Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: I4HTgO0LgecwgyTavwuXXKaM8pR/C3sK5EuNOKyw7R0=
Subject key identifier: C0:79:3C:78:C4:81:C2:46:37:D1:17:80:F9:9E:1E:4F:E6:59:43:60
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5D292B7AAECCC933BEF51B2735C16B3B7559F555
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
Signing time: Sat 09 May 2026 00:57:54 +0000
ROA not before: Sat 09 May 2026 00:52:54 +0000
ROA not after: Sat 08 May 2027 00:57:54 +0000
asID: 42831
IP address blocks: 96.62.220.0/24 maxlen: 24
140.233.165.0/24 maxlen: 24
143.14.80.0/24 maxlen: 24
143.14.93.0/24 maxlen: 24
143.14.114.0/24 maxlen: 24
143.14.136.0/24 maxlen: 24
143.14.241.0/24 maxlen: 24
146.103.28.0/24 maxlen: 24
147.79.4.0/24 maxlen: 24
148.135.174.0/24 maxlen: 24
150.241.132.0/24 maxlen: 24
150.241.133.0/24 maxlen: 24
150.241.134.0/24 maxlen: 24
150.241.137.0/24 maxlen: 24
150.241.144.0/24 maxlen: 24
150.241.238.0/24 maxlen: 24
150.241.241.0/24 maxlen: 24
155.117.110.0/24 maxlen: 24
155.117.115.0/24 maxlen: 24
155.117.196.0/24 maxlen: 24
155.117.227.0/24 maxlen: 24
155.117.244.0/24 maxlen: 24
155.117.254.0/24 maxlen: 24
162.141.11.0/24 maxlen: 24
162.141.88.0/24 maxlen: 24
162.141.104.0/24 maxlen: 24
167.148.126.0/24 maxlen: 24
167.148.144.0/24 maxlen: 24
167.148.152.0/24 maxlen: 24
167.148.157.0/24 maxlen: 24
167.148.192.0/24 maxlen: 24
167.148.202.0/24 maxlen: 24
167.148.205.0/24 maxlen: 24
167.148.211.0/24 maxlen: 24
168.222.7.0/24 maxlen: 24
168.222.108.0/24 maxlen: 24
168.222.109.0/24 maxlen: 24
168.222.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:29:2b:7a:ae:cc:c9:33:be:f5:1b:27:35:c1:6b:3b:75:59:f5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 9 00:52:54 2026 GMT
Not After : May 8 00:57:54 2027 GMT
Subject: CN=C0793C78C481C24637D11780F99E1E4FE6594360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4e:cf:22:8c:13:22:ec:ee:e3:92:55:a6:91:
1f:65:25:9f:44:a7:95:2b:e4:69:5d:0f:16:21:a4:
ca:33:55:fd:34:13:20:91:04:ed:84:ba:f3:93:50:
21:9f:ce:af:86:b1:e5:c7:97:31:ae:0f:07:41:26:
a8:c9:90:b8:74:25:48:b3:61:65:46:8c:b9:24:b9:
f9:a7:65:49:ea:a7:dc:4a:16:43:48:d0:1d:91:49:
dd:2a:fc:02:f1:0d:f8:4f:60:6d:c9:ac:3a:d1:81:
f7:0b:14:1a:52:9c:42:bd:0e:cb:29:fd:23:c9:46:
82:08:21:14:69:99:78:5c:0f:fc:27:95:43:a4:49:
d5:cf:a0:44:fb:21:a1:0d:1e:01:99:82:d3:83:4b:
1a:49:1e:67:79:a7:33:ea:c0:c2:3e:c3:0f:95:ca:
a3:77:ca:5a:be:68:0a:da:15:80:6d:04:4c:58:3c:
6d:cc:bb:10:3b:4c:82:a9:4c:6d:c2:63:05:b7:ab:
c6:1b:2f:3b:ef:d5:c9:00:93:63:ca:27:c5:17:aa:
43:4c:9c:be:6b:6b:d2:8e:42:91:82:81:9f:d0:86:
16:9d:d9:dc:b0:57:3f:d6:9a:b5:4a:a8:2a:57:dc:
10:c8:40:66:c8:d3:b1:d6:52:f0:92:b7:f5:9b:7a:
d4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:79:3C:78:C4:81:C2:46:37:D1:17:80:F9:9E:1E:4F:E6:59:43:60
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.220.0/24
140.233.165.0/24
143.14.80.0/24
143.14.93.0/24
143.14.114.0/24
