Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: 5pvEc4Lfk0KbKTUuHQ9YYDOMbGI5x5OXAkvTcUWuWW4=
Subject key identifier: F8:F4:92:F1:65:F9:9E:48:F1:81:44:AC:26:02:03:BA:8D:F4:66:33
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4E7929407FE6DFAFED9052A4F43FD7A1B92C1D78
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
Signing time: Mon 11 Aug 2025 09:34:14 +0000
ROA not before: Mon 11 Aug 2025 09:29:14 +0000
ROA not after: Mon 10 Aug 2026 09:34:14 +0000
asID: 395374
IP address blocks: 82.29.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:79:29:40:7f:e6:df:af:ed:90:52:a4:f4:3f:d7:a1:b9:2c:1d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 11 09:29:14 2025 GMT
Not After : Aug 10 09:34:14 2026 GMT
Subject: CN=F8F492F165F99E48F18144AC260203BA8DF46633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:20:62:62:a0:07:0b:c7:18:3a:02:64:d5:d0:
64:57:6e:72:b3:db:bc:ea:e8:40:d3:0e:d2:3d:35:
9a:c7:bb:9f:1a:49:f3:eb:e3:56:c5:d3:f2:fd:d6:
06:d0:eb:2c:3a:32:4b:f0:e4:5a:a0:be:dc:fe:2a:
e9:17:6e:a7:ce:ef:20:7a:b4:71:44:e4:50:4e:a0:
de:2d:3e:07:1c:b7:a1:10:7b:f0:b0:df:2f:c6:cb:
16:48:c2:dc:6b:04:c8:09:a8:e2:03:59:4c:cf:e8:
02:09:74:46:a3:6c:f3:d7:4b:7d:26:31:f9:d6:30:
d4:72:33:93:dc:41:38:f2:39:5e:fc:f7:a6:02:5b:
5a:a5:b6:90:b0:58:a4:63:bd:4d:1e:65:21:ae:38:
b6:19:32:03:14:f4:de:da:8d:44:76:7f:36:63:ec:
fd:94:a8:49:9c:8c:e8:3c:79:5e:b8:a1:d2:e6:08:
9f:52:10:e3:3b:69:f8:d4:92:cf:f7:02:5e:74:cf:
18:fc:d4:7b:ce:e8:d7:f4:d2:1d:a4:ef:22:d1:e8:
51:36:f4:ae:03:62:5c:61:36:c1:80:c9:d5:ea:74:
49:d1:e5:d5:3a:84:7c:0c:97:99:1b:5a:8c:e2:1a:
f4:37:e3:16:6a:d3:7e:96:2a:12:23:50:67:9b:c1:
a1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F4:92:F1:65:F9:9E:48:F1:81:44:AC:26:02:03:BA:8D:F4:66:33
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.109.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:3c:1d:0f:3f:c6:e1:e6:a2:58:72:bb:1f:42:ba:a5:fc:dd:
91:3d:fc:5d:ec:15:40:da:ef:c7:b1:48:7b:1b:ef:55:3d:8a:
ed:aa:8c:18:e8:1f:ea:ca:67:e7:f2:41:33:aa:de:a9:fb:d2:
1f:05:c7:d7:69:bf:b0:39:90:29:79:00:4b:74:21:8b:65:5b:
61:5d:45:8b:87:4c:7b:5d:c7:c8:71:2d:51:b3:2d:b2:78:cf:
6b:fe:0e:c6:f9:85:c8:b0:c3:1a:04:58:40:f6:31:f0:7a:fe:
59:69:52:ee:16:6b:cd:fb:2b:9a:9a:b8:78:a3:6a:a5:be:a9:
3d:51:a2:66:fe:78:37:e8:8c:7d:ae:c8:b1:ee:18:f5:b0:98:
43:99:5e:08:75:a1:a8:46:44:50:a2:a3:e4:62:0d:3f:40:86:
40:ee:29:a1:94:d2:aa:d7:51:0b:fb:d2:8a:45:3c:0f:41:ad:
bd:6c:5f:a9:3b:72:f3:1e:c3:80:ab:ff:09:0e:8c:5d:b0:e5:
ad:07:32:07:8d:02:e2:94:40:32:c4:7b:64:77:6e:4f:1c:c9:
cf:97:78:6e:ca:96:bc:fb:c7:e4:c0:b2:92:4b:ef:12:22:69:
54:07:bb:49:a6:a8:cd:21:1d:1d:5e:59:c7:4f:a8:40:ca:9b:
36:ed:03:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUTnkpQH/m36/tkFKk9D/XobksHXgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MTEwOTI5MTRaFw0yNjA4MTAwOTM0MTRaMDMxMTAvBgNV
BAMTKEY4RjQ5MkYxNjVGOTlFNDhGMTgxNDRBQzI2MDIwM0JBOERGNDY2MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5IGJioAcLxxg6AmTV0GRXbnKz
27zq6EDTDtI9NZrHu58aSfPr41bF0/L91gbQ6yw6Mkvw5Fqgvtz+KukXbqfO7yB6
tHFE5FBOoN4tPgcct6EQe/Cw3y/GyxZIwtxrBMgJqOIDWUzP6AIJdEajbPPXS30m
MfnWMNRyM5PcQTjyOV7896YCW1qltpCwWKRjvU0eZSGuOLYZMgMU9N7ajUR2fzZj
7P2UqEmcjOg8eV64odLmCJ9SEOM7afjUks/3Al50zxj81HvO6Nf00h2k7yLR6FE2
9K4DYlxhNsGAydXqdEnR5dU6hHwMl5kbWoziGvQ34xZq036WKhIjUGebwaHtAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU+PSS8WX5nkjxgUSsJgIDuo30ZjMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUh1t
MA0GCSqGSIb3DQEBCwUAA4IBAQAcPB0PP8bh5qJYcrsfQrql/N2RPfxd7BVA2u/H
sUh7G+9VPYrtqowY6B/qymfn8kEzqt6p+9IfBcfXab+wOZApeQBLdCGLZVthXUWL
h0x7XcfIcS1Rsy2yeM9r/g7G+YXIsMMaBFhA9jHwev5ZaVLuFmvN+yuamrh4o2ql
vqk9UaJm/ng36Ix9rsix7hj1sJhDmV4IdaGoRkRQoqPkYg0/QIZA7imhlNKq11EL
+9KKRTwPQa29bF+pO3LzHsOAq/8JDoxdsOWtBzIHjQLilEAyxHtkd25PHMnPl3hu
ypa8+8fkwLKSS+8SImlUB7tJpqjNIR0dXlnHT6hAyps27QMl
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:43:31 2025 by rpki-client