Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS402203.roa
File: AS402203.roa (raw, json)
Hash identifier: GAtSfqz+3vEznKaOCt4M7QSFpGAxdywcLj1ZHq4CocQ=
Subject key identifier: 3B:EF:F0:F0:A1:E0:E1:7B:9D:A7:36:D0:75:2A:50:4C:12:71:E1:F4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 759D8503CB8E81EF29F49A08C9385C0491C1E30F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS402203.roa
Signing time: Wed 25 Mar 2026 11:40:00 +0000
ROA not before: Wed 25 Mar 2026 11:35:00 +0000
ROA not after: Wed 24 Mar 2027 11:40:00 +0000
asID: 402203
IP address blocks: 46.203.36.0/24 maxlen: 24
91.124.7.0/24 maxlen: 24
95.135.224.0/24 maxlen: 24
178.93.124.0/24 maxlen: 24
178.95.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:9d:85:03:cb:8e:81:ef:29:f4:9a:08:c9:38:5c:04:91:c1:e3:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 25 11:35:00 2026 GMT
Not After : Mar 24 11:40:00 2027 GMT
Subject: CN=3BEFF0F0A1E0E17B9DA736D0752A504C1271E1F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6e:83:d3:76:fa:b8:e5:19:58:64:7a:40:1b:
35:9c:80:34:26:30:f1:7c:a8:74:3f:ac:26:6e:11:
9a:e8:7d:dd:60:92:6f:0f:47:25:26:e7:10:fa:27:
3a:66:27:16:a7:14:91:30:90:66:2b:ef:b2:74:5f:
d5:dd:80:a6:e1:d4:4e:56:07:8a:54:55:c6:a4:96:
5d:46:f8:73:e6:1d:0c:66:68:1c:4c:e0:3d:54:78:
da:72:fd:f2:ca:e7:c5:66:3e:16:74:0d:5d:c4:b5:
37:d8:75:5e:02:ca:24:cf:e3:94:56:4f:25:91:cc:
3b:04:3d:f3:1d:17:ae:90:c7:ab:a1:f5:d5:fc:ed:
81:d8:0a:7c:8e:00:f7:ff:f1:9c:f2:e5:e9:ff:93:
c2:1f:9a:f5:88:35:f9:6f:ef:d4:38:fc:66:e4:8f:
a7:0a:51:b1:fc:33:13:25:aa:78:be:3d:10:a1:83:
de:18:cf:6b:c1:e7:12:8e:ae:cb:89:57:04:93:e9:
0f:98:7c:4c:81:ed:94:8b:b4:51:80:44:74:0b:d7:
82:f2:7e:a7:d1:cc:8e:43:0f:eb:f4:95:33:78:fd:
7e:9c:e5:5f:54:e5:9d:c9:67:6d:3a:10:b7:05:7e:
6a:8c:3b:fb:10:b1:15:a8:9d:61:37:e9:22:60:66:
79:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EF:F0:F0:A1:E0:E1:7B:9D:A7:36:D0:75:2A:50:4C:12:71:E1:F4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS402203.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.36.0/24
91.124.7.0/24
95.135.224.0/24
178.93.124.0/24
178.95.9.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:d5:a5:9e:e6:98:ee:fa:b2:c8:c2:41:b2:6b:f3:fc:24:7a:
a7:3d:32:e3:da:2d:a1:b0:57:35:17:99:5b:66:6a:34:c2:d2:
e3:68:7a:83:51:d4:80:a3:fa:e0:c0:5c:82:a9:57:25:fb:92:
8a:c0:e2:64:ac:27:6a:2e:c0:4d:b8:dc:45:ed:0b:da:f4:a2:
e1:8a:4d:7c:45:9f:6b:a6:04:77:17:79:df:fe:c7:0d:ad:e7:
de:87:af:9d:32:9b:f9:6f:f9:72:9c:6c:25:2a:1b:fe:33:ab:
85:2f:2c:90:c7:95:80:88:4c:24:dd:1d:fb:c5:ab:be:71:7a:
e6:cc:1f:69:28:4e:6b:e8:ae:1d:59:c9:be:f2:4e:32:c7:b9:
fc:e6:6a:a6:f1:5c:6f:3d:e1:b4:51:cb:02:b7:65:dd:b1:cf:
3f:d1:93:71:75:c7:7a:36:1d:36:47:15:9c:cb:a0:5c:2c:39:
1b:26:cd:83:43:e3:a5:96:c6:f1:db:0f:37:bb:8e:89:04:c3:
3d:f3:8c:f6:bd:11:6d:18:c9:10:35:d5:70:d3:fa:21:24:ff:
c1:f1:b8:06:4c:2a:75:3f:d7:dd:6e:58:a1:42:3c:e8:e2:20:
f2:b0:c8:76:78:fd:57:2d:15:29:26:c6:f9:ea:22:3b:e9:e8:
f4:5e:b5:ef
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUdZ2FA8uOge8p9JoIyThcBJHB4w8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMjUxMTM1MDBaFw0yNzAzMjQxMTQwMDBaMDMxMTAvBgNV
BAMTKDNCRUZGMEYwQTFFMEUxN0I5REE3MzZEMDc1MkE1MDRDMTI3MUUxRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTboPTdvq45RlYZHpAGzWcgDQm
MPF8qHQ/rCZuEZrofd1gkm8PRyUm5xD6JzpmJxanFJEwkGYr77J0X9XdgKbh1E5W
B4pUVcakll1G+HPmHQxmaBxM4D1UeNpy/fLK58VmPhZ0DV3EtTfYdV4CyiTP45RW
TyWRzDsEPfMdF66Qx6uh9dX87YHYCnyOAPf/8Zzy5en/k8IfmvWINflv79Q4/Gbk
j6cKUbH8MxMlqni+PRChg94Yz2vB5xKOrsuJVwST6Q+YfEyB7ZSLtFGARHQL14Ly
fqfRzI5DD+v0lTN4/X6c5V9U5Z3JZ206ELcFfmqMO/sQsRWonWE36SJgZnmhAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUO+/w8KHg4XudpzbQdSpQTBJx4fQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDAyMjAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALssk
AwQAW3wHAwQAX4fgAwQAsl18AwQAsl8JMA0GCSqGSIb3DQEBCwUAA4IBAQAu1aWe
5pju+rLIwkGya/P8JHqnPTLj2i2hsFc1F5lbZmo0wtLjaHqDUdSAo/rgwFyCqVcl
+5KKwOJkrCdqLsBNuNxF7Qva9KLhik18RZ9rpgR3F3nf/scNrefeh6+dMpv5b/ly
nGwlKhv+M6uFLyyQx5WAiEwk3R37xau+cXrmzB9pKE5r6K4dWcm+8k4yx7n85mqm
8VxvPeG0UcsCt2Xdsc8/0ZNxdcd6Nh02RxWcy6BcLDkbJs2DQ+Ollsbx2w83u46J
BMM984z2vRFtGMkQNdVw0/ohJP/B8bgGTCp1P9fdblihQjzo4iDysMh2eP1XLRUp
Jsb56iI76ej0XrXv
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:14:21 2026 by rpki-client