Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402257.roa
File: AS402257.roa (raw, json)
Hash identifier: rZpapztys2dj4crGUKYMGbyzD3oSXHKJPdpE+oNmOqc=
Subject key identifier: BA:F0:77:BF:D2:3F:86:1E:6B:5E:8E:46:32:08:20:32:42:69:E3:F8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6997BE90888FD22DA6587F0E61BB5AB55C635B9F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402257.roa
Signing time: Mon 06 Apr 2026 12:48:19 +0000
ROA not before: Mon 06 Apr 2026 12:43:19 +0000
ROA not after: Mon 05 Apr 2027 12:48:19 +0000
asID: 402257
IP address blocks: 143.14.249.0/24 maxlen: 24
168.222.19.0/24 maxlen: 24
168.222.30.0/24 maxlen: 24
168.222.31.0/24 maxlen: 24
168.222.82.0/24 maxlen: 24
168.222.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:97:be:90:88:8f:d2:2d:a6:58:7f:0e:61:bb:5a:b5:5c:63:5b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 6 12:43:19 2026 GMT
Not After : Apr 5 12:48:19 2027 GMT
Subject: CN=BAF077BFD23F861E6B5E8E46320820324269E3F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:79:cf:3d:bb:f7:e1:8f:11:9f:8f:09:19:d9:
2c:02:fc:04:23:d2:27:2a:c3:c6:e5:fb:d2:a2:3e:
67:fa:c6:b8:95:e9:32:39:39:d6:bb:8a:68:e3:9f:
3d:44:9e:69:7a:a4:b9:ef:c4:6a:ac:4f:88:1f:91:
22:05:81:fb:4c:b1:9e:02:d0:86:49:f6:90:d9:72:
8b:f7:2f:3a:1e:88:45:58:65:4e:30:60:78:6f:63:
a7:61:96:7f:76:de:23:66:fb:9c:2e:c9:f0:da:6b:
19:86:f1:e0:8e:68:c8:44:e7:c3:6b:8f:60:2a:6a:
93:b9:7a:74:b9:4d:e2:db:1c:1b:e5:95:f8:e6:60:
0f:9d:53:78:ac:c4:d5:d7:04:36:33:2e:4a:11:c7:
ef:65:ce:7f:06:1c:5b:7a:aa:73:bd:96:ea:e3:a6:
ac:a5:19:ef:af:6c:d3:6c:ff:e6:03:fe:00:f1:03:
e0:04:e7:e1:ac:ee:d4:03:82:89:31:33:13:00:23:
8e:d3:7d:60:43:2a:ef:f6:e2:be:18:1b:fa:ed:09:
b0:aa:41:1d:49:01:e9:1c:8c:18:22:22:2e:88:bb:
25:ee:54:4a:a3:56:47:1c:05:8d:4b:21:6c:b4:a4:
af:bb:1f:d0:bb:94:99:75:2b:0b:20:61:b5:f7:e0:
35:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F0:77:BF:D2:3F:86:1E:6B:5E:8E:46:32:08:20:32:42:69:E3:F8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.249.0/24
168.222.19.0/24
168.222.30.0/23
168.222.82.0/24
168.222.95.0/24
Signature Algorithm: sha256WithRSAEncryption
22:79:07:bd:b8:e1:26:bc:3b:b2:12:a7:bf:5c:25:41:43:67:
46:43:8c:fc:a1:38:78:17:16:3d:b3:d8:85:ad:c8:4e:c2:2a:
f3:ef:e1:8f:72:7e:57:ee:07:7e:fc:e1:89:dd:85:9a:70:1d:
4a:88:9c:5c:79:d3:f6:5a:fe:8a:8c:e6:91:6c:cc:2a:c6:91:
90:0f:1c:b8:ca:f0:7d:d7:1d:da:8c:19:64:f5:7e:7e:90:e9:
e4:af:1f:36:82:0c:94:1c:f3:79:90:7c:2a:c5:d0:b0:ed:86:
05:61:95:e5:ff:e8:12:10:6a:91:d8:ea:82:ff:cc:78:3c:b8:
83:b4:54:e3:c9:ca:61:dd:f7:53:c3:bd:57:2d:5f:ce:2e:5c:
93:b0:d9:ff:a9:a9:fb:0d:b2:2f:3f:b2:3a:51:cd:00:6d:3d:
0e:72:65:1b:df:5c:42:c0:2c:48:84:66:72:f4:16:df:41:90:
41:e0:49:8f:62:c1:84:a4:af:10:d9:58:05:14:09:c6:a9:cc:
50:fe:24:f0:4d:3d:23:56:d6:84:65:b7:4a:96:5f:02:fd:75:
01:f8:93:8e:b6:ce:0f:fe:fb:ff:67:e1:76:41:67:33:a0:8a:
ea:c7:ac:f1:83:99:61:25:fb:63:cb:c7:14:8e:09:9f:11:d3:
b8:2f:57:f8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUaZe+kIiP0i2mWH8OYbtatVxjW58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDYxMjQzMTlaFw0yNzA0MDUxMjQ4MTlaMDMxMTAvBgNV
BAMTKEJBRjA3N0JGRDIzRjg2MUU2QjVFOEU0NjMyMDgyMDMyNDI2OUUzRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrec89u/fhjxGfjwkZ2SwC/AQj
0icqw8bl+9KiPmf6xriV6TI5Oda7imjjnz1Enml6pLnvxGqsT4gfkSIFgftMsZ4C
0IZJ9pDZcov3LzoeiEVYZU4wYHhvY6dhln923iNm+5wuyfDaaxmG8eCOaMhE58Nr
j2AqapO5enS5TeLbHBvllfjmYA+dU3isxNXXBDYzLkoRx+9lzn8GHFt6qnO9lurj
pqylGe+vbNNs/+YD/gDxA+AE5+Gs7tQDgokxMxMAI47TfWBDKu/24r4YG/rtCbCq
QR1JAekcjBgiIi6IuyXuVEqjVkccBY1LIWy0pK+7H9C7lJl1KwsgYbX34DXrAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUuvB3v9I/hh5rXo5GMgggMkJp4/gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDAyMjU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAjw75
AwQAqN4TAwQBqN4eAwQAqN5SAwQAqN5fMA0GCSqGSIb3DQEBCwUAA4IBAQAieQe9
uOEmvDuyEqe/XCVBQ2dGQ4z8oTh4FxY9s9iFrchOwirz7+GPcn5X7gd+/OGJ3YWa
cB1KiJxcedP2Wv6KjOaRbMwqxpGQDxy4yvB91x3ajBlk9X5+kOnkrx82ggyUHPN5
kHwqxdCw7YYFYZXl/+gSEGqR2OqC/8x4PLiDtFTjycph3fdTw71XLV/OLlyTsNn/
qan7DbIvP7I6Uc0AbT0OcmUb31xCwCxIhGZy9BbfQZBB4EmPYsGEpK8Q2VgFFAnG
qcxQ/iTwTT0jVtaEZbdKll8C/XUB+JOOts4P/vv/Z+F2QWczoIrqx6zxg5lhJftj
y8cUjgmfEdO4L1f4
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:53:59 2026 by rpki-client