Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209526.roa
File: AS209526.roa (raw, json)
Hash identifier: WVWt2PeDyRiTQtXhD8UZ0uXZkGm8VFpTdgf8iqNstqc=
Subject key identifier: 30:18:1C:5D:1B:C2:81:27:58:69:4A:B9:8A:28:FA:8E:6B:04:84:F7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6B339938111CB0EED4439D31777CC8FE1F6EF9A0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209526.roa
Signing time: Fri 08 May 2026 11:43:36 +0000
ROA not before: Fri 08 May 2026 11:38:36 +0000
ROA not after: Fri 07 May 2027 11:43:36 +0000
asID: 209526
IP address blocks: 82.38.92.0/24 maxlen: 24
82.38.93.0/24 maxlen: 24
82.38.94.0/24 maxlen: 24
82.47.170.0/24 maxlen: 24
82.47.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:33:99:38:11:1c:b0:ee:d4:43:9d:31:77:7c:c8:fe:1f:6e:f9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 8 11:38:36 2026 GMT
Not After : May 7 11:43:36 2027 GMT
Subject: CN=30181C5D1BC2812758694AB98A28FA8E6B0484F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ba:31:2a:93:90:ee:97:c4:54:96:25:68:79:
47:7f:64:fd:3f:c2:82:7e:9a:86:69:41:79:fb:40:
bd:33:ab:d2:55:6b:39:fd:da:f9:ff:ca:6a:20:56:
92:5d:2e:33:5c:aa:71:20:3a:80:28:d7:ce:eb:89:
5e:53:f1:e3:07:3e:7f:7c:82:be:bf:f8:77:a1:ee:
e1:62:c6:d7:77:4a:e4:d9:21:69:39:f7:5a:22:09:
98:80:ae:e2:d7:3f:0f:41:04:0c:f2:fa:d0:5f:f0:
65:3c:65:4c:d0:02:d2:d4:b1:71:b6:36:67:09:53:
8a:e0:2a:ea:a6:7f:76:d0:1f:a0:84:64:8e:7e:eb:
2a:9b:8e:f8:4a:d3:7e:19:63:29:fa:16:78:d0:14:
0e:05:c0:4a:8a:13:43:40:fc:6e:72:04:56:36:79:
48:14:7f:19:45:a9:fc:1c:a8:3a:bc:74:42:a8:ed:
a4:c8:11:b8:50:71:6c:bb:b5:78:3f:76:d7:3d:1c:
51:2c:a3:9a:96:57:c7:01:fc:eb:a9:60:36:59:cf:
3a:5b:ed:08:0a:40:ed:16:76:04:14:45:2d:6c:86:
35:44:d8:3a:14:74:b5:47:d3:1c:a7:08:13:b1:9d:
69:76:a3:96:41:e0:ef:63:38:f2:05:87:31:8c:87:
28:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:18:1C:5D:1B:C2:81:27:58:69:4A:B9:8A:28:FA:8E:6B:04:84:F7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209526.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.92.0-82.38.94.255
82.47.170.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:f7:ce:2f:8c:64:b6:01:33:77:9b:ef:de:ec:1e:7f:81:9a:
86:26:59:8a:c3:4f:8d:df:ef:41:a5:8f:2e:f5:a9:66:56:2d:
aa:35:7b:55:fd:8d:03:5c:35:dd:67:5e:2a:6f:29:ed:e3:f3:
78:88:5b:3c:2c:e7:3c:28:cd:e0:08:c2:60:3a:95:11:73:fe:
fa:8a:4e:f4:1c:b5:df:d0:1a:36:33:c2:8d:58:6c:d5:b6:0b:
10:7f:6e:b1:02:d9:0b:b7:8d:3c:66:36:e1:c8:17:ba:0c:55:
da:03:87:d4:09:a8:c9:22:a9:a6:d4:62:85:68:e1:fa:d1:8b:
8b:05:3b:dc:21:50:34:9b:5d:e6:13:ed:71:02:0d:7f:13:7a:
9e:fb:12:32:19:c0:5b:f2:7b:4a:b4:0e:50:6f:7b:ee:c2:b1:
d0:31:59:a3:37:65:de:cd:e8:0c:ea:e9:8f:29:81:77:b9:df:
c0:bc:ff:88:b0:3f:d7:4f:30:59:8d:59:76:64:98:8d:3a:fd:
06:d0:0c:02:6e:74:73:af:d5:81:2f:a2:85:2a:1d:8f:44:00:
79:8a:ea:93:91:af:cf:9c:21:ce:50:b8:72:9e:83:5c:85:c7:
f9:c2:c9:38:01:f9:e4:7e:c5:d7:00:62:2f:ff:23:f6:68:40:
ac:73:62:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUazOZOBEcsO7UQ50xd3zI/h9u+aAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDgxMTM4MzZaFw0yNzA1MDcxMTQzMzZaMDMxMTAvBgNV
BAMTKDMwMTgxQzVEMUJDMjgxMjc1ODY5NEFCOThBMjhGQThFNkIwNDg0RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNujEqk5Dul8RUliVoeUd/ZP0/
woJ+moZpQXn7QL0zq9JVazn92vn/ymogVpJdLjNcqnEgOoAo187riV5T8eMHPn98
gr6/+Heh7uFixtd3SuTZIWk591oiCZiAruLXPw9BBAzy+tBf8GU8ZUzQAtLUsXG2
NmcJU4rgKuqmf3bQH6CEZI5+6yqbjvhK034ZYyn6FnjQFA4FwEqKE0NA/G5yBFY2
eUgUfxlFqfwcqDq8dEKo7aTIEbhQcWy7tXg/dtc9HFEso5qWV8cB/OupYDZZzzpb
7QgKQO0WdgQURS1shjVE2DoUdLVH0xynCBOxnWl2o5ZB4O9jOPIFhzGMhygdAgMB
AAGjggIYMIICFDAdBgNVHQ4EFgQUMBgcXRvCgSdYaUq5iij6jmsEhPcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA5NTI2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJS
JlwDBABSJl4DBAFSL6owDQYJKoZIhvcNAQELBQADggEBAFv3zi+MZLYBM3eb797s
Hn+BmoYmWYrDT43f70Gljy71qWZWLao1e1X9jQNcNd1nXipvKe3j83iIWzws5zwo
zeAIwmA6lRFz/vqKTvQctd/QGjYzwo1YbNW2CxB/brEC2Qu3jTxmNuHIF7oMVdoD
h9QJqMkiqabUYoVo4frRi4sFO9whUDSbXeYT7XECDX8Tep77EjIZwFvye0q0DlBv
e+7CsdAxWaM3Zd7N6Azq6Y8pgXe538C8/4iwP9dPMFmNWXZkmI06/QbQDAJudHOv
1YEvooUqHY9EAHmK6pORr8+cIc5QuHKeg1yFx/nCyTgB+eR+xdcAYi//I/ZoQKxz
Yi4=
-----END CERTIFICATE-----
Generated at Wed May 13 06:58:52 2026 by rpki-client