Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401776.roa
File: AS401776.roa (raw, json)
Hash identifier: IB9hZ5XkafYHxw+0D6XQ3mFw4pGP3cwx0EEQ7Siiq6I=
Subject key identifier: 87:64:A8:C4:66:5B:F5:CF:6B:F2:A4:B0:22:58:28:CE:A0:E1:7E:C0
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1EA3A423B8B1D9654EA5309C588DCBDB486B15CE
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401776.roa
Signing time: Tue 28 Oct 2025 09:06:53 +0000
ROA not before: Tue 28 Oct 2025 09:01:53 +0000
ROA not after: Tue 27 Oct 2026 09:06:53 +0000
asID: 401776
IP address blocks: 46.203.72.0/24 maxlen: 24
46.203.81.0/24 maxlen: 24
95.134.143.0/24 maxlen: 24
95.135.31.0/24 maxlen: 24
95.135.58.0/24 maxlen: 24
95.135.192.0/24 maxlen: 24
178.94.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:a3:a4:23:b8:b1:d9:65:4e:a5:30:9c:58:8d:cb:db:48:6b:15:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 28 09:01:53 2025 GMT
Not After : Oct 27 09:06:53 2026 GMT
Subject: CN=8764A8C4665BF5CF6BF2A4B0225828CEA0E17EC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:eb:d7:cc:96:59:83:c3:d3:c4:6a:5e:47:d7:
05:4c:b4:f6:df:05:b9:80:e7:fc:8d:a1:32:09:74:
6b:4a:4c:5e:23:70:04:2a:e9:1b:42:44:16:35:a3:
6d:c4:0c:e1:38:46:4a:66:d9:8c:54:10:aa:dd:8f:
82:8c:ff:f2:18:87:f4:20:63:6b:87:91:4b:c6:2b:
2a:0a:d2:46:27:df:58:48:0f:e7:00:21:e2:3a:27:
49:c8:51:13:68:89:a9:1d:6a:3e:2e:af:dc:ba:1c:
e1:e6:3a:96:3c:df:fa:73:99:2c:1e:ab:b0:f4:4d:
8b:4a:d8:5e:ce:0d:4b:2d:95:96:4d:6b:b1:eb:ec:
4d:03:c5:7b:36:f2:3e:94:82:e3:73:ae:31:4c:1e:
ad:bc:ca:a7:b9:d8:07:8c:7b:1f:6c:25:26:6d:08:
9e:f3:4c:ef:e3:61:5d:93:88:15:c2:f4:ee:24:15:
8a:93:20:bd:2e:6b:16:a7:33:6c:9a:83:13:b0:b5:
32:d1:d9:1a:86:13:2d:f4:f2:4e:a3:a5:b4:5c:a2:
fa:63:8a:69:85:7f:ec:f9:a3:31:be:53:a4:b8:f3:
70:0f:b2:b2:19:39:54:72:a4:86:ad:8a:57:89:dd:
86:5b:73:30:29:15:9e:87:6d:a9:f9:4a:2d:06:71:
c0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:64:A8:C4:66:5B:F5:CF:6B:F2:A4:B0:22:58:28:CE:A0:E1:7E:C0
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401776.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.72.0/24
46.203.81.0/24
95.134.143.0/24
95.135.31.0/24
95.135.58.0/24
95.135.192.0/24
178.94.140.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:27:f5:2d:ed:74:0c:3c:10:e4:54:7d:bb:4c:59:e4:fa:5b:
86:e0:cd:9e:ed:fb:f3:e1:c0:4a:67:92:8f:70:2a:b0:e9:bb:
28:dd:08:44:d6:07:54:4a:b7:64:db:35:2a:43:6f:c4:2f:cb:
05:35:75:45:1f:1d:bb:bf:9c:05:e3:56:bd:e2:55:c8:f7:f0:
b7:50:ff:1b:f7:91:71:bb:04:4a:48:8a:de:ce:82:6b:ac:32:
70:3d:c4:aa:f7:9e:56:b0:cc:af:72:4f:70:78:c4:34:af:32:
83:d1:66:64:d7:f2:47:dc:6d:04:1f:29:fd:fc:96:f1:9b:3c:
74:73:10:eb:41:e7:a0:03:14:90:ac:95:ce:78:05:de:51:cc:
80:39:13:5c:40:a4:70:c0:17:e3:3d:81:3a:b7:4f:35:db:01:
6d:00:b9:ef:21:30:9c:a7:ff:f6:21:ac:92:0b:4d:ed:6c:85:
5f:3c:4f:ac:ce:b2:b8:c1:0a:d5:50:9d:b7:32:92:5f:77:9c:
84:b7:08:bf:a3:20:df:98:ad:c0:25:d0:b6:19:1d:15:a6:c9:
39:ed:53:4b:af:19:87:08:b2:a6:25:62:74:a8:f6:c2:fa:87:
79:ec:ac:9a:b2:69:d7:bf:38:df:74:35:93:70:5f:9d:dd:0a:
26:43:6e:e1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUHqOkI7ix2WVOpTCcWI3L20hrFc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjgwOTAxNTNaFw0yNjEwMjcwOTA2NTNaMDMxMTAvBgNV
BAMTKDg3NjRBOEM0NjY1QkY1Q0Y2QkYyQTRCMDIyNTgyOENFQTBFMTdFQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCH69fMllmDw9PEal5H1wVMtPbf
BbmA5/yNoTIJdGtKTF4jcAQq6RtCRBY1o23EDOE4Rkpm2YxUEKrdj4KM//IYh/Qg
Y2uHkUvGKyoK0kYn31hID+cAIeI6J0nIURNoiakdaj4ur9y6HOHmOpY83/pzmSwe
q7D0TYtK2F7ODUstlZZNa7Hr7E0DxXs28j6UguNzrjFMHq28yqe52AeMex9sJSZt
CJ7zTO/jYV2TiBXC9O4kFYqTIL0uaxanM2yagxOwtTLR2RqGEy308k6jpbRcovpj
immFf+z5ozG+U6S483APsrIZOVRypIatileJ3YZbczApFZ6Hban5Si0GccDlAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUh2SoxGZb9c9r8qSwIlgozqDhfsAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDAxNzc2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALstI
AwQALstRAwQAX4aPAwQAX4cfAwQAX4c6AwQAX4fAAwQCsl6MMA0GCSqGSIb3DQEB
CwUAA4IBAQBuJ/Ut7XQMPBDkVH27TFnk+luG4M2e7fvz4cBKZ5KPcCqw6bso3QhE
1gdUSrdk2zUqQ2/EL8sFNXVFHx27v5wF41a94lXI9/C3UP8b95FxuwRKSIrezoJr
rDJwPcSq955WsMyvck9weMQ0rzKD0WZk1/JH3G0EHyn9/Jbxmzx0cxDrQeegAxSQ
rJXOeAXeUcyAORNcQKRwwBfjPYE6t0812wFtALnvITCcp//2IaySC03tbIVfPE+s
zrK4wQrVUJ23MpJfd5yEtwi/oyDfmK3AJdC2GR0Vpsk57VNLrxmHCLKmJWJ0qPbC
+od57KyasmnXvzjfdDWTcF+d3QomQ27h
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:35:54 2025 by rpki-client