Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402187.roa
File: AS402187.roa (raw, json)
Hash identifier: CaNU3Hvbg1ys5iTgyyRkfhtL4zpeipkSqV837iQPvi4=
Subject key identifier: CE:F4:AA:5F:D1:41:99:CE:96:3E:ED:31:BB:F4:B1:49:DA:B5:C3:F2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6364A731A3BF11CA636BE60D7709779B874E129A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402187.roa
Signing time: Mon 27 Apr 2026 06:57:41 +0000
ROA not before: Mon 27 Apr 2026 06:52:41 +0000
ROA not after: Mon 26 Apr 2027 06:57:41 +0000
asID: 402187
IP address blocks: 82.47.211.0/24 maxlen: 24
84.75.32.0/24 maxlen: 24
84.75.33.0/24 maxlen: 24
84.75.195.0/24 maxlen: 24
178.83.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:64:a7:31:a3:bf:11:ca:63:6b:e6:0d:77:09:77:9b:87:4e:12:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 27 06:52:41 2026 GMT
Not After : Apr 26 06:57:41 2027 GMT
Subject: CN=CEF4AA5FD14199CE963EED31BBF4B149DAB5C3F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fd:df:97:aa:67:53:64:9f:e6:5f:20:47:ac:
79:39:a0:2f:59:d8:67:20:b0:e3:99:34:78:81:ca:
5b:3b:34:a8:a8:e1:5b:0b:55:42:ad:6e:f1:0b:d7:
69:78:46:77:5a:bd:36:7a:d3:d8:e0:a7:42:d7:cd:
0f:8b:c9:be:54:70:1f:57:02:f2:43:cb:19:c1:27:
76:f6:a7:be:96:55:fb:a4:65:e1:0c:8b:36:16:69:
9a:92:f9:1d:d6:9b:3e:3e:5a:b8:3d:f1:cd:bd:87:
69:f1:69:14:e2:bd:9c:79:b4:66:cb:4c:99:2b:96:
d1:b4:51:ff:19:ca:37:ce:23:99:09:55:0e:96:18:
fc:5c:92:9b:e0:ef:7b:ea:36:27:66:41:4b:c1:ab:
f3:a2:cd:c2:8b:47:bc:5d:83:5b:52:70:7c:dc:a1:
90:18:99:d1:9a:42:d6:02:d4:44:15:40:0a:d0:90:
30:d6:3b:4b:b4:26:54:3b:4a:3b:9d:1b:8b:de:f7:
c2:27:d8:12:03:10:f5:b3:a4:52:10:aa:c4:81:ba:
15:1e:6d:49:b2:1b:09:78:36:0d:11:ea:1b:43:63:
9f:99:36:c2:ef:73:62:17:4e:e8:2f:ce:b3:50:f0:
65:21:4f:13:7b:fc:5d:ae:8e:5b:94:8f:df:a5:f4:
b2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F4:AA:5F:D1:41:99:CE:96:3E:ED:31:BB:F4:B1:49:DA:B5:C3:F2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402187.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.47.211.0/24
84.75.32.0/23
84.75.195.0/24
178.83.14.0/24
Signature Algorithm: sha256WithRSAEncryption
48:52:f6:3a:9c:a4:44:4f:92:33:19:64:0b:ee:ab:7b:64:96:
ec:9f:bd:e5:3a:ef:c4:81:33:7d:4a:90:55:7e:51:41:83:0f:
a2:14:c6:e1:1b:1d:71:84:a5:4a:9d:ce:70:ba:f3:12:5d:38:
f1:1c:dc:82:c5:b5:46:3f:15:aa:7e:05:03:58:0b:bc:74:6c:
c6:39:fc:42:90:88:ad:06:48:a7:57:28:40:66:39:73:1e:e0:
cb:dc:95:34:3d:9e:de:9e:55:2f:17:f3:3c:50:c2:b3:05:18:
53:70:90:a5:e9:ba:03:a8:91:22:92:a1:02:1b:aa:32:38:3f:
ab:25:c8:a6:1d:2f:13:19:5e:52:9e:2e:e4:6d:29:98:73:23:
77:0b:f0:a6:be:c6:38:c8:e9:d2:9e:73:ea:cd:fc:d9:b1:68:
15:18:dd:86:7e:25:5a:b0:1e:f1:7f:c4:fa:19:d8:a6:5b:fd:
ea:22:95:21:a9:2c:04:cd:d8:2f:8e:15:ba:ee:e0:5a:f7:43:
a9:42:ed:4f:d2:49:4d:6a:8d:2d:33:cc:0e:d8:1a:c5:4b:ae:
60:f7:f4:31:4b:bc:7e:ed:cf:8e:92:59:8f:87:98:38:d0:06:
f5:5c:8c:10:8c:67:ad:c2:00:d4:19:0f:29:e2:1e:cc:cd:e5:
39:90:cd:77
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUY2SnMaO/Ecpja+YNdwl3m4dOEpowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjcwNjUyNDFaFw0yNzA0MjYwNjU3NDFaMDMxMTAvBgNV
BAMTKENFRjRBQTVGRDE0MTk5Q0U5NjNFRUQzMUJCRjRCMTQ5REFCNUMzRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG/d+XqmdTZJ/mXyBHrHk5oC9Z
2GcgsOOZNHiByls7NKio4VsLVUKtbvEL12l4RndavTZ609jgp0LXzQ+Lyb5UcB9X
AvJDyxnBJ3b2p76WVfukZeEMizYWaZqS+R3Wmz4+Wrg98c29h2nxaRTivZx5tGbL
TJkrltG0Uf8ZyjfOI5kJVQ6WGPxckpvg73vqNidmQUvBq/OizcKLR7xdg1tScHzc
oZAYmdGaQtYC1EQVQArQkDDWO0u0JlQ7SjudG4ve98In2BIDEPWzpFIQqsSBuhUe
bUmyGwl4Ng0R6htDY5+ZNsLvc2IXTugvzrNQ8GUhTxN7/F2ujluUj9+l9LJ3AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUzvSqX9FBmc6WPu0xu/SxSdq1w/IwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAyMTg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUi/T
AwQBVEsgAwQAVEvDAwQAslMOMA0GCSqGSIb3DQEBCwUAA4IBAQBIUvY6nKRET5Iz
GWQL7qt7ZJbsn73lOu/EgTN9SpBVflFBgw+iFMbhGx1xhKVKnc5wuvMSXTjxHNyC
xbVGPxWqfgUDWAu8dGzGOfxCkIitBkinVyhAZjlzHuDL3JU0PZ7enlUvF/M8UMKz
BRhTcJCl6boDqJEikqECG6oyOD+rJcimHS8TGV5Sni7kbSmYcyN3C/CmvsY4yOnS
nnPqzfzZsWgVGN2GfiVasB7xf8T6GdimW/3qIpUhqSwEzdgvjhW67uBa90OpQu1P
0klNao0tM8wO2BrFS65g9/QxS7x+7c+OklmPh5g40Ab1XIwQjGetwgDUGQ8p4h7M
zeU5kM13
-----END CERTIFICATE-----
Generated at Wed May 13 01:05:11 2026 by rpki-client