Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS402187.roa
File: AS402187.roa (raw, json)
Hash identifier: YimtuDUVyTPCOX7kaQz2Db0l2J0eJagxGf6n6IuxD4k=
Subject key identifier: 30:47:4D:F9:A3:F3:D5:5E:DC:8C:7E:99:FE:E0:D9:92:C3:C7:30:FB
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7C16CF372DA8B2F5EB4EE9BCDDB4C6A62097D3E5
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS402187.roa
Signing time: Thu 14 May 2026 08:38:18 +0000
ROA not before: Thu 14 May 2026 08:33:18 +0000
ROA not after: Thu 13 May 2027 08:38:18 +0000
asID: 402187
IP address blocks: 91.124.86.0/24 maxlen: 24
95.134.154.0/24 maxlen: 24
95.135.251.0/24 maxlen: 24
178.92.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:16:cf:37:2d:a8:b2:f5:eb:4e:e9:bc:dd:b4:c6:a6:20:97:d3:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 14 08:33:18 2026 GMT
Not After : May 13 08:38:18 2027 GMT
Subject: CN=30474DF9A3F3D55EDC8C7E99FEE0D992C3C730FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1c:86:dc:1d:de:08:57:af:35:4a:46:b9:1f:
f9:1b:3e:ef:25:35:7c:ac:eb:82:41:ef:e2:38:03:
f7:d9:fb:a5:4b:91:fc:2d:ef:62:81:d7:c2:c4:80:
93:1c:fe:aa:c6:51:79:f9:47:93:3a:e8:c6:64:09:
0d:54:1e:52:2b:54:c9:5e:70:7d:e4:de:f8:f3:db:
e7:bb:88:ab:7b:3c:8d:4a:17:34:a3:28:57:b0:ff:
c9:81:7e:b3:15:b3:84:9e:3f:3e:a8:c1:b5:17:73:
35:5b:2d:40:b8:5b:e0:c7:3b:f5:5e:60:1f:3b:f5:
e1:61:bf:68:80:60:51:90:b4:cc:38:c5:21:a5:83:
c8:90:b0:23:a8:87:84:d5:fd:a9:67:6e:4c:0b:87:
f3:3f:d6:3d:fb:22:82:6e:88:9d:45:1e:65:68:b9:
04:dd:ef:43:da:f7:c9:03:62:2d:49:28:82:32:87:
12:42:03:af:3c:13:fd:57:d3:b7:42:ad:2e:7f:0d:
ba:c0:a4:69:6a:1f:ed:0b:9b:4b:9d:53:92:df:28:
19:c6:8e:62:74:c1:04:db:46:f3:0a:9f:2a:d1:4c:
e0:31:47:fe:3a:fe:ab:ac:ec:f8:f9:e0:19:58:0f:
76:d3:fa:8e:7b:89:17:c4:41:6d:e5:bb:5c:e6:6b:
77:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:47:4D:F9:A3:F3:D5:5E:DC:8C:7E:99:FE:E0:D9:92:C3:C7:30:FB
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS402187.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.86.0/24
95.134.154.0/24
95.135.251.0/24
178.92.140.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:2a:d5:a6:93:24:9d:3d:bf:9f:36:3b:63:62:5a:ac:c1:ec:
6b:09:41:41:95:8f:56:a3:24:fc:34:5f:23:6d:76:58:cf:e2:
67:e3:ca:e7:23:f2:e1:df:3e:2d:98:22:f5:da:4d:4a:74:4b:
df:59:b8:ba:7d:53:bb:3f:98:32:39:3c:ae:52:aa:65:7c:d8:
20:ec:28:7d:c7:80:bf:5e:c0:32:63:43:92:67:ef:19:03:f7:
b8:f2:0f:38:42:8c:f9:b2:3a:fc:ae:1b:ea:fc:34:eb:1e:05:
cd:81:5f:e4:08:04:54:46:8d:7c:50:05:6e:7d:22:e6:d6:dd:
29:14:79:7b:7c:77:4f:a9:de:d1:45:1c:a0:13:16:fe:fa:05:
9e:37:b4:fc:96:93:98:79:f1:10:55:1a:6f:1c:e2:f6:74:27:
b3:4a:77:8d:32:df:36:44:9d:ef:fe:7b:4d:77:2b:1e:6c:26:
fb:89:36:23:60:f4:a1:3c:04:30:8c:99:57:20:cd:c8:c5:14:
c4:0f:4e:ba:9b:e0:cb:73:4c:30:d2:30:50:11:d0:fa:19:b9:
db:c0:2f:d1:b0:8f:48:a2:d1:9e:07:ba:db:13:15:14:a3:33:
e6:9c:41:ec:68:9f:53:ff:67:e6:1e:7e:97:60:32:9a:3a:a1:
fa:8a:9a:98
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUfBbPNy2osvXrTum83bTGpiCX0+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MTQwODMzMThaFw0yNzA1MTMwODM4MThaMDMxMTAvBgNV
BAMTKDMwNDc0REY5QTNGM0Q1NUVEQzhDN0U5OUZFRTBEOTkyQzNDNzMwRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmHIbcHd4IV681Ska5H/kbPu8l
NXys64JB7+I4A/fZ+6VLkfwt72KB18LEgJMc/qrGUXn5R5M66MZkCQ1UHlIrVMle
cH3k3vjz2+e7iKt7PI1KFzSjKFew/8mBfrMVs4SePz6owbUXczVbLUC4W+DHO/Ve
YB879eFhv2iAYFGQtMw4xSGlg8iQsCOoh4TV/alnbkwLh/M/1j37IoJuiJ1FHmVo
uQTd70Pa98kDYi1JKIIyhxJCA688E/1X07dCrS5/DbrApGlqH+0Lm0udU5LfKBnG
jmJ0wQTbRvMKnyrRTOAxR/46/qus7Pj54BlYD3bT+o57iRfEQW3lu1zma3fPAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUMEdN+aPz1V7cjH6Z/uDZksPHMPswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDAyMTg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW3xW
AwQAX4aaAwQAX4f7AwQAslyMMA0GCSqGSIb3DQEBCwUAA4IBAQCrKtWmkySdPb+f
NjtjYlqswexrCUFBlY9WoyT8NF8jbXZYz+Jn48rnI/Lh3z4tmCL12k1KdEvfWbi6
fVO7P5gyOTyuUqplfNgg7Ch9x4C/XsAyY0OSZ+8ZA/e48g84Qoz5sjr8rhvq/DTr
HgXNgV/kCARURo18UAVufSLm1t0pFHl7fHdPqd7RRRygExb++gWeN7T8lpOYefEQ
VRpvHOL2dCezSneNMt82RJ3v/ntNdysebCb7iTYjYPShPAQwjJlXIM3IxRTED066
m+DLc0ww0jBQEdD6GbnbwC/RsI9IotGeB7rbExUUozPmnEHsaJ9T/2fmHn6XYDKa
OqH6ipqY
-----END CERTIFICATE-----
Generated at Fri May 15 14:21:39 2026 by rpki-client