Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS402203.roa
File: AS402203.roa (raw, json)
Hash identifier: U/y+oA8AmkeVzQbN5ynlsCU9OqQFx+mdSZ8n6QG1bco=
Subject key identifier: 41:94:D2:15:F2:67:47:EC:59:22:F2:E0:17:BF:B2:91:DB:29:A6:78
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 12DD773B1CC6520C535F9130FFB6CF6E567EDFEC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS402203.roa
Signing time: Tue 31 Mar 2026 09:00:01 +0000
ROA not before: Tue 31 Mar 2026 08:55:01 +0000
ROA not after: Tue 30 Mar 2027 09:00:01 +0000
asID: 402203
IP address blocks: 185.158.135.0/24 maxlen: 24
191.96.65.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
193.107.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:dd:77:3b:1c:c6:52:0c:53:5f:91:30:ff:b6:cf:6e:56:7e:df:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 31 08:55:01 2026 GMT
Not After : Mar 30 09:00:01 2027 GMT
Subject: CN=4194D215F26747EC5922F2E017BFB291DB29A678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ed:d8:aa:47:cb:0b:dc:58:9f:83:9a:16:14:
90:0b:a3:1b:e5:e8:93:92:6e:18:4e:31:b4:d5:8c:
ec:89:94:61:11:8b:74:e4:6f:a5:4b:31:b4:80:58:
33:f4:32:c3:f9:d4:6d:c3:0f:ab:6e:d1:59:5b:d4:
8b:43:b4:ca:95:d0:b6:c0:aa:bd:33:25:73:35:33:
bb:21:b5:29:cc:db:74:0e:a0:61:a2:3f:37:01:b4:
4f:6b:5d:36:23:1b:8c:e4:b7:c5:a4:9c:50:ef:84:
c8:87:c5:d2:5e:bf:14:de:8b:e5:dc:76:03:9a:30:
09:03:a1:66:42:75:0b:f9:41:10:fa:4a:65:81:56:
e8:5d:5b:3b:bc:9a:2d:50:a1:0d:15:d1:d9:b7:cf:
d2:81:93:6d:8e:bd:bc:b5:fa:10:c6:7d:81:72:32:
a0:fa:b7:67:34:79:d7:6c:6d:d0:6b:60:a2:0e:6f:
6e:ce:8d:63:e4:46:5e:01:06:e6:61:35:22:cb:fc:
26:16:18:3c:b8:7e:81:c0:ac:fd:e1:9c:55:50:2e:
67:ed:b0:ab:ab:6c:7d:6b:9c:c6:ea:00:aa:fa:e2:
59:53:83:6e:f9:63:bc:94:43:ee:96:84:8c:85:2b:
a0:82:f9:88:4e:e3:41:9d:ca:8e:b6:69:74:02:e1:
ae:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:94:D2:15:F2:67:47:EC:59:22:F2:E0:17:BF:B2:91:DB:29:A6:78
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS402203.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.135.0/24
191.96.65.0/24
191.101.22.0/24
193.107.210.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:7f:d1:05:ac:32:6e:df:43:72:f9:43:ef:30:09:7d:3e:3b:
90:6d:79:74:f3:8f:ad:d9:5a:43:e9:ff:7e:64:cb:ac:82:89:
67:68:5c:80:2b:8c:6e:e1:0f:1d:20:83:4e:35:a4:cb:c5:93:
5a:02:72:26:cb:04:18:47:94:3e:b5:ad:0a:53:2b:84:fe:64:
3c:99:28:1a:4b:9a:0f:8f:74:f2:ef:27:27:56:ca:e8:91:d0:
b6:8b:5a:05:32:58:ff:d3:5a:f7:3d:44:6b:82:e4:e1:a8:7f:
e5:a5:8a:d8:ee:4c:12:bb:ab:f8:ca:49:f9:9a:05:00:b5:3c:
fb:6d:0d:7b:c4:ff:3b:f5:cf:b1:c4:37:7d:fb:0e:d6:d0:60:
e6:e3:d3:fa:f6:21:95:66:8b:7d:53:65:58:98:ad:de:23:bc:
ee:b1:28:88:af:b6:1a:15:5c:7c:58:64:a7:17:4f:de:11:ac:
54:20:f5:bd:a5:2b:5b:89:b2:08:c3:57:97:8b:c9:c1:0a:e5:
43:69:90:bc:7b:56:34:96:4f:34:58:fb:cc:a0:82:7b:4c:4b:
60:fe:e1:64:fe:34:6f:ef:3e:9c:15:c8:d8:d6:dc:a4:71:96:
b4:3f:21:c1:7b:67:1d:c4:36:cc:0d:9c:13:c3:12:ab:f0:4b:
02:e9:e9:e8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUEt13OxzGUgxTX5Ew/7bPblZ+3+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMzEwODU1MDFaFw0yNzAzMzAwOTAwMDFaMDMxMTAvBgNV
BAMTKDQxOTREMjE1RjI2NzQ3RUM1OTIyRjJFMDE3QkZCMjkxREIyOUE2NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs7diqR8sL3Fifg5oWFJALoxvl
6JOSbhhOMbTVjOyJlGERi3Tkb6VLMbSAWDP0MsP51G3DD6tu0Vlb1ItDtMqV0LbA
qr0zJXM1M7shtSnM23QOoGGiPzcBtE9rXTYjG4zkt8WknFDvhMiHxdJevxTei+Xc
dgOaMAkDoWZCdQv5QRD6SmWBVuhdWzu8mi1QoQ0V0dm3z9KBk22Ovby1+hDGfYFy
MqD6t2c0eddsbdBrYKIOb27OjWPkRl4BBuZhNSLL/CYWGDy4foHArP3hnFVQLmft
sKurbH1rnMbqAKr64llTg275Y7yUQ+6WhIyFK6CC+YhO40Gdyo62aXQC4a71AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUQZTSFfJnR+xZIvLgF7+ykdsppngwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAyMjAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuZ6H
AwQAv2BBAwQAv2UWAwQAwWvSMA0GCSqGSIb3DQEBCwUAA4IBAQA7f9EFrDJu30Ny
+UPvMAl9PjuQbXl084+t2VpD6f9+ZMusgolnaFyAK4xu4Q8dIINONaTLxZNaAnIm
ywQYR5Q+ta0KUyuE/mQ8mSgaS5oPj3Ty7ycnVsrokdC2i1oFMlj/01r3PURrguTh
qH/lpYrY7kwSu6v4ykn5mgUAtTz7bQ17xP879c+xxDd9+w7W0GDm49P69iGVZot9
U2VYmK3eI7zusSiIr7YaFVx8WGSnF0/eEaxUIPW9pStbibIIw1eXi8nBCuVDaZC8
e1Y0lk80WPvMoIJ7TEtg/uFk/jRv7z6cFcjY1tykcZa0PyHBe2cdxDbMDZwTwxKr
8EsC6eno
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:02:33 2026 by rpki-client