Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
File: AS13335.roa (raw, json)
Hash identifier: 55jVsp2xrDnoEqc3ovRcPUOncUnsYrg2Qbi8vVv98GU=
Subject key identifier: D3:48:18:48:73:53:CC:D8:E0:C2:91:93:91:79:66:0F:A4:E8:EE:5C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 21B36AAAF1BB7D30FA0194D8057D3F19A1CFD197
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
Signing time: Wed 04 Mar 2026 16:20:02 +0000
ROA not before: Wed 04 Mar 2026 16:15:02 +0000
ROA not after: Wed 03 Mar 2027 16:20:02 +0000
asID: 13335
IP address blocks: 82.21.82.0/24 maxlen: 24
82.22.16.0/24 maxlen: 24
82.24.40.0/24 maxlen: 24
82.26.156.0/24 maxlen: 24
82.39.142.0/24 maxlen: 24
82.40.22.0/24 maxlen: 24
2a13:9500:3e::/48 maxlen: 48
2a13:9500:b7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b3:6a:aa:f1:bb:7d:30:fa:01:94:d8:05:7d:3f:19:a1:cf:d1:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 4 16:15:02 2026 GMT
Not After : Mar 3 16:20:02 2027 GMT
Subject: CN=D34818487353CCD8E0C291939179660FA4E8EE5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c6:f9:b2:2e:19:5f:e7:08:7d:e7:33:e0:7f:
40:c5:fe:ac:67:9c:91:ea:84:3d:45:62:2c:55:e8:
22:92:1f:27:8e:7f:b6:e1:3d:e6:77:93:fd:f5:20:
44:83:5a:27:bb:11:8c:42:b4:6e:56:f2:8a:56:72:
04:62:2a:3c:5d:20:9b:17:81:25:22:c0:a6:28:13:
1e:9c:40:92:71:8d:91:f6:37:fd:1d:01:63:a6:e7:
3d:0b:20:dd:07:ab:e0:90:b1:c0:81:84:a1:35:e7:
af:76:fc:2d:67:17:2d:f4:f2:ce:e7:0f:87:c1:4d:
82:a4:1c:56:7f:19:95:a8:1d:50:f8:e3:ce:47:f5:
3e:77:2b:87:4b:ed:bc:05:58:35:26:35:5b:11:e8:
d2:e7:bc:9b:09:c7:d8:e9:df:6d:ce:59:ff:66:81:
2f:79:01:cf:f9:62:5c:cb:d6:5e:fc:08:92:2e:1a:
64:e6:32:c3:90:1a:2d:ef:3c:c1:98:09:00:7d:5c:
da:19:ad:0d:b4:37:21:ec:63:ae:58:6e:25:d9:dc:
17:3c:6c:cb:03:e9:0a:61:7d:e1:5f:f8:4d:19:a3:
d7:c2:d2:2b:27:59:bf:4d:2d:e4:39:d1:f4:0e:7e:
1e:be:1f:7e:b5:9f:70:3c:14:d4:fa:95:a0:f4:34:
d5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:48:18:48:73:53:CC:D8:E0:C2:91:93:91:79:66:0F:A4:E8:EE:5C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.82.0/24
82.22.16.0/24
82.24.40.0/24
82.26.156.0/24
82.39.142.0/24
82.40.22.0/24
IPv6:
2a13:9500:3e::/48
2a13:9500:b7::/48
Signature Algorithm: sha256WithRSAEncryption
54:44:cb:75:bb:82:ab:24:c2:af:60:31:f8:7a:88:86:5f:20:
d9:bd:b7:91:4a:18:e9:fc:5d:ac:1a:a6:5c:6a:72:38:93:b1:
af:0b:c1:06:ca:48:99:35:93:ef:da:d9:ff:fd:94:ef:f8:e6:
1a:42:bd:8e:50:75:81:c9:e4:ee:da:bd:74:4c:68:cf:cc:68:
e1:b6:9b:b3:a7:0a:0c:a9:8d:e0:1e:f3:1c:f9:d1:e5:5c:01:
47:dd:c2:a2:13:0b:14:4a:b8:c4:07:53:9e:f9:3a:f6:cb:e0:
6e:75:2c:36:54:69:be:2d:71:15:6e:b0:ca:f4:55:a6:85:6b:
68:24:31:b2:67:e8:bf:f3:9a:e7:f9:58:f1:52:f4:54:23:ac:
06:ff:17:92:fe:c2:ad:35:c0:27:59:3d:7a:21:a0:92:a3:96:
bc:04:e0:06:96:36:e2:5a:7c:1f:f0:6c:54:e0:73:fb:4f:56:
f9:f3:41:38:a7:99:e0:51:7f:fd:ce:e9:02:30:7a:76:bf:ad:
6d:8d:93:77:d6:53:15:65:5c:01:9a:05:36:11:e2:43:50:87:
da:0b:f9:e9:78:f6:c1:81:5f:2b:7e:77:50:b8:f4:9a:7c:e7:
7f:6a:6c:ce:38:93:29:a3:4c:fb:42:93:48:75:b0:98:cf:2b:
4c:a5:49:1f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIbNqqvG7fTD6AZTYBX0/GaHP0ZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDQxNjE1MDJaFw0yNzAzMDMxNjIwMDJaMDMxMTAvBgNV
BAMTKEQzNDgxODQ4NzM1M0NDRDhFMEMyOTE5MzkxNzk2NjBGQTRFOEVFNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRxvmyLhlf5wh95zPgf0DF/qxn
nJHqhD1FYixV6CKSHyeOf7bhPeZ3k/31IESDWie7EYxCtG5W8opWcgRiKjxdIJsX
gSUiwKYoEx6cQJJxjZH2N/0dAWOm5z0LIN0Hq+CQscCBhKE15692/C1nFy308s7n
D4fBTYKkHFZ/GZWoHVD4485H9T53K4dL7bwFWDUmNVsR6NLnvJsJx9jp323OWf9m
gS95Ac/5YlzL1l78CJIuGmTmMsOQGi3vPMGYCQB9XNoZrQ20NyHsY65YbiXZ3Bc8
bMsD6QphfeFf+E0Zo9fC0isnWb9NLeQ50fQOfh6+H361n3A8FNT6laD0NNUDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU00gYSHNTzNjgwpGTkXlmD6To7lwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMCoEAgABMCQDBABSFVID
BABSFhADBABSGCgDBABSGpwDBABSJ44DBABSKBYwGAQCAAIwEgMHACoTlQAAPgMH
ACoTlQAAtzANBgkqhkiG9w0BAQsFAAOCAQEAVETLdbuCqyTCr2Ax+HqIhl8g2b23
kUoY6fxdrBqmXGpyOJOxrwvBBspImTWT79rZ//2U7/jmGkK9jlB1gcnk7tq9dExo
z8xo4babs6cKDKmN4B7zHPnR5VwBR93CohMLFEq4xAdTnvk69svgbnUsNlRpvi1x
FW6wyvRVpoVraCQxsmfov/Oa5/lY8VL0VCOsBv8Xkv7CrTXAJ1k9eiGgkqOWvATg
BpY24lp8H/BsVOBz+09W+fNBOKeZ4FF//c7pAjB6dr+tbY2Td9ZTFWVcAZoFNhHi
Q1CH2gv56Xj2wYFfK353ULj0mnznf2pszjiTKaNM+0KTSHWwmM8rTKVJHw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:19 2026 by rpki-client