Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS139057.roa
File: AS139057.roa (raw, json)
Hash identifier: ZqARmIahgx7yTa6NfMKzKVL+bABw2BHU7lfmbZZrlqo=
Subject key identifier: 26:E4:FA:54:58:FC:12:70:36:AE:BD:9B:73:90:94:33:EA:04:99:7D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3C31363B5E96F9B482E9C274AFC9A5395E432EFD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS139057.roa
Signing time: Mon 23 Mar 2026 08:46:51 +0000
ROA not before: Mon 23 Mar 2026 08:41:51 +0000
ROA not after: Mon 22 Mar 2027 08:46:51 +0000
asID: 139057
IP address blocks: 82.27.176.0/24 maxlen: 24
82.27.177.0/24 maxlen: 24
82.27.178.0/24 maxlen: 24
82.27.179.0/24 maxlen: 24
82.27.180.0/24 maxlen: 24
82.27.181.0/24 maxlen: 24
82.27.182.0/24 maxlen: 24
82.27.183.0/24 maxlen: 24
82.27.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:31:36:3b:5e:96:f9:b4:82:e9:c2:74:af:c9:a5:39:5e:43:2e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 23 08:41:51 2026 GMT
Not After : Mar 22 08:46:51 2027 GMT
Subject: CN=26E4FA5458FC127036AEBD9B73909433EA04997D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:16:3d:02:ad:87:ff:93:16:da:9d:2a:9e:d2:
2b:2f:d3:4e:0d:63:cf:8e:9a:8d:38:cb:a6:fa:65:
ca:7e:b3:e8:e8:8e:86:f0:f9:9e:6f:09:78:47:e5:
c8:c9:79:8f:08:8c:5d:e2:ad:38:2e:de:aa:e3:c2:
a5:3f:57:9e:51:e0:a9:8b:7c:ff:cd:d0:bc:35:d6:
e2:a1:6a:27:9a:03:0a:a6:e1:1f:9b:9b:8b:97:1c:
04:15:90:be:4a:4f:69:06:2d:08:c3:e4:68:49:2b:
82:26:00:0f:87:54:f4:26:21:93:3b:c0:9a:e5:91:
0f:f0:3c:92:47:ba:8d:a8:5a:79:ec:de:95:a8:42:
dd:e3:d4:a1:7a:9b:ea:38:1b:a6:90:f6:b2:13:02:
83:65:22:47:49:09:ca:a4:14:27:5e:06:18:8f:b5:
09:5c:d9:21:7f:c0:1c:be:01:2e:99:b5:4f:8d:fa:
a9:10:02:33:ce:9f:ed:09:d8:f7:93:a3:9b:25:46:
97:03:cc:6e:b1:03:7d:f3:41:e0:7f:4f:37:64:48:
dd:e2:42:3b:6c:5a:15:d7:38:44:b1:bd:fa:16:f2:
a7:82:24:f9:90:c4:4e:20:29:a6:29:78:95:f2:8a:
1b:70:54:73:56:7d:19:e1:cc:31:3a:d7:80:d8:a6:
fd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E4:FA:54:58:FC:12:70:36:AE:BD:9B:73:90:94:33:EA:04:99:7D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS139057.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.27.176.0/21
82.27.188.0/24
Signature Algorithm: sha256WithRSAEncryption
66:8d:3f:34:13:14:19:18:b8:61:78:74:6d:f0:5a:cb:22:d1:
59:de:88:b2:58:81:f9:c8:48:2e:69:de:78:95:e1:4a:af:22:
0d:76:89:71:4e:5f:a2:70:07:fb:5f:5b:1d:61:20:61:53:c7:
f6:26:fa:4c:a5:39:df:9e:a1:90:59:f9:5f:83:49:87:55:06:
0e:c9:3a:d8:60:2b:09:c0:7d:7e:af:fd:3a:8e:19:25:62:52:
88:e6:86:4b:8d:96:c7:0e:a8:66:8a:51:bc:82:39:51:63:1d:
74:62:4f:15:ee:2a:0c:60:35:be:dd:30:d8:14:0d:e1:54:92:
8c:87:6e:b3:cd:be:1d:74:bc:c5:da:ec:48:e8:da:14:02:e7:
87:e5:ee:bd:d3:29:9e:4d:46:0f:ea:1c:0a:2e:df:eb:fa:e2:
c5:5a:97:0f:bb:63:28:d1:96:dd:d9:b1:8f:13:ba:b1:22:51:
16:ad:cf:7b:11:06:fd:7b:f1:b6:a6:bf:e5:b8:de:c0:a8:34:
fc:96:d5:e2:1f:66:e4:a3:90:73:21:59:72:2f:12:76:85:5c:
e2:bb:15:3c:d2:dc:0c:aa:bd:7d:b9:ec:77:2d:45:b1:c4:6d:
60:bf:e8:da:d9:34:69:f8:25:39:04:29:89:30:fb:db:d0:87:
92:5b:a0:22
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUPDE2O16W+bSC6cJ0r8mlOV5DLv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjMwODQxNTFaFw0yNzAzMjIwODQ2NTFaMDMxMTAvBgNV
BAMTKDI2RTRGQTU0NThGQzEyNzAzNkFFQkQ5QjczOTA5NDMzRUEwNDk5N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUFj0CrYf/kxbanSqe0isv004N
Y8+Omo04y6b6Zcp+s+jojobw+Z5vCXhH5cjJeY8IjF3irTgu3qrjwqU/V55R4KmL
fP/N0Lw11uKhaieaAwqm4R+bm4uXHAQVkL5KT2kGLQjD5GhJK4ImAA+HVPQmIZM7
wJrlkQ/wPJJHuo2oWnns3pWoQt3j1KF6m+o4G6aQ9rITAoNlIkdJCcqkFCdeBhiP
tQlc2SF/wBy+AS6ZtU+N+qkQAjPOn+0J2PeTo5slRpcDzG6xA33zQeB/TzdkSN3i
QjtsWhXXOESxvfoW8qeCJPmQxE4gKaYpeJXyihtwVHNWfRnhzDE614DYpv25AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUJuT6VFj8EnA2rr2bc5CUM+oEmX0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM5MDU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUhuw
AwQAUhu8MA0GCSqGSIb3DQEBCwUAA4IBAQBmjT80ExQZGLhheHRt8FrLItFZ3oiy
WIH5yEguad54leFKryINdolxTl+icAf7X1sdYSBhU8f2JvpMpTnfnqGQWflfg0mH
VQYOyTrYYCsJwH1+r/06jhklYlKI5oZLjZbHDqhmilG8gjlRYx10Yk8V7ioMYDW+
3TDYFA3hVJKMh26zzb4ddLzF2uxI6NoUAueH5e690ymeTUYP6hwKLt/r+uLFWpcP
u2Mo0Zbd2bGPE7qxIlEWrc97EQb9e/G2pr/luN7AqDT8ltXiH2bko5BzIVlyLxJ2
hVziuxU80twMqr19uex3LUWxxG1gv+ja2TRp+CU5BCmJMPvb0IeSW6Ai
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:29:16 2026 by rpki-client