143.14.136.0/24
143.14.241.0/24
146.103.28.0/24
147.79.4.0/24
148.135.174.0/24
150.241.132.0-150.241.134.255
150.241.137.0/24
150.241.144.0/24
150.241.238.0/24
150.241.241.0/24
155.117.110.0/24
155.117.115.0/24
155.117.196.0/24
155.117.227.0/24
155.117.244.0/24
155.117.254.0/24
162.141.11.0/24
162.141.88.0/24
162.141.104.0/24
167.148.126.0/24
167.148.144.0/24
167.148.152.0/24
167.148.157.0/24
167.148.192.0/24
167.148.202.0/24
167.148.205.0/24
167.148.211.0/24
168.222.7.0/24
168.222.108.0-168.222.110.255
Signature Algorithm: sha256WithRSAEncryption
a9:8f:7b:bc:9c:19:6e:d8:25:da:af:cc:59:e0:17:81:d1:b3:
11:50:ce:b3:eb:38:f7:fa:e8:d0:43:0b:95:3d:ab:aa:9e:d5:
de:ce:1c:4d:36:d8:9c:99:f4:d0:84:13:e6:c3:f0:6c:74:63:
70:a1:d4:55:2f:d6:85:6d:d7:5f:44:a5:26:38:12:3f:da:56:
86:5a:5b:7c:f0:7c:1f:72:ea:7b:a2:55:ce:84:28:54:a4:e3:
c5:2e:f5:1d:86:a9:e4:c0:73:cc:5d:08:c4:04:66:3b:ec:44:
46:3a:dc:dd:b5:f2:a8:d4:66:3a:0f:7d:99:1d:02:0e:2b:78:
a2:8c:83:73:f4:79:af:9a:38:de:2c:97:4b:95:ed:ac:08:c1:
19:8a:e8:0a:60:26:10:d3:bb:98:b9:98:d5:da:bc:3f:c2:6f:
d0:71:9a:c3:90:78:8b:78:ad:84:b2:4b:68:83:76:12:f7:39:
ed:ca:a0:e0:31:24:cb:c8:0e:ab:dc:2a:31:da:92:54:e4:64:
70:06:49:2d:41:34:50:06:24:6b:9f:26:0f:dc:26:5c:c8:ae:
0f:95:20:a3:99:a7:88:b3:f6:13:77:c9:e3:f2:bc:23:3e:d3:
cf:cf:8f:8e:01:96:40:af:fc:87:be:df:29:00:9f:a3:59:15:
a8:3b:c0:4d
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgIUXSkreq7MyTO+9RsnNcFrO3VZ9VUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDkwMDUyNTRaFw0yNzA1MDgwMDU3NTRaMDMxMTAvBgNV
BAMTKEMwNzkzQzc4QzQ4MUMyNDYzN0QxMTc4MEY5OUUxRTRGRTY1OTQzNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrTs8ijBMi7O7jklWmkR9lJZ9E
p5Ur5GldDxYhpMozVf00EyCRBO2EuvOTUCGfzq+GseXHlzGuDwdBJqjJkLh0JUiz
YWVGjLkkufmnZUnqp9xKFkNI0B2RSd0q/ALxDfhPYG3JrDrRgfcLFBpSnEK9Dssp
/SPJRoIIIRRpmXhcD/wnlUOkSdXPoET7IaENHgGZgtODSxpJHmd5pzPqwMI+ww+V
yqN3ylq+aAraFYBtBExYPG3MuxA7TIKpTG3CYwW3q8YbLzvv1ckAk2PKJ8UXqkNM
nL5ra9KOQpGCgZ/Qhhad2dywVz/WmrVKqCpX3BDIQGbI07HWUvCSt/WbetS/AgMB
AAGjggLkMIIC4DAdBgNVHQ4EFgQUwHk8eMSBwkY30ReA+Z4eT+ZZQ2AwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgfkGCCsGAQUFBwEHAQH/BIHpMIHmMIHjBAIAATCB3AME
AGA+3AMEAIzppQMEAI8OUAMEAI8OXQMEAI8OcgMEAI8OiAMEAI8O8QMEAJJnHAME
AJNPBAMEAJSHrjAMAwQClvGEAwQAlvGGAwQAlvGJAwQAlvGQAwQAlvHuAwQAlvHx
AwQAm3VuAwQAm3VzAwQAm3XEAwQAm3XjAwQAm3X0AwQAm3X+AwQAoo0LAwQAoo1Y
AwQAoo1oAwQAp5R+AwQAp5SQAwQAp5SYAwQAp5SdAwQAp5TAAwQAp5TKAwQAp5TN
AwQAp5TTAwQAqN4HMAwDBAKo3mwDBACo3m4wDQYJKoZIhvcNAQELBQADggEBAKmP
e7ycGW7YJdqvzFngF4HRsxFQzrPrOPf66NBDC5U9q6qe1d7OHE022JyZ9NCEE+bD
8Gx0Y3Ch1FUv1oVt119EpSY4Ej/aVoZaW3zwfB9y6nuiVc6EKFSk48Uu9R2GqeTA
c8xdCMQEZjvsREY63N218qjUZjoPfZkdAg4reKKMg3P0ea+aON4sl0uV7awIwRmK
6ApgJhDTu5i5mNXavD/Cb9BxmsOQeIt4rYSyS2iDdhL3Oe3KoOAxJMvIDqvcKjHa
klTkZHAGSS1BNFAGJGufJg/cJlzIrg+VIKOZp4iz9hN3yePyvCM+08/Pj44BlkCv
/Ie+3ykAn6NZFag7wE0=
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:19 2026 by rpki-client