Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS399955.roa
File: AS399955.roa (raw, json)
Hash identifier: 6NTfITHbSbka1AuYKpga/Gg3PgDTfwblwf8whj6kcfM=
Subject key identifier: C7:5F:3F:1D:84:01:10:EB:70:0D:82:B0:56:CA:2B:99:D5:98:D8:59
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 15A75C6BD5C2B9E5B44265DA3925E33793DD0DA9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS399955.roa
Signing time: Fri 08 May 2026 00:07:31 +0000
ROA not before: Fri 08 May 2026 00:02:31 +0000
ROA not after: Fri 07 May 2027 00:07:31 +0000
asID: 399955
IP address blocks: 82.21.66.0/24 maxlen: 24
82.21.76.0/24 maxlen: 24
82.21.104.0/22 maxlen: 24
82.21.127.0/24 maxlen: 24
82.21.136.0/24 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.136.0/22 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.140.0/23 maxlen: 24
82.23.149.0/24 maxlen: 24
82.23.150.0/24 maxlen: 24
82.23.152.0/21 maxlen: 24
82.23.168.0/24 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.36.0/22 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.132.0/24 maxlen: 24
82.25.197.0/24 maxlen: 24
82.25.202.0/24 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.84.0/24 maxlen: 24
82.26.102.0/23 maxlen: 24
82.26.111.0/24 maxlen: 24
82.26.112.0/24 maxlen: 24
82.26.119.0/24 maxlen: 24
82.26.123.0/24 maxlen: 24
82.27.10.0/24 maxlen: 24
82.27.24.0/21 maxlen: 24
82.27.32.0/20 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.64.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.110.0/24 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.144.0/20 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
82.29.30.0/23 maxlen: 24
82.29.144.0/22 maxlen: 24
82.38.36.0/23 maxlen: 24
82.39.112.0/23 maxlen: 24
82.41.192.0/23 maxlen: 24
178.83.0.0/22 maxlen: 24
178.83.42.0/23 maxlen: 24
178.83.128.0/22 maxlen: 24
178.83.216.0/22 maxlen: 24
178.83.242.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:a7:5c:6b:d5:c2:b9:e5:b4:42:65:da:39:25:e3:37:93:dd:0d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 8 00:02:31 2026 GMT
Not After : May 7 00:07:31 2027 GMT
Subject: CN=C75F3F1D840110EB700D82B056CA2B99D598D859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:17:36:33:e2:36:5c:41:50:3e:50:26:ef:48:
14:10:57:70:ae:67:c2:a8:28:ce:ad:58:ea:b1:d0:
eb:b5:b1:31:08:ea:85:1f:c8:a5:8f:c4:e3:29:0d:
ef:46:ea:32:38:29:8b:aa:b6:00:5e:23:fb:d1:76:
27:38:e3:05:c4:57:ab:fc:a6:1a:10:09:44:86:b4:
28:4b:3d:4c:41:cd:a7:16:71:51:4a:16:bf:f1:97:
08:fc:7f:48:a6:a5:6c:a7:5f:c8:61:f1:59:c2:34:
9a:3e:f7:94:a4:7f:f9:e3:7d:27:50:71:6c:60:75:
6b:6d:bf:43:81:cf:e9:33:d1:bf:b7:ff:a0:a9:ca:
48:8d:0f:f7:19:00:71:f7:d5:fd:cc:2d:17:27:28:
53:d8:a3:05:ea:22:f2:b8:3d:0c:94:16:a0:52:43:
37:a2:b9:4c:58:29:53:d1:94:b2:94:0f:84:5e:a5:
07:d3:4f:f0:ba:df:ff:2d:86:dc:54:86:0c:a1:72:
4b:f7:8c:6d:cd:5b:92:36:3a:66:b5:87:a6:29:b9:
12:c7:0b:e7:af:c5:31:c1:32:33:25:98:4e:b1:99:
aa:7f:79:56:6a:ab:5c:7b:69:f9:d6:b1:c9:67:6a:
e2:93:35:e1:6a:7a:a8:42:af:1e:45:d6:29:39:37:
46:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5F:3F:1D:84:01:10:EB:70:0D:82:B0:56:CA:2B:99:D5:98:D8:59
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS399955.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.66.0/24
82.21.76.0/24
82.21.104.0/22
82.21.127.0/24
