Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395092.roa
File: AS395092.roa (raw, json)
Hash identifier: h3bicJP/UEemeHmxOVW0W3KoIuW7zGy0QkisjFHJYqs=
Subject key identifier: 8E:A8:59:5B:6E:37:D0:C1:E9:21:11:49:59:5B:3E:B2:D5:CC:AB:5E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5B7AA6422F1B6864A6A0B078279944297A8C6DB8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395092.roa
Signing time: Wed 18 Mar 2026 11:46:48 +0000
ROA not before: Wed 18 Mar 2026 11:41:48 +0000
ROA not after: Wed 17 Mar 2027 11:46:48 +0000
asID: 395092
IP address blocks: 82.21.228.0/24 maxlen: 24
82.21.239.0/24 maxlen: 24
82.22.211.0/24 maxlen: 24
82.22.235.0/24 maxlen: 24
82.23.203.0/24 maxlen: 24
82.23.206.0/24 maxlen: 24
82.23.222.0/24 maxlen: 24
82.23.226.0/24 maxlen: 24
82.24.212.0/24 maxlen: 24
82.24.238.0/24 maxlen: 24
82.25.239.0/24 maxlen: 24
82.26.208.0/24 maxlen: 24
82.26.212.0/24 maxlen: 24
82.26.218.0/24 maxlen: 24
82.26.236.0/24 maxlen: 24
82.26.238.0/24 maxlen: 24
82.27.240.0/24 maxlen: 24
82.29.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:7a:a6:42:2f:1b:68:64:a6:a0:b0:78:27:99:44:29:7a:8c:6d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 18 11:41:48 2026 GMT
Not After : Mar 17 11:46:48 2027 GMT
Subject: CN=8EA8595B6E37D0C1E9211149595B3EB2D5CCAB5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ff:a4:06:54:85:08:29:bc:4c:a9:39:e3:fe:
1b:5a:b2:7e:83:57:e1:a6:e8:37:2f:f0:04:72:57:
e1:fb:9d:b9:41:3e:50:72:c6:4b:0f:9d:d3:1f:68:
ae:b0:be:0d:17:35:83:f0:9d:f1:7b:54:02:c8:f1:
7d:82:36:75:68:90:e5:8a:bc:12:5a:14:0b:80:a6:
e1:e6:4b:bb:76:78:5f:93:97:08:41:95:05:75:e8:
80:f4:05:dd:ed:5d:51:d0:02:a0:87:1c:b1:83:43:
70:e3:2e:32:8e:35:9c:ec:35:2f:e6:d5:c8:63:ce:
b7:d7:4a:30:3a:ac:0b:0a:85:bb:98:3e:bd:fe:10:
cf:a4:52:30:fb:d6:ff:0a:59:d1:d1:d7:75:96:8b:
6f:bc:17:37:6b:ff:17:c5:27:e3:4f:59:b9:84:d0:
4e:83:bd:55:ca:b4:27:e4:9e:57:ac:cd:b9:8c:cb:
eb:60:c1:b4:15:83:d1:aa:0b:39:f8:5d:9d:0e:0f:
ae:33:ed:84:61:cb:0f:8c:0d:0f:83:1b:81:a3:73:
c2:5d:f9:18:d2:63:de:6c:10:31:26:1b:73:29:f5:
fe:e7:fe:a0:0b:c7:49:f3:70:f9:0e:5c:ed:1d:89:
ed:b4:25:54:cc:bc:6a:c8:1a:92:f3:66:20:bc:39:
f3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A8:59:5B:6E:37:D0:C1:E9:21:11:49:59:5B:3E:B2:D5:CC:AB:5E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395092.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.228.0/24
82.21.239.0/24
82.22.211.0/24
82.22.235.0/24
82.23.203.0/24
82.23.206.0/24
