Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS401404.roa
File: AS401404.roa (raw, json)
Hash identifier: +rEppBx3INhEOpRPwocgpuFYgbm686w2mcbUYoymp0U=
Subject key identifier: 33:91:C9:59:23:D4:23:1A:F0:EB:1A:E0:40:C3:AC:AA:44:7F:24:3C
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 76C75D313AC3BF93463F49536F6D0DF64E7E1755
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS401404.roa
Signing time: Tue 02 Jun 2026 16:09:42 +0000
ROA not before: Tue 02 Jun 2026 16:04:42 +0000
ROA not after: Tue 01 Jun 2027 16:09:42 +0000
asID: 401404
IP address blocks: 2a14:7583:f800::/48 maxlen: 48
2a14:7583:f802::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c7:5d:31:3a:c3:bf:93:46:3f:49:53:6f:6d:0d:f6:4e:7e:17:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 2 16:04:42 2026 GMT
Not After : Jun 1 16:09:42 2027 GMT
Subject: CN=3391C95923D4231AF0EB1AE040C3ACAA447F243C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2a:e8:74:9b:26:d4:63:c2:f8:91:34:17:c6:
0d:a4:af:55:11:c1:18:e8:23:bb:b9:72:4b:c3:f5:
ab:49:4e:47:57:f2:5a:0a:8b:39:b3:d1:ad:b3:de:
9c:d9:ab:08:f3:ec:2c:db:b3:bf:51:33:5f:b7:32:
5d:af:d2:91:ed:df:b3:2f:3e:50:81:d7:7f:dd:8f:
05:d3:ea:89:1f:55:39:81:c9:c8:ac:f2:8b:f5:f7:
df:c2:6f:ad:21:7c:18:f4:b1:d5:1e:12:4b:29:6c:
15:c1:4b:f1:72:c3:03:27:fb:17:8f:14:fd:62:3d:
3b:63:84:49:75:c9:79:70:81:4e:9e:0d:7a:25:e0:
a8:f8:c7:37:47:8e:c4:e6:b9:89:db:11:95:ae:ba:
ad:5a:33:00:60:86:7b:da:6d:32:77:8d:c6:bd:02:
5d:52:5b:cb:53:14:1f:66:19:24:05:86:59:26:8e:
fb:3a:32:00:f4:a1:02:96:cd:a9:6e:d1:38:39:99:
7f:46:54:3e:09:02:34:19:db:ca:42:20:ab:c1:d8:
29:ec:d2:3b:85:54:e7:df:db:5e:c2:d6:df:01:0d:
44:c6:f0:03:ba:62:bf:b7:ed:1f:ab:d0:13:a7:21:
95:d4:89:be:9d:a0:67:13:7b:a7:6e:47:56:2a:0e:
bb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:91:C9:59:23:D4:23:1A:F0:EB:1A:E0:40:C3:AC:AA:44:7F:24:3C
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS401404.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7583:f800::/48
2a14:7583:f802::/48
Signature Algorithm: sha256WithRSAEncryption
59:4f:f3:b8:74:b2:18:95:66:3c:98:a4:a3:aa:d3:6e:54:69:
5e:32:01:65:ae:27:39:73:6e:ee:a9:35:d5:ba:c7:25:55:94:
61:82:67:5e:b2:46:45:a3:b2:7f:c8:91:31:22:53:52:2a:69:
bd:61:d2:71:d8:99:b4:d0:95:7c:cf:2f:77:c0:b2:0b:cd:f0:
eb:46:93:de:f5:34:6d:cc:a5:a7:2e:75:da:d4:4d:62:2d:9f:
cb:87:f9:d5:99:52:bc:84:57:0b:28:07:0e:99:ef:5d:3b:a9:
af:50:19:88:9e:a6:9e:e0:6a:33:8e:53:71:7e:84:88:28:3c:
b1:c8:cd:0c:0d:06:96:e6:1f:7a:31:18:a6:39:43:a3:5d:9f:
46:87:33:bc:8c:26:c9:01:3d:97:8c:db:20:55:c0:47:0e:c0:
ee:49:00:82:ed:31:af:88:fd:2d:e3:de:e2:8d:4d:d5:1c:15:
75:22:ad:53:5e:26:89:bb:a4:f2:27:76:99:95:c9:11:d3:ec:
11:d8:bd:b1:78:02:d1:42:b4:06:10:bd:f8:a4:d4:ef:ef:a1:
75:86:6e:03:b3:ec:9b:d8:8f:d3:dc:88:5a:dc:50:4c:53:89:
f2:76:f6:40:52:ff:14:64:4a:35:8c:e7:c7:ed:9d:56:53:ee:
ea:24:1a:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUdsddMTrDv5NGP0lTb20N9k5+F1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA2MDIxNjA0NDJaFw0yNzA2MDExNjA5NDJaMDMxMTAvBgNV
BAMTKDMzOTFDOTU5MjNENDIzMUFGMEVCMUFFMDQwQzNBQ0FBNDQ3RjI0M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Kuh0mybUY8L4kTQXxg2kr1UR
wRjoI7u5ckvD9atJTkdX8loKizmz0a2z3pzZqwjz7Czbs79RM1+3Ml2v0pHt37Mv
PlCB13/djwXT6okfVTmBycis8ov199/Cb60hfBj0sdUeEkspbBXBS/FywwMn+xeP
FP1iPTtjhEl1yXlwgU6eDXol4Kj4xzdHjsTmuYnbEZWuuq1aMwBghnvabTJ3jca9
Al1SW8tTFB9mGSQFhlkmjvs6MgD0oQKWzalu0Tg5mX9GVD4JAjQZ28pCIKvB2Cns
0juFVOff217C1t8BDUTG8AO6Yr+37R+r0BOnIZXUib6doGcTe6duR1YqDrt3AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUM5HJWSPUIxrw6xrgQMOsqkR/JDwwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTNDAxNDA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhR1
g/gAAwcAKhR1g/gCMA0GCSqGSIb3DQEBCwUAA4IBAQBZT/O4dLIYlWY8mKSjqtNu
VGleMgFlric5c27uqTXVusclVZRhgmdeskZFo7J/yJExIlNSKmm9YdJx2Jm00JV8
zy93wLILzfDrRpPe9TRtzKWnLnXa1E1iLZ/Lh/nVmVK8hFcLKAcOme9dO6mvUBmI
nqae4GozjlNxfoSIKDyxyM0MDQaW5h96MRimOUOjXZ9GhzO8jCbJAT2XjNsgVcBH
DsDuSQCC7TGviP0t497ijU3VHBV1Iq1TXiaJu6TyJ3aZlckR0+wR2L2xeALRQrQG
EL34pNTv76F1hm4Ds+yb2I/T3Iha3FBMU4nydvZAUv8UZEo1jOfH7Z1WU+7qJBqz
-----END CERTIFICATE-----
Generated at Sat Jun 6 02:27:41 2026 by rpki-client