Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395092.roa
File: AS395092.roa (raw, json)
Hash identifier: Feba9f5L412yGPF+VjmDh4b/YG+aX1vIBFuXMHp5CbA=
Subject key identifier: DB:62:0A:EB:B6:F0:0E:38:60:5E:30:C3:14:16:8B:C3:DF:03:10:CD
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3CC1E7362F6D4031D7229408483D76479F6373C4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395092.roa
Signing time: Wed 16 Apr 2025 11:21:36 +0000
ROA not before: Wed 16 Apr 2025 11:16:36 +0000
ROA not after: Wed 15 Apr 2026 11:21:36 +0000
asID: 395092
IP address blocks: 82.21.228.0/24 maxlen: 24
82.21.239.0/24 maxlen: 24
82.22.211.0/24 maxlen: 24
82.22.235.0/24 maxlen: 24
82.23.203.0/24 maxlen: 24
82.23.206.0/24 maxlen: 24
82.23.222.0/24 maxlen: 24
82.23.226.0/24 maxlen: 24
82.24.212.0/24 maxlen: 24
82.24.238.0/24 maxlen: 24
82.25.239.0/24 maxlen: 24
82.26.208.0/24 maxlen: 24
82.26.212.0/24 maxlen: 24
82.26.218.0/24 maxlen: 24
82.26.236.0/24 maxlen: 24
82.26.238.0/24 maxlen: 24
82.27.240.0/24 maxlen: 24
82.29.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 13:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:c1:e7:36:2f:6d:40:31:d7:22:94:08:48:3d:76:47:9f:63:73:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 16 11:16:36 2025 GMT
Not After : Apr 15 11:21:36 2026 GMT
Subject: CN=DB620AEBB6F00E38605E30C314168BC3DF0310CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:36:11:6e:48:39:e9:a7:f3:9a:af:0b:2f:d0:
d5:30:33:c5:54:eb:1c:81:9e:49:37:91:c4:2a:46:
0e:2c:ea:40:f3:e8:15:cd:dd:60:59:32:3c:e3:5e:
53:62:73:ab:c2:47:21:48:1f:dd:3f:3e:da:83:42:
76:a0:a4:b2:69:39:3a:87:09:26:af:2a:91:fe:e4:
c5:64:94:6a:0e:ee:21:4c:61:7a:a6:2e:93:06:87:
c3:d8:fd:ab:ee:20:6d:1b:3e:21:a4:f2:d9:de:b7:
93:89:7b:65:1a:f7:64:e5:1c:61:2d:35:93:36:42:
6c:73:dc:ca:04:fb:99:12:e4:d3:6a:42:b2:01:24:
ce:de:d8:f4:24:7e:8e:5c:9a:0c:84:63:fa:4b:43:
c4:16:b9:e8:47:e9:14:d0:5a:d0:ff:ed:c7:19:87:
c0:0e:7b:7f:0f:a5:1e:13:fa:4c:80:d2:94:57:a9:
ce:12:4e:e1:c7:db:49:e0:98:6f:d4:c3:11:e5:c5:
be:32:f3:c6:56:33:e9:02:3e:71:a5:5e:7e:05:9e:
51:64:84:00:7f:f0:f7:0f:10:1d:0e:ad:25:44:06:
e4:3a:0f:f5:a8:83:3b:a3:36:7a:55:a7:49:90:cc:
6e:a9:98:17:84:e2:da:39:4f:b1:38:3c:ae:de:10:
43:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:62:0A:EB:B6:F0:0E:38:60:5E:30:C3:14:16:8B:C3:DF:03:10:CD
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395092.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.228.0/24
82.21.239.0/24
82.22.211.0/24
