Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401838.roa
File: AS401838.roa (raw, json)
Hash identifier: GCG7rL7nkMW0xZPHoydfmdqeG5tyjqD+TlAXP08U3X8=
Subject key identifier: BB:38:C3:09:FC:1C:BD:E3:D4:C6:8D:7D:8A:D4:E7:E9:C4:9D:6A:70
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2738DB4F346288443C8D9DD7826D7757F35368D5
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401838.roa
Signing time: Wed 17 Jun 2026 00:03:36 +0000
ROA not before: Tue 16 Jun 2026 23:58:36 +0000
ROA not after: Wed 16 Jun 2027 00:03:36 +0000
asID: 401838
IP address blocks: 46.203.107.0/24 maxlen: 24
46.203.112.0/24 maxlen: 24
46.203.114.0/24 maxlen: 24
46.203.145.0/24 maxlen: 24
46.203.146.0/24 maxlen: 24
46.203.152.0/24 maxlen: 24
46.203.156.0/24 maxlen: 24
46.203.168.0/24 maxlen: 24
46.203.169.0/24 maxlen: 24
46.203.171.0/24 maxlen: 24
46.203.174.0/24 maxlen: 24
46.203.177.0/24 maxlen: 24
46.203.179.0/24 maxlen: 24
46.203.187.0/24 maxlen: 24
46.203.199.0/24 maxlen: 24
46.203.208.0/24 maxlen: 24
46.203.227.0/24 maxlen: 24
46.203.235.0/24 maxlen: 24
91.124.242.0/24 maxlen: 24
92.112.6.0/24 maxlen: 24
92.112.8.0/24 maxlen: 24
92.112.55.0/24 maxlen: 24
92.112.62.0/24 maxlen: 24
92.112.89.0/24 maxlen: 24
92.112.142.0/24 maxlen: 24
92.113.4.0/24 maxlen: 24
92.113.6.0/24 maxlen: 24
92.113.9.0/24 maxlen: 24
92.113.15.0/24 maxlen: 24
92.113.40.0/24 maxlen: 24
95.134.114.0/23 maxlen: 24
95.134.166.0/23 maxlen: 24
95.134.184.0/24 maxlen: 24
95.134.186.0/23 maxlen: 24
95.134.193.0/24 maxlen: 24
95.134.204.0/24 maxlen: 24
95.134.206.0/24 maxlen: 24
95.134.221.0/24 maxlen: 24
95.134.223.0/24 maxlen: 24
95.135.61.0/24 maxlen: 24
95.135.72.0/24 maxlen: 24
178.92.76.0/23 maxlen: 24
178.92.180.0/22 maxlen: 24
178.92.252.0/23 maxlen: 24
178.94.167.0/24 maxlen: 24
178.94.191.0/24 maxlen: 24
178.94.244.0/22 maxlen: 24
178.95.60.0/22 maxlen: 24
178.95.77.0/24 maxlen: 24
178.95.82.0/24 maxlen: 24
178.95.172.0/23 maxlen: 24
178.95.230.0/24 maxlen: 24
178.95.236.0/24 maxlen: 24
178.95.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 21:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:38:db:4f:34:62:88:44:3c:8d:9d:d7:82:6d:77:57:f3:53:68:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 16 23:58:36 2026 GMT