82.23.222.0/24
82.23.226.0/24
82.24.212.0/24
82.24.238.0/24
82.25.239.0/24
82.26.208.0/24
82.26.212.0/24
82.26.218.0/24
82.26.236.0/24
82.26.238.0/24
82.27.240.0/24
82.29.234.0/24
Signature Algorithm: sha256WithRSAEncryption
36:b9:19:da:ff:f9:be:77:4b:3f:79:e0:11:ed:3b:e4:35:50:
2a:6f:28:e4:52:f7:7e:38:a5:20:0f:29:b1:b3:66:7b:c7:7a:
f0:f5:b5:ad:44:bb:b9:52:e7:c2:f3:e6:d4:eb:63:7a:ba:db:
27:97:73:f8:a1:a6:78:48:d5:9d:c0:2a:0c:71:f8:f7:af:e8:
12:0c:96:e8:0e:ab:2e:2a:52:88:e9:15:97:0d:07:b3:3c:3a:
10:b6:e9:c4:16:c2:9f:99:2f:9e:3e:b9:93:65:de:68:78:65:
b8:f3:ca:c5:c2:f7:b3:b4:9f:49:47:e9:52:db:1d:2c:f5:ad:
2a:63:ea:50:b0:a7:0b:d3:ca:08:bd:43:7b:7e:4d:93:78:33:
38:78:35:60:9c:84:ed:4c:d3:b2:7d:57:5b:3d:17:f1:f4:ff:
99:2c:0f:7d:fd:03:8b:4e:f4:2b:85:8c:c0:c9:31:7d:6c:96:
e0:27:3b:3b:ad:75:60:aa:25:45:21:9e:8c:ac:9e:b6:7c:98:
68:55:17:3a:ef:71:62:ae:bb:67:28:3f:4b:9d:35:f5:aa:9c:
a3:14:c9:28:23:08:d6:4b:d3:c8:e7:2e:ce:20:67:8a:5f:d9:
d8:4d:b3:e9:96:18:85:71:33:57:c9:f3:a8:76:93:3b:3b:c1:
aa:df:36:cc
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIUW3qmQi8baGSmoLB4J5lEKXqMbbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTgxMTQxNDhaFw0yNzAzMTcxMTQ2NDhaMDMxMTAvBgNV
BAMTKDhFQTg1OTVCNkUzN0QwQzFFOTIxMTE0OTU5NUIzRUIyRDVDQ0FCNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3/6QGVIUIKbxMqTnj/htasn6D
V+Gm6Dcv8ARyV+H7nblBPlByxksPndMfaK6wvg0XNYPwnfF7VALI8X2CNnVokOWK
vBJaFAuApuHmS7t2eF+TlwhBlQV16ID0Bd3tXVHQAqCHHLGDQ3DjLjKONZzsNS/m
1chjzrfXSjA6rAsKhbuYPr3+EM+kUjD71v8KWdHR13WWi2+8Fzdr/xfFJ+NPWbmE
0E6DvVXKtCfknleszbmMy+tgwbQVg9GqCzn4XZ0OD64z7YRhyw+MDQ+DG4Gjc8Jd
+RjSY95sEDEmG3Mp9f7n/qALx0nzcPkOXO0die20JVTMvGrIGpLzZiC8OfO9AgMB
AAGjggJxMIICbTAdBgNVHQ4EFgQUjqhZW2430MHpIRFJWVs+stXMq14wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1MDkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAFIV
5AMEAFIV7wMEAFIW0wMEAFIW6wMEAFIXywMEAFIXzgMEAFIX3gMEAFIX4gMEAFIY
1AMEAFIY7gMEAFIZ7wMEAFIa0AMEAFIa1AMEAFIa2gMEAFIa7AMEAFIa7gMEAFIb
8AMEAFId6jANBgkqhkiG9w0BAQsFAAOCAQEANrkZ2v/5vndLP3ngEe075DVQKm8o
5FL3fjilIA8psbNme8d68PW1rUS7uVLnwvPm1OtjerrbJ5dz+KGmeEjVncAqDHH4
96/oEgyW6A6rLipSiOkVlw0Hszw6ELbpxBbCn5kvnj65k2XeaHhluPPKxcL3s7Sf
SUfpUtsdLPWtKmPqULCnC9PKCL1De35Nk3gzOHg1YJyE7UzTsn1XWz0X8fT/mSwP
ff0Di070K4WMwMkxfWyW4Cc7O611YKolRSGejKyetnyYaFUXOu9xYq67Zyg/S501
9aqcoxTJKCMI1kvTyOcuziBnil/Z2E2z6ZYYhXEzV8nzqHaTOzvBqt82zA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:29:31 2026 by rpki-client