Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS135402.roa
File: AS135402.roa (raw, json)
Hash identifier: bm2sUiW6LTR570n9Q9k+4vyiS2qDFRo3ByD7uU+KkEM=
Subject key identifier: BC:AF:80:37:BC:E8:CF:11:C7:47:E4:BD:72:26:FA:52:86:73:E7:71
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 739E5ABAD77889F460385ED819A5F211AA0DA17C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS135402.roa
Signing time: Mon 23 Mar 2026 14:34:50 +0000
ROA not before: Mon 23 Mar 2026 14:29:50 +0000
ROA not after: Mon 22 Mar 2027 14:34:50 +0000
asID: 135402
IP address blocks: 82.21.204.0/24 maxlen: 24
82.24.120.0/24 maxlen: 24
178.83.101.0/24 maxlen: 24
178.83.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:9e:5a:ba:d7:78:89:f4:60:38:5e:d8:19:a5:f2:11:aa:0d:a1:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 23 14:29:50 2026 GMT
Not After : Mar 22 14:34:50 2027 GMT
Subject: CN=BCAF8037BCE8CF11C747E4BD7226FA528673E771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c4:9d:1a:5b:d3:d3:99:82:be:87:cf:06:33:
3e:db:10:01:d1:2a:0a:fe:47:ba:30:91:a3:95:55:
96:68:45:ce:ae:49:13:40:e7:11:69:01:f8:59:62:
67:df:c0:ac:66:79:c7:4f:9c:29:bd:ab:be:b1:b9:
00:51:21:98:55:04:0d:57:07:74:43:14:56:0c:7a:
51:a9:50:5a:c2:2d:62:46:91:66:15:a0:a8:16:65:
53:c7:9c:bd:4e:51:4e:ee:8c:e3:36:bc:f7:a4:32:
20:84:66:a7:85:32:d7:de:74:11:ea:fa:bf:71:e0:
4e:41:9e:3d:5a:0d:0d:7d:f0:68:d5:ae:81:fb:d1:
6e:c6:5f:02:05:8a:05:3d:f4:b8:4e:41:80:5c:3d:
ad:c5:95:93:04:55:44:38:e6:4f:35:35:37:26:ef:
7e:e3:e5:59:7a:64:1e:f2:96:e5:d0:bf:f9:ff:5c:
60:e7:35:e8:ea:27:a4:18:16:25:d5:38:a8:6b:ce:
4a:57:8d:7a:51:f1:d5:86:ba:d7:f8:34:3b:26:c6:
e0:71:fb:23:ca:5c:be:ac:2e:5c:99:44:4a:00:ca:
7b:3e:37:ad:63:0a:fa:52:96:e3:0b:2c:e0:fb:7d:
93:75:b3:65:35:94:21:9d:4a:dd:7c:c6:fc:b4:8e:
1a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AF:80:37:BC:E8:CF:11:C7:47:E4:BD:72:26:FA:52:86:73:E7:71
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS135402.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.204.0/24
82.24.120.0/24
178.83.101.0/24
178.83.195.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:b6:f2:4f:1c:e9:f9:24:af:f0:21:b6:11:4e:e4:5c:9c:f8:
dc:af:16:91:00:84:f6:78:8d:8b:58:db:27:89:ab:86:94:93:
7a:37:e8:9f:81:ca:ee:a9:48:bc:f0:d9:0c:3b:98:db:68:60:
df:49:3f:70:33:d4:bc:0c:08:df:28:87:d7:b3:1e:20:b9:a6:
d8:7c:41:18:26:47:8a:57:12:da:19:b3:6e:05:55:28:b8:c6:
4a:e2:70:c4:91:95:e7:00:bb:e6:9a:a4:42:47:a7:98:57:80:
0a:6e:71:b9:7a:7f:91:dd:e7:95:fd:67:ed:5c:e2:20:54:f2:
d6:5f:06:17:0f:79:63:3a:e2:e0:b1:27:9f:92:ba:53:e6:04:
20:ce:36:65:ed:33:47:a4:13:a7:a0:c3:bc:69:40:50:5b:fb:
f2:d4:49:87:b6:f6:f8:d8:c3:86:ba:f2:29:aa:5c:1d:49:44:
60:cd:ea:5c:60:30:ae:bc:4c:11:d5:1d:30:7a:af:e9:ce:d0:
4d:86:96:8a:60:84:67:ef:b0:16:03:23:a2:41:63:0f:bc:b0:
8e:1b:fe:90:8a:bf:e9:90:a8:55:ad:b4:12:76:a0:a1:44:fa:
49:96:fd:69:d4:6a:e6:d1:23:fc:53:12:bc:81:c1:9a:f6:35:
f4:46:84:97
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUc55autd4ifRgOF7YGaXyEaoNoXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjMxNDI5NTBaFw0yNzAzMjIxNDM0NTBaMDMxMTAvBgNV
BAMTKEJDQUY4MDM3QkNFOENGMTFDNzQ3RTRCRDcyMjZGQTUyODY3M0U3NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYxJ0aW9PTmYK+h88GMz7bEAHR
Kgr+R7owkaOVVZZoRc6uSRNA5xFpAfhZYmffwKxmecdPnCm9q76xuQBRIZhVBA1X
B3RDFFYMelGpUFrCLWJGkWYVoKgWZVPHnL1OUU7ujOM2vPekMiCEZqeFMtfedBHq
+r9x4E5Bnj1aDQ198GjVroH70W7GXwIFigU99LhOQYBcPa3FlZMEVUQ45k81NTcm
737j5Vl6ZB7yluXQv/n/XGDnNejqJ6QYFiXVOKhrzkpXjXpR8dWGutf4NDsmxuBx
+yPKXL6sLlyZREoAyns+N61jCvpSluMLLOD7fZN1s2U1lCGdSt18xvy0jhqrAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUvK+AN7zozxHHR+S9cib6UoZz53EwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM1NDAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhXM
AwQAUhh4AwQAslNlAwQAslPDMA0GCSqGSIb3DQEBCwUAA4IBAQCntvJPHOn5JK/w
IbYRTuRcnPjcrxaRAIT2eI2LWNsniauGlJN6N+ifgcruqUi88NkMO5jbaGDfST9w
M9S8DAjfKIfXsx4guabYfEEYJkeKVxLaGbNuBVUouMZK4nDEkZXnALvmmqRCR6eY
V4AKbnG5en+R3eeV/WftXOIgVPLWXwYXD3ljOuLgsSefkrpT5gQgzjZl7TNHpBOn
oMO8aUBQW/vy1EmHtvb42MOGuvIpqlwdSURgzepcYDCuvEwR1R0weq/pztBNhpaK
YIRn77AWAyOiQWMPvLCOG/6Qir/pkKhVrbQSdqChRPpJlv1p1Grm0SP8UxK8gcGa
9jX0RoSX
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:29:19 2026 by rpki-client