82.22.235.0/24
82.23.203.0/24
82.23.206.0/24
82.23.222.0/24
82.23.226.0/24
82.24.212.0/24
82.24.238.0/24
82.25.239.0/24
82.26.208.0/24
82.26.212.0/24
82.26.218.0/24
82.26.236.0/24
82.26.238.0/24
82.27.240.0/24
82.29.234.0/24
Signature Algorithm: sha256WithRSAEncryption
03:04:88:9f:94:45:82:5e:4d:00:05:9f:ff:1a:c1:40:71:ce:
bf:12:07:a7:76:4b:54:e0:6f:e9:50:13:54:55:ac:ba:a4:2c:
88:ee:19:b0:b6:33:09:47:b8:ec:07:4d:78:bd:e0:c6:91:8f:
c7:a3:bb:44:0a:9c:24:16:6f:40:67:8e:2b:72:72:8c:5a:6f:
fb:8c:65:d0:f4:2e:64:05:f1:ff:02:69:79:18:3d:32:2d:ec:
c0:52:9a:24:01:76:07:42:61:5b:8c:0b:20:37:d9:9e:5a:84:
b9:63:66:2e:7c:ac:56:24:59:b5:e1:c5:b7:19:66:be:c9:c0:
06:41:3e:78:4b:51:00:d8:38:e3:8e:13:20:f1:c4:d1:a6:38:
45:11:08:5a:38:d4:7a:5b:5b:a5:1c:4c:1a:d0:85:dc:6e:2a:
64:90:53:30:ac:58:75:d0:bc:da:bd:d4:3a:0a:f4:1a:39:ff:
cf:02:4f:b2:42:fb:1e:f3:9c:d8:7e:9c:83:d0:20:ad:bf:9a:
ff:fc:63:03:c3:30:05:dc:9a:0f:08:29:ea:e9:5a:ce:31:1e:
da:66:ee:00:7f:af:3e:5d:7b:00:2b:ab:11:0d:07:a7:4a:90:
4d:a9:b3:c5:fd:de:f9:4a:3b:73:b4:71:ab:80:ff:bc:47:88:
d1:78:30:4f
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIUPMHnNi9tQDHXIpQISD12R59jc8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MTYxMTE2MzZaFw0yNjA0MTUxMTIxMzZaMDMxMTAvBgNV
BAMTKERCNjIwQUVCQjZGMDBFMzg2MDVFMzBDMzE0MTY4QkMzREYwMzEwQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNhFuSDnpp/Oarwsv0NUwM8VU
6xyBnkk3kcQqRg4s6kDz6BXN3WBZMjzjXlNic6vCRyFIH90/PtqDQnagpLJpOTqH
CSavKpH+5MVklGoO7iFMYXqmLpMGh8PY/avuIG0bPiGk8tnet5OJe2Ua92TlHGEt
NZM2Qmxz3MoE+5kS5NNqQrIBJM7e2PQkfo5cmgyEY/pLQ8QWuehH6RTQWtD/7ccZ
h8AOe38PpR4T+kyA0pRXqc4STuHH20ngmG/UwxHlxb4y88ZWM+kCPnGlXn4FnlFk
hAB/8PcPEB0OrSVEBuQ6D/WogzujNnpVp0mQzG6pmBeE4to5T7E4PK7eEENxAgMB
AAGjggJxMIICbTAdBgNVHQ4EFgQU22IK67bwDjhgXjDDFBaLw98DEM0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1MDkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAFIV
5AMEAFIV7wMEAFIW0wMEAFIW6wMEAFIXywMEAFIXzgMEAFIX3gMEAFIX4gMEAFIY
1AMEAFIY7gMEAFIZ7wMEAFIa0AMEAFIa1AMEAFIa2gMEAFIa7AMEAFIa7gMEAFIb
8AMEAFId6jANBgkqhkiG9w0BAQsFAAOCAQEAAwSIn5RFgl5NAAWf/xrBQHHOvxIH
p3ZLVOBv6VATVFWsuqQsiO4ZsLYzCUe47AdNeL3gxpGPx6O7RAqcJBZvQGeOK3Jy
jFpv+4xl0PQuZAXx/wJpeRg9Mi3swFKaJAF2B0JhW4wLIDfZnlqEuWNmLnysViRZ
teHFtxlmvsnABkE+eEtRANg4444TIPHE0aY4RREIWjjUeltbpRxMGtCF3G4qZJBT
MKxYddC82r3UOgr0Gjn/zwJPskL7HvOc2H6cg9Agrb+a//xjA8MwBdyaDwgp6ula
zjEe2mbuAH+vPl17ACurEQ0Hp0qQTamzxf3e+Uo7c7Rxq4D/vEeI0XgwTw==
-----END CERTIFICATE-----
Generated at Mon May 5 23:28:05 2025 by rpki-client