Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401776.roa
File: AS401776.roa (raw, json)
Hash identifier: WsQaR51HeLFmlRKszPn3XTw3ZA3O1bBpeEDf0GdxBcY=
Subject key identifier: BD:4F:7C:A5:80:11:49:43:7D:05:C7:62:F1:43:CA:CA:A4:E1:97:19
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 33F2ADE7E49176F738974C7CCB05517210B0A4F2
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401776.roa
Signing time: Wed 10 Jun 2026 02:07:07 +0000
ROA not before: Wed 10 Jun 2026 02:02:07 +0000
ROA not after: Wed 09 Jun 2027 02:07:07 +0000
asID: 401776
IP address blocks: 92.119.35.0/24 maxlen: 24
2a0a:9a00::/29 maxlen: 48
2a0a:9e00::/29 maxlen: 48
2a0b:8700::/29 maxlen: 48
2a0d:4c40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f2:ad:e7:e4:91:76:f7:38:97:4c:7c:cb:05:51:72:10:b0:a4:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 10 02:02:07 2026 GMT
Not After : Jun 9 02:07:07 2027 GMT
Subject: CN=BD4F7CA5801149437D05C762F143CACAA4E19719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:82:6d:27:b5:84:de:be:cf:b2:61:f7:af:49:
35:b0:f0:da:b8:f1:4c:e5:99:47:ef:15:e1:e9:43:
d2:62:49:5f:e9:ea:a5:a3:15:1b:8d:04:e3:fc:bb:
b2:28:51:4f:f3:7d:25:5b:5d:38:18:c7:08:44:8d:
1e:18:0c:32:2b:85:f1:c2:02:e2:97:62:31:88:fb:
42:55:97:37:de:ef:fb:e2:a7:41:c3:46:6b:78:ae:
72:55:a1:8f:3e:df:ea:82:90:f4:15:37:13:66:6f:
33:91:3a:db:0e:3e:78:45:3b:70:84:b9:e1:9e:82:
93:0d:0a:ff:1a:65:b4:e5:c9:d8:87:e7:b8:4f:4e:
59:26:a0:95:78:cd:2f:f7:e8:cf:3f:9a:ec:9b:0a:
c0:09:f1:f2:37:4e:8e:45:c4:94:f3:1d:26:56:f1:
29:7a:3c:64:99:d6:8e:45:d8:b4:22:64:21:07:18:
05:69:e4:15:2b:3b:73:0c:fb:7c:81:0e:68:41:a5:
19:bc:a3:90:07:a2:35:6a:dc:36:a8:f7:91:ba:49:
b3:19:de:9f:fc:c8:3b:b8:24:00:93:43:75:d7:82:
bc:cd:7a:2b:f8:e0:29:d3:be:dc:5f:77:33:8f:35:
84:f5:c2:b9:d7:c9:ac:9d:25:1d:85:46:bf:5d:54:
e9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:4F:7C:A5:80:11:49:43:7D:05:C7:62:F1:43:CA:CA:A4:E1:97:19
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401776.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.35.0/24
IPv6:
2a0a:9a00::/29
2a0a:9e00::/29
2a0b:8700::/29
2a0d:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
29:c7:29:dc:1b:79:1f:f8:f3:b6:be:99:1f:a5:f9:dc:06:13:
6c:b5:b8:31:9f:2a:1e:eb:d6:06:da:82:3e:62:fd:5a:cc:ae:
9c:19:b2:c1:7b:70:74:25:39:14:3f:c1:ef:21:9a:c7:89:c6:
34:fd:ad:b5:50:e4:4c:95:4e:36:0f:68:42:e0:3c:8f:d3:33:
0d:d0:4d:56:63:45:ca:b1:fa:ad:3e:59:20:c7:af:0a:50:d0:
4e:91:c1:8e:20:88:17:6a:42:99:b1:3a:52:fc:1d:c8:df:0a:
7a:c5:47:e5:39:3f:9b:27:a7:be:34:e1:b5:d4:5a:02:d8:68:
b5:ca:5b:1b:34:1f:32:f0:61:64:6c:9d:94:47:4d:4b:86:82:
28:3c:0b:32:27:21:d7:8f:08:a2:69:48:83:f9:f6:2a:56:b5:
94:b6:e6:0d:ff:e5:61:30:64:c4:15:95:89:03:01:7c:8a:4a:
1a:78:00:87:c9:b8:2f:7f:21:99:c8:e8:26:25:c9:99:12:49:
d4:e9:18:c8:c6:92:12:4c:86:e3:3b:49:8d:8b:79:7f:84:ba:
51:94:38:30:0e:11:bb:dd:89:3e:1f:d4:cb:ef:15:b1:8f:c4:
da:c8:00:89:7d:4d:a1:27:92:eb:87:0c:37:1d:ae:20:5b:e8:
1d:60:78:cb
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUM/Kt5+SRdvc4l0x8ywVRchCwpPIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA2MTAwMjAyMDdaFw0yNzA2MDkwMjA3MDdaMDMxMTAvBgNV
BAMTKEJENEY3Q0E1ODAxMTQ5NDM3RDA1Qzc2MkYxNDNDQUNBQTRFMTk3MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8gm0ntYTevs+yYfevSTWw8Nq4
8UzlmUfvFeHpQ9JiSV/p6qWjFRuNBOP8u7IoUU/zfSVbXTgYxwhEjR4YDDIrhfHC
AuKXYjGI+0JVlzfe7/vip0HDRmt4rnJVoY8+3+qCkPQVNxNmbzOROtsOPnhFO3CE
ueGegpMNCv8aZbTlydiH57hPTlkmoJV4zS/36M8/muybCsAJ8fI3To5FxJTzHSZW
8Sl6PGSZ1o5F2LQiZCEHGAVp5BUrO3MM+3yBDmhBpRm8o5AHojVq3Dao95G6SbMZ
3p/8yDu4JACTQ3XXgrzNeiv44CnTvtxfdzOPNYT1wrnXyaydJR2FRr9dVOlXAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUvU98pYARSUN9Bcdi8UPKyqThlxkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAxNzc2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAXHcj
MCIEAgACMBwDBQMqCpoAAwUDKgqeAAMFAyoLhwADBQMqDUxAMA0GCSqGSIb3DQEB
CwUAA4IBAQApxyncG3kf+PO2vpkfpfncBhNstbgxnyoe69YG2oI+Yv1azK6cGbLB
e3B0JTkUP8HvIZrHicY0/a21UORMlU42D2hC4DyP0zMN0E1WY0XKsfqtPlkgx68K
UNBOkcGOIIgXakKZsTpS/B3I3wp6xUflOT+bJ6e+NOG11FoC2Gi1ylsbNB8y8GFk
bJ2UR01LhoIoPAsyJyHXjwiiaUiD+fYqVrWUtuYN/+VhMGTEFZWJAwF8ikoaeACH
ybgvfyGZyOgmJcmZEknU6RjIxpISTIbjO0mNi3l/hLpRlDgwDhG73Yk+H9TL7xWx
j8TayACJfU2hJ5Lrhww3Ha4gW+gdYHjL
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:36 2026 by rpki-client