Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401783.roa
File:                     AS401783.roa (raw, json)
Hash identifier:          OeGQF8SnhoXa7JvXWbVLOQ1dixwhE/CdCa93W6BRfC0=
Subject key identifier:   54:DF:66:C3:AB:A9:B1:0C:38:B5:99:F0:65:8D:7B:C5:69:89:BA:D0
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       7C45B8BFD506941E76020581E32642959E9EA780
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401783.roa
Signing time:             Mon 13 Jul 2026 10:49:11 +0000
ROA not before:           Mon 13 Jul 2026 10:44:11 +0000
ROA not after:            Mon 12 Jul 2027 10:49:11 +0000
asID:                     401783
IP address blocks:        178.92.132.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Jul 2026 23:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:45:b8:bf:d5:06:94:1e:76:02:05:81:e3:26:42:95:9e:9e:a7:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Jul 13 10:44:11 2026 GMT
            Not After : Jul 12 10:49:11 2027 GMT
        Subject: CN=54DF66C3ABA9B10C38B599F0658D7BC56989BAD0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a0:82:34:9c:ce:9d:9c:7a:be:02:25:b1:6e:
                    65:64:53:ec:cd:18:91:8d:73:15:7e:30:d4:73:a4:
                    0a:43:14:7f:a9:10:82:1f:62:0c:a3:fc:82:58:7c:
                    e7:97:f0:9c:91:6d:fc:64:7c:51:28:e2:d8:44:ce:
                    e7:9b:8b:05:a5:42:15:21:48:5b:13:ee:96:f1:0a:
                    cc:07:ac:38:c2:18:48:7e:2f:1e:e7:f9:62:4d:1b:
                    eb:e7:4b:6b:68:37:c3:81:83:e5:bf:4e:41:7e:54:
                    6b:7d:09:bc:32:7e:29:72:d2:5c:6a:2d:fb:54:03:
                    f4:ec:b8:09:6d:52:54:71:99:c9:66:b9:e1:bd:15:
                    76:35:e4:2d:3a:6d:84:e8:91:a8:d0:8b:f4:1d:a9:
                    fa:81:29:07:3a:84:95:52:67:07:6e:4d:2a:5b:f5:
                    94:db:5a:de:04:d3:94:68:26:93:d7:af:4f:25:e0:
                    41:4a:e2:10:cf:a0:85:29:15:bc:6b:29:94:83:08:
                    a0:40:11:41:10:2b:fc:50:49:5c:4c:96:c6:21:ac:
                    9f:9b:d2:15:69:7f:28:34:7b:a6:9d:76:96:da:d9:
                    49:d7:cc:46:12:2f:a7:d7:00:ac:7c:c0:7f:e1:e3:
                    b6:d3:af:eb:36:68:41:60:fd:d7:70:12:ed:78:16:
                    12:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:DF:66:C3:AB:A9:B1:0C:38:B5:99:F0:65:8D:7B:C5:69:89:BA:D0
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401783.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.92.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:ed:32:36:ba:84:df:5a:da:44:f8:be:68:33:6c:f7:f5:47:
         ea:7c:a5:02:e4:b5:31:6c:fd:dc:41:e2:8d:eb:fc:2a:da:95:
         9d:c0:44:45:53:12:98:6e:fe:34:f0:51:1d:c7:a0:22:c2:2a:
         7b:2a:45:4f:e8:32:81:1d:19:5c:4d:f4:29:cb:c8:7a:9c:94:
         9c:d9:f0:27:7c:92:da:02:8c:2d:32:bc:67:1b:39:56:3b:cf:
         96:7f:a8:a5:64:45:67:72:b3:84:85:75:9c:e6:9b:b2:fa:f8:
         3f:8c:a6:29:c4:e2:f2:c0:82:25:52:f1:00:5a:40:8b:30:de:
         6f:e4:c1:7d:e1:2c:cb:44:6d:e5:92:f1:f7:49:5b:88:5e:d2:
         05:81:cb:85:77:14:bf:4c:7a:85:d9:0a:7d:bc:b8:dc:0b:4b:
         3f:b1:6d:3d:13:b9:dd:7a:7a:ac:b6:ad:ce:11:f3:e6:3e:ea:
         ef:4a:45:2b:10:63:48:c1:7a:26:4b:a9:0d:ee:78:0c:00:d2:
         22:4f:df:e5:96:3f:eb:19:4a:8c:45:5f:84:9d:6c:0c:20:4a:
         c2:7c:a2:bc:a3:1a:02:81:4e:32:9c:df:35:1d:9d:ec:40:d4:
         ad:da:c6:b4:7c:14:75:f7:03:44:ee:1a:a6:c8:d6:53:07:b4:
         28:f8:8f:30
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfEW4v9UGlB52AgWB4yZClZ6ep4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA3MTMxMDQ0MTFaFw0yNzA3MTIxMDQ5MTFaMDMxMTAvBgNV
BAMTKDU0REY2NkMzQUJBOUIxMEMzOEI1OTlGMDY1OEQ3QkM1Njk4OUJBRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCroII0nM6dnHq+AiWxbmVkU+zN
GJGNcxV+MNRzpApDFH+pEIIfYgyj/IJYfOeX8JyRbfxkfFEo4thEzuebiwWlQhUh
SFsT7pbxCswHrDjCGEh+Lx7n+WJNG+vnS2toN8OBg+W/TkF+VGt9Cbwyfily0lxq
LftUA/TsuAltUlRxmclmueG9FXY15C06bYTokajQi/QdqfqBKQc6hJVSZwduTSpb
9ZTbWt4E05RoJpPXr08l4EFK4hDPoIUpFbxrKZSDCKBAEUEQK/xQSVxMlsYhrJ+b
0hVpfyg0e6addpba2UnXzEYSL6fXAKx8wH/h47bTr+s2aEFg/ddwEu14FhJ1AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUVN9mw6upsQw4tZnwZY17xWmJutAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDAxNzgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAslyE
MA0GCSqGSIb3DQEBCwUAA4IBAQCo7TI2uoTfWtpE+L5oM2z39UfqfKUC5LUxbP3c
QeKN6/wq2pWdwERFUxKYbv408FEdx6Aiwip7KkVP6DKBHRlcTfQpy8h6nJSc2fAn
fJLaAowtMrxnGzlWO8+Wf6ilZEVncrOEhXWc5puy+vg/jKYpxOLywIIlUvEAWkCL
MN5v5MF94SzLRG3lkvH3SVuIXtIFgcuFdxS/THqF2Qp9vLjcC0s/sW09E7ndenqs
tq3OEfPmPurvSkUrEGNIwXomS6kN7ngMANIiT9/llj/rGUqMRV+EnWwMIErCfKK8
oxoCgU4ynN81HZ3sQNSt2sa0fBR19wNE7hqmyNZTB7Qo+I8w
-----END CERTIFICATE-----
Generated at Fri Jul 17 06:47:28 2026 by rpki-client