf:37:c2:4a:5b:ce:a7:63:9e:2e:9a:b5:71:b6:a8:
16:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B9:66:EA:ED:7D:3B:C9:2A:55:B4:85:7A:53:AF:C7:C9:86:5D:02
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS402276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.217.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:0f:c7:e2:31:61:fa:ac:ea:f9:ce:fc:b8:21:d6:2d:ff:7f:
b6:0e:ad:e5:68:51:e6:4b:74:82:67:8a:a8:1d:ee:82:77:d0:
07:05:e3:89:e7:17:86:5a:d6:c2:84:dd:1b:42:aa:33:47:3e:
97:7b:e8:ae:42:1a:28:35:8f:bf:9c:59:a1:3c:02:e6:ed:2c:
1a:d0:91:29:87:4d:5c:c3:d9:b4:1c:40:64:12:27:f8:02:26:
df:0b:d4:ba:76:52:b6:fc:c9:7f:68:71:af:2c:95:8a:5f:24:
28:9d:29:30:76:5f:05:3e:0c:eb:1d:f8:8e:9d:37:a7:71:cf:
3b:3d:48:86:66:f7:f2:7c:09:e1:f4:4c:1c:4b:9d:17:fa:07:
36:d3:d7:4e:68:59:b7:96:ae:5a:0f:cf:0c:da:33:ec:cb:f2:
4e:b3:dd:90:0d:0e:6b:a8:6a:c4:aa:a4:1f:c4:7f:bf:23:a8:
66:1f:57:85:3c:10:a1:87:a7:ee:b1:ca:11:9c:07:cc:35:35:
b0:0d:5c:bf:45:8e:fa:99:17:d4:b7:f2:74:93:57:1b:ff:77:
86:91:98:49:e1:5e:e9:bc:02:0a:3e:53:d5:bb:43:0e:09:f8:
55:99:76:23:1f:7a:7f:8f:bc:7a:9a:b3:e0:05:85:33:ad:60:
39:05:69:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVmAHfI3XzAv7Q7zHIiEVkpQc/kMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA0MzAxMDQ3MDlaFw0yNzA0MjkxMDUyMDlaMDMxMTAvBgNV
BAMTKDdCQjk2NkVBRUQ3RDNCQzkyQTU1QjQ4NTdBNTNBRkM3Qzk4NjVEMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeplHjHjkzSVcaSAgFpoXPhCnb
Tt9p45EFVysmcxngnh8iuG5o5ntpK0IBPR1CJcM5XepasDQJpgpM82RZgx1KEmI5
wuWqMI2vD66Rr5KKV4cja2Alf80eG4vfdLeaFbORqfG5QL1o7kqL8WABHMwwAJ8/
JeRWpZVZWvoeqcZ10reKMUKsm66ZtF8cIr4WZDPuf4X2ZXJMIdp/rALhrPNyTnO9
kf744FAPvfL+lkbz4JKodt8WDdnyYDcx1YUsu9opwdUP+RNZjZlYqmYCv41L64Y5
HZcxmKSKD6614HapEwtpUcqft9r1IWGofaIJ+s83wkpbzqdjni6atXG2qBbVAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUe7lm6u19O8kqVbSFelOvx8mGXQIwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNDAyMjc2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxTZ
MA0GCSqGSIb3DQEBCwUAA4IBAQDDD8fiMWH6rOr5zvy4IdYt/3+2Dq3laFHmS3SC
Z4qoHe6Cd9AHBeOJ5xeGWtbChN0bQqozRz6Xe+iuQhooNY+/nFmhPALm7Swa0JEp
h01cw9m0HEBkEif4AibfC9S6dlK2/Ml/aHGvLJWKXyQonSkwdl8FPgzrHfiOnTen
cc87PUiGZvfyfAnh9EwcS50X+gc209dOaFm3lq5aD88M2jPsy/JOs92QDQ5rqGrE
qqQfxH+/I6hmH1eFPBChh6fuscoRnAfMNTWwDVy/RY76mRfUt/J0k1cb/3eGkZhJ
4V7pvAIKPlPVu0MOCfhVmXYjH3p/j7x6mrPgBYUzrWA5BWlN
-----END CERTIFICATE-----
Generated at Wed May 13 01:38:46 2026 by rpki-client