Not After : Jun 16 00:03:36 2027 GMT
Subject: CN=BB38C309FC1CBDE3D4C68D7D8AD4E7E9C49D6A70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e8:00:61:41:f8:d1:0a:e9:a5:38:45:00:72:
4c:ec:cd:d4:db:70:50:66:0b:40:44:4f:2f:37:0b:
95:7a:b4:88:21:f3:e9:84:dd:ed:d2:57:bf:a9:f1:
8c:98:2a:19:bd:f2:ba:4e:d3:61:2f:c2:2e:82:95:
53:fc:05:21:4a:0b:df:e8:de:5b:82:ec:c3:94:19:
f8:2b:c4:cd:19:be:69:1e:f7:c6:7a:84:3d:f3:bc:
f3:a1:b1:2e:b0:b6:b6:95:b5:8e:ae:36:98:a7:b2:
b9:ef:a3:8a:70:c8:d9:6f:89:36:ac:15:d5:39:bd:
02:9d:23:49:cb:ef:bb:7b:eb:2c:75:75:01:f4:d5:
c5:ba:fe:bd:44:93:dc:1b:7d:93:b8:15:c7:9b:7e:
90:67:91:a7:1d:6c:1c:47:54:b1:23:d9:bc:71:da:
cc:dd:2b:18:82:48:aa:d2:40:19:9e:cc:8b:79:20:
cb:4a:a0:1b:2d:4d:35:b2:7a:37:94:ea:de:8b:af:
73:c7:f3:44:a4:57:8f:ce:49:e3:a6:40:63:eb:ef:
34:7e:35:ff:59:13:3d:57:c3:f9:9e:bf:67:ae:91:
8b:d7:e0:50:f6:ae:15:b9:f5:32:25:12:f9:0e:ea:
31:b4:77:2e:4d:d0:3a:33:aa:f1:b7:45:4c:d9:4c:
c7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:38:C3:09:FC:1C:BD:E3:D4:C6:8D:7D:8A:D4:E7:E9:C4:9D:6A:70
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.107.0/24
46.203.112.0/24
46.203.114.0/24
46.203.145.0-46.203.146.255
46.203.152.0/24
46.203.156.0/24
46.203.168.0/23
46.203.171.0/24
46.203.174.0/24
46.203.177.0/24
46.203.179.0/24
46.203.187.0/24
46.203.199.0/24
46.203.208.0/24
46.203.227.0/24
46.203.235.0/24
91.124.242.0/24
92.112.6.0/24
92.112.8.0/24
92.112.55.0/24
92.112.62.0/24
92.112.89.0/24
92.112.142.0/24
92.113.4.0/24
92.113.6.0/24
92.113.9.0/24
92.113.15.0/24
92.113.40.0/24
95.134.114.0/23
95.134.166.0/23
95.134.184.0/24
95.134.186.0/23
95.134.193.0/24
95.134.204.0/24
95.134.206.0/24
95.134.221.0/24
95.134.223.0/24
95.135.61.0/24
95.135.72.0/24
178.92.76.0/23
178.92.180.0/22
178.92.252.0/23
178.94.167.0/24
178.94.191.0/24
178.94.244.0/22
178.95.60.0/22
178.95.77.0/24
178.95.82.0/24
178.95.172.0/23
178.95.230.0/24
178.95.236.0/24
178.95.251.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:63:1d:65:9d:85:6e:7f:5f:5b:ac:97:87:26:3e:25:f9:d6:
60:2c:fe:c0:c6:2d:52:25:37:aa:c7:c1:32:af:04:9d:d7:d2:
86:62:a4:2d:cf:63:6f:48:51:5b:78:7b:9e:50:dc:e4:43:86:
21:70:d8:13:9d:0f:0a:77:85:9d:47:33:55:78:16:44:fe:0f:
1f:03:9a:94:20:28:c3:33:38:db:ff:5e:58:c1:a1:92:88:da:
