
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
File: AS393942.roa (raw, json)
Hash identifier: 3nRnZwGZkKlHOjGJ7RaZazKhLsnb8sjh9DL9vwWC+Pw=
Subject key identifier: 33:AF:9C:D1:3A:9D:96:28:B2:58:42:50:97:3D:14:4F:9C:66:03:14
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 790A77ECE64C85C7A0819ACAE846D7291270BB13
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
Signing time: Thu 11 Sep 2025 00:09:09 +0000
ROA not before: Thu 11 Sep 2025 00:04:09 +0000
ROA not after: Thu 10 Sep 2026 00:09:09 +0000
asID: 393942
IP address blocks: 82.29.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:0a:77:ec:e6:4c:85:c7:a0:81:9a:ca:e8:46:d7:29:12:70:bb:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 11 00:04:09 2025 GMT
Not After : Sep 10 00:09:09 2026 GMT
Subject: CN=33AF9CD13A9D9628B2584250973D144F9C660314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:68:81:1d:47:83:ee:d2:9c:3c:a6:80:bc:a9:
39:a0:0b:5e:99:9b:25:92:bb:f6:12:45:8d:73:cb:
22:bf:57:dd:a2:f7:42:3c:c6:25:3e:f9:8d:52:99:
af:fb:92:e7:f1:6d:b4:5a:59:92:fe:ac:e3:dd:84:
8e:e9:1b:89:eb:34:f9:d7:06:72:6b:71:eb:67:ff:
8b:1e:d2:78:e4:e1:d2:2f:e0:51:2b:e1:9f:d3:6a:
9c:40:63:0c:30:f7:09:e9:1e:99:77:c4:3e:c1:b8:
af:df:0d:64:3e:69:a3:4e:77:c2:cf:23:6f:f1:1a:
1b:d5:22:b8:7e:36:58:79:b0:c7:02:22:5f:06:c6:
92:7f:17:91:eb:60:b0:df:50:ae:92:44:aa:2c:e7:
60:d7:3c:9f:61:1e:36:e7:67:db:64:16:b3:12:3b:
5a:c0:0b:1e:e3:0a:cc:5b:1c:7c:c3:d3:a8:b5:98:
62:07:7f:51:51:e0:83:0a:f3:a1:b2:65:d1:01:a7:
7e:a4:56:5d:37:12:83:8f:9d:2b:9a:4a:5a:80:48:
e3:cb:82:47:c0:33:de:91:09:94:93:09:ea:bb:57:
4f:89:e4:5a:a2:c8:2b:19:1b:bc:43:60:0c:90:b6:
36:31:cf:51:05:db:d9:7e:fc:db:8d:5c:97:b6:31:
66:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:AF:9C:D1:3A:9D:96:28:B2:58:42:50:97:3D:14:4F:9C:66:03:14
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.95.0/24
Signature Algorithm: sha256WithRSAEncryption
53:56:28:bf:33:25:b0:a2:83:81:fb:51:7f:f3:5d:20:28:15:
ec:33:ab:21:f7:11:2e:13:ed:3c:22:73:bc:6b:af:00:20:d7:
a8:55:36:5f:ee:8e:78:63:cb:91:d9:3b:c2:00:b5:e7:f0:d6:
c7:51:ab:7e:50:4b:59:97:bc:c6:80:c5:41:17:c0:ab:fb:c2:
92:78:13:9e:87:a8:7a:df:72:06:d5:d2:56:66:46:c8:47:8d:
a0:6b:e6:40:45:80:d3:e9:da:0c:42:88:3e:dc:97:a6:f8:8a:
c7:fe:13:df:5a:fc:30:5f:85:b1:fa:07:99:e2:d7:d4:b3:1a:
22:28:1e:c3:00:9d:e8:37:c4:20:67:80:80:1b:ce:40:32:a8:
87:24:a7:5d:bf:e8:ab:50:34:0e:07:3a:46:c9:c6:4d:4d:09:
32:fe:99:f9:34:86:38:6f:29:f7:d1:26:4f:7e:9a:f1:c5:f3:
64:09:39:6b:64:5e:e9:d0:f3:81:0a:d3:78:4f:95:d0:fd:96:
95:52:40:42:87:d9:5f:3f:2b:e1:cb:89:a4:d3:00:23:73:c2:
fb:f5:76:10:05:13:70:fd:b2:3a:f6:fe:46:f6:8c:1d:2b:d3:
e7:f3:a6:90:0f:c6:10:23:eb:a4:55:ba:fc:b9:9b:d7:ea:56:
1a:7a:fe:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUeQp37OZMhceggZrK6EbXKRJwuxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MTEwMDA0MDlaFw0yNjA5MTAwMDA5MDlaMDMxMTAvBgNV
BAMTKDMzQUY5Q0QxM0E5RDk2MjhCMjU4NDI1MDk3M0QxNDRGOUM2NjAzMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvaIEdR4Pu0pw8poC8qTmgC16Z
myWSu/YSRY1zyyK/V92i90I8xiU++Y1Sma/7kufxbbRaWZL+rOPdhI7pG4nrNPnX
BnJrcetn/4se0njk4dIv4FEr4Z/TapxAYwww9wnpHpl3xD7BuK/fDWQ+aaNOd8LP
I2/xGhvVIrh+Nlh5sMcCIl8GxpJ/F5HrYLDfUK6SRKos52DXPJ9hHjbnZ9tkFrMS
O1rACx7jCsxbHHzD06i1mGIHf1FR4IMK86GyZdEBp36kVl03EoOPnSuaSlqASOPL
gkfAM96RCZSTCeq7V0+J5FqiyCsZG7xDYAyQtjYxz1EF29l+/NuNXJe2MWZFAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUM6+c0TqdliiyWEJQlz0UT5xmAxQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzkzOTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUh1f
MA0GCSqGSIb3DQEBCwUAA4IBAQBTVii/MyWwooOB+1F/810gKBXsM6sh9xEuE+08
InO8a68AINeoVTZf7o54Y8uR2TvCALXn8NbHUat+UEtZl7zGgMVBF8Cr+8KSeBOe
h6h633IG1dJWZkbIR42ga+ZARYDT6doMQog+3Jem+IrH/hPfWvwwX4Wx+geZ4tfU
sxoiKB7DAJ3oN8QgZ4CAG85AMqiHJKddv+irUDQOBzpGycZNTQky/pn5NIY4byn3
0SZPfprxxfNkCTlrZF7p0POBCtN4T5XQ/ZaVUkBCh9lfPyvhy4mk0wAjc8L79XYQ
BRNw/bI69v5G9owdK9Pn86aQD8YQI+ukVbr8uZvX6lYaev5V
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:50:45 2025 by rpki-client