Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS401881.roa
File: AS401881.roa (raw, json)
Hash identifier: 7Zc2mHQxxwxZt4LT6dkDQsi4j6PMsSoR0tYB5bOpKGo=
Subject key identifier: B3:80:20:6A:96:57:F6:51:A7:33:66:AE:DD:A6:EF:BE:40:30:B4:1A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2920EB1BB38CB2F8B7C154880953F9E478EC242D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS401881.roa
Signing time: Mon 27 Apr 2026 14:10:45 +0000
ROA not before: Mon 27 Apr 2026 14:05:45 +0000
ROA not after: Mon 26 Apr 2027 14:10:45 +0000
asID: 401881
IP address blocks: 82.21.75.0/24 maxlen: 24
82.22.54.0/24 maxlen: 24
82.23.14.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.26.205.0/24 maxlen: 24
82.27.94.0/24 maxlen: 24
82.41.72.0/24 maxlen: 24
82.41.75.0/24 maxlen: 24
82.41.98.0/24 maxlen: 24
82.41.122.0/24 maxlen: 24
178.83.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:20:eb:1b:b3:8c:b2:f8:b7:c1:54:88:09:53:f9:e4:78:ec:24:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 27 14:05:45 2026 GMT
Not After : Apr 26 14:10:45 2027 GMT
Subject: CN=B380206A9657F651A73366AEDDA6EFBE4030B41A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c7:d0:0d:e3:e3:c0:41:24:0c:6c:cb:2e:4e:
c4:57:64:1c:e7:6b:87:da:ab:4c:4d:80:f1:c9:cd:
2a:0f:06:c5:c8:fe:e8:dc:bd:1a:14:7e:b1:fc:3b:
39:26:cf:94:a4:16:a1:b4:e6:45:9b:ae:dc:23:a5:
bd:b1:3c:d1:9c:83:05:16:cf:b5:8d:ee:4e:c5:c2:
ef:9c:73:57:d7:86:f5:2b:12:ba:ec:02:d4:9e:c8:
ad:8b:93:36:fe:3f:bc:16:7e:97:fe:a0:db:5a:00:
41:e8:99:5f:f9:af:5b:0e:60:fb:f2:f7:87:9a:19:
6e:5e:2d:77:e5:53:27:41:8c:be:5e:ce:df:37:2c:
1d:76:41:99:69:e4:f2:2d:74:06:79:1f:44:ae:ae:
a0:9d:3b:fd:13:9c:af:84:bd:e7:30:66:b0:ff:b3:
51:09:9a:4b:a6:62:f1:df:fe:2f:c8:55:71:dc:b8:
3e:de:97:07:fe:4d:9f:57:be:ee:1b:42:2f:a2:ea:
91:f7:fe:1c:40:ce:f0:b6:5d:d2:1d:c9:79:cd:61:
82:41:c2:be:12:ab:d6:7b:2d:ce:44:5b:14:26:c4:
2f:06:f7:10:40:81:88:05:2c:e1:6d:8e:df:d7:e8:
5a:d6:80:f3:f7:ab:b5:be:d0:de:20:5b:1a:a9:38:
42:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:80:20:6A:96:57:F6:51:A7:33:66:AE:DD:A6:EF:BE:40:30:B4:1A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS401881.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.22.54.0/24
82.23.14.0/24
82.24.105.0/24
82.26.205.0/24
82.27.94.0/24
82.41.72.0/24
82.41.75.0/24
82.41.98.0/24
82.41.122.0/24
178.83.6.0/24
Signature Algorithm: sha256WithRSAEncryption
06:87:99:9e:58:f6:f6:98:e2:d2:72:a3:ac:65:0c:63:b4:84:
da:c4:a7:7b:8d:91:87:9f:8d:82:d7:00:69:60:23:21:ca:04:
10:64:d4:68:58:f7:5c:84:32:11:2d:41:91:51:b7:8b:8a:28:
55:dd:1d:e7:55:b3:74:b9:ea:b4:ac:66:e6:a9:52:b4:90:e1:
e5:12:6a:ff:0e:39:fe:77:cc:36:cf:e9:a9:22:ba:1e:a9:20:
04:4b:f4:70:d6:03:b1:0c:43:c5:3d:c0:3b:75:4c:d6:bb:86:
f8:49:36:b2:b2:c9:f1:d2:f6:65:eb:8b:7f:1c:51:67:d6:38:
26:6b:6b:b6:57:7f:bb:bc:3d:3d:35:9c:40:f7:75:db:c6:27:
02:66:77:c8:99:da:26:19:42:07:2c:c1:c3:e1:f2:55:46:7b:
4e:5d:d1:29:46:1a:15:ea:1a:c1:eb:2e:ff:19:f7:33:39:44:
50:98:96:45:a3:8e:a1:6e:2b:be:97:35:cf:d2:af:3f:12:6b:
4b:ff:88:ab:0b:14:0f:94:4c:e6:44:c4:25:62:24:5a:c0:c9:
c9:16:3d:a5:7c:87:92:93:c5:14:0b:73:e0:6a:49:5f:9d:4d:
9c:41:d8:fd:bc:c6:3c:a1:f2:a3:ac:8e:c3:3c:ec:97:b1:ad:
39:1c:d4:1f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUKSDrG7OMsvi3wVSICVP55HjsJC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjcxNDA1NDVaFw0yNzA0MjYxNDEwNDVaMDMxMTAvBgNV
BAMTKEIzODAyMDZBOTY1N0Y2NTFBNzMzNjZBRUREQTZFRkJFNDAzMEI0MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCGx9AN4+PAQSQMbMsuTsRXZBzn
a4faq0xNgPHJzSoPBsXI/ujcvRoUfrH8Ozkmz5SkFqG05kWbrtwjpb2xPNGcgwUW
z7WN7k7Fwu+cc1fXhvUrErrsAtSeyK2Lkzb+P7wWfpf+oNtaAEHomV/5r1sOYPvy
94eaGW5eLXflUydBjL5ezt83LB12QZlp5PItdAZ5H0SurqCdO/0TnK+EvecwZrD/
s1EJmkumYvHf/i/IVXHcuD7elwf+TZ9Xvu4bQi+i6pH3/hxAzvC2XdIdyXnNYYJB
wr4Sq9Z7Lc5EWxQmxC8G9xBAgYgFLOFtjt/X6FrWgPP3q7W+0N4gWxqpOEI/AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUs4AgapZX9lGnM2au3abvvkAwtBowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAxODgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUhVL
AwQAUhY2AwQAUhcOAwQAUhhpAwQAUhrNAwQAUhteAwQAUilIAwQAUilLAwQAUili
AwQAUil6AwQAslMGMA0GCSqGSIb3DQEBCwUAA4IBAQAGh5meWPb2mOLScqOsZQxj
tITaxKd7jZGHn42C1wBpYCMhygQQZNRoWPdchDIRLUGRUbeLiihV3R3nVbN0ueq0
rGbmqVK0kOHlEmr/Djn+d8w2z+mpIroeqSAES/Rw1gOxDEPFPcA7dUzWu4b4STay
ssnx0vZl64t/HFFn1jgma2u2V3+7vD09NZxA93XbxicCZnfImdomGUIHLMHD4fJV
RntOXdEpRhoV6hrB6y7/GfczOURQmJZFo46hbiu+lzXP0q8/EmtL/4irCxQPlEzm
RMQlYiRawMnJFj2lfIeSk8UUC3PgaklfnU2cQdj9vMY8ofKjrI7DPOyXsa05HNQf
-----END CERTIFICATE-----
Generated at Wed May 13 01:38:42 2026 by rpki-client