82.21.136.0/24
82.22.128.0-82.22.139.255
82.22.148.0-82.22.155.255
82.23.140.0/23
82.23.149.0-82.23.150.255
82.23.152.0/21
82.23.168.0/24
82.24.10.0/23
82.24.36.0/22
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0-82.25.132.255
82.25.197.0/24
82.25.202.0/24
82.25.206.0/23
82.26.84.0/24
82.26.102.0/23
82.26.111.0-82.26.112.255
82.26.119.0/24
82.26.123.0/24
82.27.10.0/24
82.27.24.0-82.27.87.255
82.27.110.0/24
82.27.112.0/22
82.27.136.0-82.27.159.255
82.27.168.0/21
82.27.192.0/22
82.29.30.0/23
82.29.144.0/22
82.38.36.0/23
82.39.112.0/23
82.41.192.0/23
178.83.0.0/22
178.83.42.0/23
178.83.128.0/22
178.83.216.0/22
178.83.242.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:79:f8:fb:24:c0:e5:f0:35:4b:6f:b3:96:e0:ae:28:60:92:
7b:10:d8:b2:72:b5:e6:21:4f:96:c4:3d:4c:9e:23:52:24:52:
1d:37:7c:6d:68:b5:1c:83:f4:39:93:1b:f5:45:db:5f:0d:49:
28:72:66:cf:26:17:17:0f:8d:fa:05:0d:31:2e:2f:a2:a6:b6:
3e:0f:96:99:3d:e6:bb:1a:c6:0f:6d:a9:d4:d6:50:5e:48:8b:
ce:5e:61:9b:26:c4:20:fb:d7:23:a3:aa:c9:0a:e7:8f:79:9c:
72:b9:8b:5c:16:66:d0:aa:a2:e1:28:40:2b:5c:12:b3:25:08:
28:ce:61:0b:8d:0e:6b:e4:c8:4b:71:f2:da:6c:40:0c:a6:ee:
f0:bd:87:b6:fa:72:62:46:1a:b3:30:23:d0:17:45:48:9e:9f:
48:fd:53:af:0a:d2:ac:4e:59:f4:4f:8b:82:7e:de:83:cb:9f:
73:57:4e:9a:01:da:95:2b:30:10:58:b1:d7:54:e0:5c:31:c0:
32:cf:9f:1c:39:83:61:50:2b:5e:f9:f4:e0:aa:ff:47:32:dd:
17:d2:2d:1f:70:39:8a:f4:d2:55:00:cd:96:dd:73:48:46:7e:
06:77:62:e5:56:fc:57:54:69:36:72:2e:b0:e6:90:1c:91:ff:
8c:c1:ac:cf
-----BEGIN CERTIFICATE-----
MIIGUDCCBTigAwIBAgIUFadca9XCueW0QmXaOSXjN5PdDakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDgwMDAyMzFaFw0yNzA1MDcwMDA3MzFaMDMxMTAvBgNV
BAMTKEM3NUYzRjFEODQwMTEwRUI3MDBEODJCMDU2Q0EyQjk5RDU5OEQ4NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAFzYz4jZcQVA+UCbvSBQQV3Cu
Z8KoKM6tWOqx0Ou1sTEI6oUfyKWPxOMpDe9G6jI4KYuqtgBeI/vRdic44wXEV6v8
phoQCUSGtChLPUxBzacWcVFKFr/xlwj8f0impWynX8hh8VnCNJo+95Skf/njfSdQ
cWxgdWttv0OBz+kz0b+3/6CpykiND/cZAHH31f3MLRcnKFPYowXqIvK4PQyUFqBS
QzeiuUxYKVPRlLKUD4RepQfTT/C63/8thtxUhgyhckv3jG3NW5I2Oma1h6YpuRLH
C+evxTHBMjMlmE6xmap/eVZqq1x7afnWsclnauKTNeFqeqhCrx5F1ik5N0YxAgMB
AAGjggNaMIIDVjAdBgNVHQ4EFgQUx18/HYQBEOtwDYKwVsormdWY2FkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk5OTU1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIIBbQYIKwYBBQUHAQcBAf8EggFcMIIBWDCCAVQEAgAB
MIIBTAMEAFIVQgMEAFIVTAMEAlIVaAMEAFIVfwMEAFIViDAMAwQHUhaAAwQCUhaI
MAwDBAJSFpQDBAJSFpgDBAFSF4wwDAMEAFIXlQMEAFIXlgMEA1IXmAMEAFIXqAME
AVIYCgMEAlIYJAMEAVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAlIZAAME
AVIZEjAMAwQHUhmAAwQAUhmEAwQAUhnFAwQAUhnKAwQBUhnOAwQAUhpUAwQBUhpm
MAwDBABSGm8DBABSGnADBABSGncDBABSGnsDBABSGwowDAMEA1IbGAMEA1IbUAME
AFIbbgMEAlIbcDAMAwQDUhuIAwQFUhuAAwQDUhuoAwQCUhvAAwQBUh0eAwQCUh2Q
AwQBUiYkAwQBUidwAwQBUinAAwQCslMAAwQBslMqAwQCslOAAwQCslPYAwQBslPy
MA0GCSqGSIb3DQEBCwUAA4IBAQCKefj7JMDl8DVLb7OW4K4oYJJ7ENiycrXmIU+W
xD1MniNSJFIdN3xtaLUcg/Q5kxv1RdtfDUkocmbPJhcXD436BQ0xLi+iprY+D5aZ
Pea7GsYPbanU1lBeSIvOXmGbJsQg+9cjo6rJCuePeZxyuYtcFmbQqqLhKEArXBKz
JQgozmELjQ5r5MhLcfLabEAMpu7wvYe2+nJiRhqzMCPQF0VInp9I/VOvCtKsTln0
T4uCft6Dy59zV06aAdqVKzAQWLHXVOBcMcAyz58cOYNhUCte+fTgqv9HMt0X0i0f
cDmK9NJVAM2W3XNIRn4Gd2LlVvxXVGk2ci6w5pAckf+MwazP
-----END CERTIFICATE-----
Generated at Tue May 12 23:24:19 2026 by rpki-client