70:74:ac:89:e6:cb:a2:fb:8b:94:70:e5:eb:c7:be:35:78:ff:
be:0f:01:a8:15:7d:24:c6:60:04:d9:9b:05:63:2b:6d:ad:45:
9d:66:87:d4:73:bc:e5:c2:b7:da:00:8a:e0:f2:83:7c:29:f2:
6f:aa:12:52:5b:af:c9:cb:da:a0:cd:8b:7a:db:d6:e6:e6:a7:
fc:ce:52:bc:5b:37:9c:16:eb:4e:68:c3:45:3f:73:16:60:fc:
e4:7b:36:eb:94:ce:c2:0f:44:5b:ca:83:10:81:f1:8d:e0:17:
44:67:1d:6b:6b:83:46:98:a3:42:61:a6:f0:b7:1c:51:19:54:
19:d4:17:3e:9b:a7:c3:64:55:01:c6:8b:55:52:41:19:75:79:
e1:d4:9c:b8:f4:b1:26:5d:be:46:db:33:fe:74:04:99:bc:67:
f0:e4:49:b9
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgIUJzjbTzRiiEQ8jZ3Xgm13V/NTaNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA2MTYyMzU4MzZaFw0yNzA2MTYwMDAzMzZaMDMxMTAvBgNV
BAMTKEJCMzhDMzA5RkMxQ0JERTNENEM2OEQ3RDhBRDRFN0U5QzQ5RDZBNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC46ABhQfjRCumlOEUAckzszdTb
cFBmC0BETy83C5V6tIgh8+mE3e3SV7+p8YyYKhm98rpO02Evwi6ClVP8BSFKC9/o
3luC7MOUGfgrxM0Zvmke98Z6hD3zvPOhsS6wtraVtY6uNpinsrnvo4pwyNlviTas
FdU5vQKdI0nL77t76yx1dQH01cW6/r1Ek9wbfZO4FcebfpBnkacdbBxHVLEj2bxx
2szdKxiCSKrSQBmezIt5IMtKoBstTTWyejeU6t6Lr3PH80SkV4/OSeOmQGPr7zR+
Nf9ZEz1Xw/mev2eukYvX4FD2rhW59TIlEvkO6jG0dy5N0DozqvG3RUzZTMcPAgMB
AAGjggNOMIIDSjAdBgNVHQ4EFgQUuzjDCfwcvePUxo19itTn6cSdanAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDAxODM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgAB
MIIBQAMEAC7LawMEAC7LcAMEAC7LcjAMAwQALsuRAwQALsuSAwQALsuYAwQALsuc
AwQBLsuoAwQALsurAwQALsuuAwQALsuxAwQALsuzAwQALsu7AwQALsvHAwQALsvQ
AwQALsvjAwQALsvrAwQAW3zyAwQAXHAGAwQAXHAIAwQAXHA3AwQAXHA+AwQAXHBZ
AwQAXHCOAwQAXHEEAwQAXHEGAwQAXHEJAwQAXHEPAwQAXHEoAwQBX4ZyAwQBX4am
AwQAX4a4AwQBX4a6AwQAX4bBAwQAX4bMAwQAX4bOAwQAX4bdAwQAX4bfAwQAX4c9
AwQAX4dIAwQBslxMAwQCsly0AwQBslz8AwQAsl6nAwQAsl6/AwQCsl70AwQCsl88
AwQAsl9NAwQAsl9SAwQBsl+sAwQAsl/mAwQAsl/sAwQAsl/7MA0GCSqGSIb3DQEB
CwUAA4IBAQCiYx1lnYVuf19brJeHJj4l+dZgLP7Axi1SJTeqx8EyrwSd19KGYqQt
z2NvSFFbeHueUNzkQ4YhcNgTnQ8Kd4WdRzNVeBZE/g8fA5qUICjDMzjb/15YwaGS
iNpwdKyJ5sui+4uUcOXrx741eP++DwGoFX0kxmAE2ZsFYyttrUWdZofUc7zlwrfa
AIrg8oN8KfJvqhJSW6/Jy9qgzYt629bm5qf8zlK8WzecFutOaMNFP3MWYPzkezbr
lM7CD0RbyoMQgfGN4BdEZx1ra4NGmKNCYabwtxxRGVQZ1Bc+m6fDZFUBxotVUkEZ
dXnh1Jy49LEmXb5G2zP+dASZvGfw5Em5
-----END CERTIFICATE-----
Generated at Tue Jun 30 01:23:50 2026 by rpki-client