Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
File: AS393942.roa (raw, json)
Hash identifier: Eo9q90mZ/wml/RuTRhC6x1b4v3Nz+op1zpYn7FMTA2M=
Subject key identifier: B9:45:D7:F0:D1:65:83:1B:C8:F1:86:5F:1E:32:53:EA:02:8D:BA:43
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1E9E7CF5A9D4A9338CCC095A6D2ABCBAE461D015
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
Signing time: Mon 11 Aug 2025 09:33:31 +0000
ROA not before: Mon 11 Aug 2025 09:28:31 +0000
ROA not after: Mon 10 Aug 2026 09:33:31 +0000
asID: 393942
IP address blocks: 82.26.202.0/24 maxlen: 24
82.29.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:9e:7c:f5:a9:d4:a9:33:8c:cc:09:5a:6d:2a:bc:ba:e4:61:d0:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 11 09:28:31 2025 GMT
Not After : Aug 10 09:33:31 2026 GMT
Subject: CN=B945D7F0D165831BC8F1865F1E3253EA028DBA43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:62:8a:7c:0c:95:a7:59:cc:2b:45:37:46:be:
bd:35:28:6b:d9:f5:ca:19:16:b2:1e:6d:41:4c:aa:
b8:af:26:b2:0b:53:69:4f:72:a0:28:c9:f2:b4:77:
85:1e:fd:fd:33:6b:47:52:9a:0c:2f:6b:6e:a3:6f:
c8:9a:bf:fa:62:94:58:21:77:f4:a4:37:82:51:9c:
89:04:78:f4:f8:16:78:7c:e1:65:df:99:cf:dc:1d:
5d:71:db:99:d0:b6:d2:87:6a:e9:2b:5b:a8:72:21:
cc:8a:d6:ab:1f:a3:51:30:38:4c:9e:b2:a1:9f:59:
d9:53:be:3f:0f:95:6e:b8:ce:e7:82:68:f5:c5:c0:
fd:83:bb:c4:d6:ed:cc:4a:15:be:c1:f8:f1:8d:3e:
78:d2:44:7d:f3:9b:5e:ac:b4:83:4a:b5:63:5a:0c:
72:c4:f6:79:af:87:fd:14:62:a9:d2:2e:e8:41:9e:
0c:7a:d9:34:fa:b0:23:00:4d:4e:b9:e3:45:0e:15:
ce:fd:ba:95:46:a0:93:55:d9:b4:e8:66:ca:74:c8:
2f:7d:3b:0e:43:8a:d4:8a:73:b0:35:1e:14:55:4f:
3f:44:c5:2a:fd:c2:92:78:d1:29:42:b6:4e:90:e7:
4d:93:30:88:7a:e4:f2:e8:e1:d1:f5:a1:60:bd:44:
6c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:45:D7:F0:D1:65:83:1B:C8:F1:86:5F:1E:32:53:EA:02:8D:BA:43
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.202.0/24
82.29.95.0/24
Signature Algorithm: sha256WithRSAEncryption
04:19:82:ec:28:09:6e:06:95:47:54:0e:98:1d:f4:a2:1d:75:
ff:00:fa:70:7c:f1:eb:a6:e4:91:d6:8b:e4:78:b7:ce:4d:70:
ef:34:f0:06:6b:b1:91:f8:09:6b:7a:5e:82:51:02:1c:60:fe:
9a:2c:ae:b1:87:70:7c:ab:67:00:7c:8b:32:0e:fd:29:6b:b4:
75:ff:6d:8b:14:ef:28:3e:d2:db:64:45:26:d3:a3:1f:bc:e7:
f1:75:fc:7a:62:fb:8b:4f:94:61:a4:7e:1d:32:12:27:3a:52:
ec:3a:9a:72:06:d8:6f:88:b1:8c:cb:6c:1e:63:12:d8:a8:ff:
1f:be:c0:c3:e8:02:1c:73:51:72:98:12:b9:26:f8:19:86:f7:
b5:2f:71:fb:c3:0c:6a:7e:8a:d7:e0:67:34:d6:84:8a:b8:6e:
60:5a:e4:ff:ba:82:6e:b3:d0:3d:af:b7:49:f7:3c:ff:d9:15:
8d:40:a9:b0:c8:ad:47:f8:14:89:89:0c:65:b8:7f:4f:46:18:
69:70:5a:0c:44:c8:24:e8:57:b1:8a:37:0a:b0:9a:76:10:71:
77:0a:a1:eb:cb:45:05:3e:25:bc:42:98:be:21:9e:b8:3e:3b:
73:c8:0c:2a:9c:ba:ec:c6:cb:99:03:b8:01:7a:0f:83:f8:d1:
2f:ac:5f:be
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUHp589anUqTOMzAlabSq8uuRh0BUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MTEwOTI4MzFaFw0yNjA4MTAwOTMzMzFaMDMxMTAvBgNV
BAMTKEI5NDVEN0YwRDE2NTgzMUJDOEYxODY1RjFFMzI1M0VBMDI4REJBNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChYop8DJWnWcwrRTdGvr01KGvZ
9coZFrIebUFMqrivJrILU2lPcqAoyfK0d4Ue/f0za0dSmgwva26jb8iav/pilFgh
d/SkN4JRnIkEePT4Fnh84WXfmc/cHV1x25nQttKHaukrW6hyIcyK1qsfo1EwOEye
sqGfWdlTvj8PlW64zueCaPXFwP2Du8TW7cxKFb7B+PGNPnjSRH3zm16stINKtWNa
DHLE9nmvh/0UYqnSLuhBngx62TT6sCMATU6540UOFc79upVGoJNV2bToZsp0yC99
Ow5DitSKc7A1HhRVTz9ExSr9wpJ40SlCtk6Q502TMIh65PLo4dH1oWC9RGzXAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUuUXX8NFlgxvI8YZfHjJT6gKNukMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzkzOTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUhrK
AwQAUh1fMA0GCSqGSIb3DQEBCwUAA4IBAQAEGYLsKAluBpVHVA6YHfSiHXX/APpw
fPHrpuSR1ovkeLfOTXDvNPAGa7GR+Alrel6CUQIcYP6aLK6xh3B8q2cAfIsyDv0p
a7R1/22LFO8oPtLbZEUm06MfvOfxdfx6YvuLT5RhpH4dMhInOlLsOppyBthviLGM
y2weYxLYqP8fvsDD6AIcc1FymBK5JvgZhve1L3H7wwxqforX4Gc01oSKuG5gWuT/
uoJus9A9r7dJ9zz/2RWNQKmwyK1H+BSJiQxluH9PRhhpcFoMRMgk6FexijcKsJp2
EHF3CqHry0UFPiW8Qpi+IZ64PjtzyAwqnLrsxsuZA7gBeg+D+NEvrF++
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:43:34 2025 by rpki-client