Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402257.roa
File: AS402257.roa (raw, json)
Hash identifier: M7DEsp3xYeTCr3sEv8gN2dJWdzF5J8mx0YPwcuJ8dhY=
Subject key identifier: 82:0A:C0:61:92:C4:80:A2:EB:85:B2:E7:3C:9A:99:C5:AB:3E:9A:2F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 22083463F830BF3D8F3843F5985BD1DFAFB25A65
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402257.roa
Signing time: Wed 01 Apr 2026 18:08:57 +0000
ROA not before: Wed 01 Apr 2026 18:03:57 +0000
ROA not after: Wed 31 Mar 2027 18:08:57 +0000
asID: 402257
IP address blocks: 168.222.19.0/24 maxlen: 24
168.222.30.0/24 maxlen: 24
168.222.31.0/24 maxlen: 24
168.222.82.0/24 maxlen: 24
168.222.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 Apr 2026 08:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:08:34:63:f8:30:bf:3d:8f:38:43:f5:98:5b:d1:df:af:b2:5a:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 1 18:03:57 2026 GMT
Not After : Mar 31 18:08:57 2027 GMT
Subject: CN=820AC06192C480A2EB85B2E73C9A99C5AB3E9A2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:68:87:97:17:78:aa:c2:02:41:2d:67:d6:1e:
04:af:30:c1:55:a6:42:f8:94:9c:0a:2d:55:6b:2d:
b8:ad:6d:31:41:93:c9:d4:ba:f4:a5:54:a5:29:5b:
16:55:0e:fa:9c:4b:f3:e7:a6:6a:38:c5:53:4d:46:
b0:80:4e:a8:fa:94:5d:df:24:0e:a8:90:3c:6b:dd:
4d:87:83:fa:d0:79:df:05:16:0f:d1:89:cf:24:6c:
01:5a:be:b6:37:d9:92:1f:17:f9:0a:ee:b3:56:2e:
fd:b4:b4:39:12:3a:1b:c7:e3:4f:ff:0f:df:84:6d:
ed:2f:b2:cf:d8:fc:89:93:87:96:62:63:b0:11:2b:
6d:7f:5e:5d:dd:43:aa:49:56:f0:54:58:50:3f:1d:
5f:21:9e:70:8a:85:06:77:59:e8:79:58:da:5b:03:
c1:1a:d8:61:02:05:45:f8:66:14:c1:18:c3:7a:d1:
39:22:a4:25:ba:23:d3:44:94:92:fd:85:3e:7b:88:
39:d4:b0:a3:cd:6b:48:22:1c:b7:03:76:75:7e:d0:
75:4e:39:d0:95:ef:bd:1d:9b:67:2a:0d:e9:e5:79:
6b:81:94:a1:2a:f2:d4:bc:2b:cc:e9:fb:65:1b:b8:
0b:66:f3:35:b3:a7:05:81:54:fb:ae:1d:10:9f:26:
0e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:0A:C0:61:92:C4:80:A2:EB:85:B2:E7:3C:9A:99:C5:AB:3E:9A:2F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS402257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.222.19.0/24
168.222.30.0/23
168.222.82.0/24
168.222.95.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:a4:e8:6e:9a:88:eb:00:7a:b1:5e:d1:56:e9:bb:2a:6e:a0:
67:70:06:20:db:1d:39:21:e6:fe:4b:dc:9a:9c:6d:b4:7d:c0:
12:b0:bd:a8:2a:a4:a3:da:0f:d3:cb:08:c6:7b:a5:f1:50:13:
54:59:c1:16:5c:34:3e:15:6e:4d:86:7d:c7:fd:94:5a:fc:cb:
00:0a:c6:55:e4:df:4a:3a:2e:d5:05:56:83:84:e9:c9:5a:3e:
89:35:87:b4:19:f0:23:2a:47:f9:7a:80:39:f3:18:bd:1d:20:
af:e2:fa:a3:f3:dd:1b:5f:5f:1e:ed:33:6c:ca:fe:a4:7a:5d:
60:50:04:18:26:0b:5c:45:6d:66:6a:64:3c:54:fb:99:4e:0c:
71:e9:fa:94:48:9c:a9:d3:f1:ac:9f:9c:12:58:40:34:ef:84:
69:6d:11:f9:a7:c0:bd:64:9c:cd:72:7a:1e:e0:fe:66:08:90:
b3:2a:ec:0b:2b:5f:7e:14:f5:e8:60:b5:66:33:c7:c0:9d:39:
f2:15:f6:8e:af:f2:7f:f1:a6:95:58:dd:d1:d1:14:34:f8:0a:
fa:67:83:9b:e5:6a:a0:17:71:19:bb:e3:9f:37:d6:57:53:66:
60:99:29:a3:e1:43:86:69:2b:ef:aa:04:73:42:f8:4f:58:04:
eb:0a:6c:18
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUIgg0Y/gwvz2POEP1mFvR36+yWmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDExODAzNTdaFw0yNzAzMzExODA4NTdaMDMxMTAvBgNV
BAMTKDgyMEFDMDYxOTJDNDgwQTJFQjg1QjJFNzNDOUE5OUM1QUIzRTlBMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfaIeXF3iqwgJBLWfWHgSvMMFV
pkL4lJwKLVVrLbitbTFBk8nUuvSlVKUpWxZVDvqcS/Pnpmo4xVNNRrCATqj6lF3f
JA6okDxr3U2Hg/rQed8FFg/Ric8kbAFavrY32ZIfF/kK7rNWLv20tDkSOhvH40//
D9+Ebe0vss/Y/ImTh5ZiY7ARK21/Xl3dQ6pJVvBUWFA/HV8hnnCKhQZ3Weh5WNpb
A8Ea2GECBUX4ZhTBGMN60TkipCW6I9NElJL9hT57iDnUsKPNa0giHLcDdnV+0HVO
OdCV770dm2cqDenleWuBlKEq8tS8K8zp+2UbuAtm8zWzpwWBVPuuHRCfJg4BAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUggrAYZLEgKLrhbLnPJqZxas+mi8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDAyMjU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAqN4T
AwQBqN4eAwQAqN5SAwQAqN5fMA0GCSqGSIb3DQEBCwUAA4IBAQB6pOhumojrAHqx
XtFW6bsqbqBncAYg2x05Ieb+S9yanG20fcASsL2oKqSj2g/TywjGe6XxUBNUWcEW
XDQ+FW5Nhn3H/ZRa/MsACsZV5N9KOi7VBVaDhOnJWj6JNYe0GfAjKkf5eoA58xi9
HSCv4vqj890bX18e7TNsyv6kel1gUAQYJgtcRW1mamQ8VPuZTgxx6fqUSJyp0/Gs
n5wSWEA074RpbRH5p8C9ZJzNcnoe4P5mCJCzKuwLK19+FPXoYLVmM8fAnTnyFfaO
r/J/8aaVWN3R0RQ0+Ar6Z4Ob5WqgF3EZu+OfN9ZXU2ZgmSmj4UOGaSvvqgRzQvhP
WATrCmwY
-----END CERTIFICATE-----
Generated at Sat Apr 4 16:55:57 2026 by rpki-client