Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402187.roa
File: AS402187.roa (raw, json)
Hash identifier: 5o5y7Bcw1MsJVQTtufnFD/XweGtJ8cMJTw5Tio183W8=
Subject key identifier: A6:64:D6:E9:B3:7E:F1:D4:1C:EA:94:48:E5:F1:80:28:98:6F:AF:64
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7B5F2683F8571E419C6169BCEC6741387D28C2D1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402187.roa
Signing time: Wed 25 Mar 2026 03:55:03 +0000
ROA not before: Wed 25 Mar 2026 03:50:03 +0000
ROA not after: Wed 24 Mar 2027 03:55:03 +0000
asID: 402187
IP address blocks: 82.40.62.0/24 maxlen: 24
82.41.211.0/24 maxlen: 24
82.41.221.0/24 maxlen: 24
84.75.25.0/24 maxlen: 24
84.75.32.0/24 maxlen: 24
84.75.33.0/24 maxlen: 24
84.75.77.0/24 maxlen: 24
178.83.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:5f:26:83:f8:57:1e:41:9c:61:69:bc:ec:67:41:38:7d:28:c2:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 25 03:50:03 2026 GMT
Not After : Mar 24 03:55:03 2027 GMT
Subject: CN=A664D6E9B37EF1D41CEA9448E5F18028986FAF64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c1:e5:aa:07:ae:05:01:96:2d:1e:4f:bd:af:
dd:ce:1b:7b:60:14:e0:67:a0:b4:a2:bd:7f:8d:9c:
36:e8:ed:95:07:1c:cb:53:94:b0:a6:e4:0e:e4:80:
be:24:80:80:68:7b:8a:12:99:d9:9a:f1:9f:be:cb:
02:a4:86:7c:5a:68:93:f3:2b:16:51:1b:d7:b2:aa:
db:53:76:d9:9a:33:0d:ae:c9:f5:07:07:5a:d5:46:
15:fb:82:2c:f4:14:08:e9:c6:21:34:80:5f:98:d8:
bc:ba:04:00:61:57:50:ae:75:1e:be:8d:89:41:23:
c3:cc:24:91:90:8f:5e:e6:e2:40:37:1d:44:33:4d:
d3:8c:cc:3d:7e:db:8b:0b:0d:96:5b:97:4c:d1:da:
f6:81:a6:c9:22:d8:63:a2:c2:e7:3a:e8:0b:fc:e2:
d8:e4:6d:be:b4:61:d4:73:a6:78:67:da:3e:a2:00:
00:a7:96:83:6f:f6:04:ff:4d:c3:bb:8d:03:3d:83:
fc:b5:e9:60:95:27:be:33:e2:64:68:43:b9:2a:6b:
b8:50:b3:d5:49:d4:ea:f7:d5:0f:5a:e4:c2:ca:05:
60:b6:19:ad:a3:b5:4a:0e:0a:77:71:9d:ec:df:7f:
ea:31:1c:97:40:c7:35:4e:98:82:47:cc:04:a7:c5:
46:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:64:D6:E9:B3:7E:F1:D4:1C:EA:94:48:E5:F1:80:28:98:6F:AF:64
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402187.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.40.62.0/24
82.41.211.0/24
82.41.221.0/24
84.75.25.0/24
84.75.32.0/23
84.75.77.0/24
178.83.181.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:b1:17:f7:75:5a:bc:c8:46:1b:7e:c9:8e:4e:11:1e:bb:8c:
b9:87:7d:1d:65:8a:d5:57:6a:19:19:de:92:5c:21:24:07:8a:
65:11:96:6e:60:cf:f3:d5:09:d0:ea:b4:28:0c:3a:35:6c:df:
e6:bc:f2:1a:10:4e:07:de:37:2f:f9:29:dc:49:9b:7c:18:90:
b6:e7:fe:a6:a8:71:54:91:20:71:8e:3a:a8:e0:87:30:2a:03:
b5:0a:8a:37:4c:05:da:e8:ae:46:80:b4:c0:c4:fd:2f:bc:a2:
93:c6:5e:f3:73:4f:3b:c8:eb:b6:93:b0:c7:f5:e4:63:49:3b:
4b:f2:a9:fd:3d:05:73:bc:9b:60:2b:23:8f:9d:e1:5f:04:83:
6e:78:73:93:d0:35:2f:b9:a5:65:f8:d9:bf:ca:14:f4:3c:4e:
42:2e:2c:a9:cd:8c:f3:88:de:1f:e1:e4:75:b1:35:6e:af:0a:
a4:2f:dd:a5:3d:a2:49:e2:04:b5:43:7e:d8:f1:6b:85:00:e8:
a1:08:09:e7:21:ac:c3:e4:b3:1c:ea:0b:44:fb:1f:85:ec:43:
93:c1:e9:f3:b7:c7:14:a6:1d:76:c2:cd:47:39:be:c9:f6:b5:
16:36:23:55:78:14:10:de:b8:ea:c4:bd:5e:a5:70:a1:d6:1d:
60:44:ad:19
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUe18mg/hXHkGcYWm87GdBOH0owtEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjUwMzUwMDNaFw0yNzAzMjQwMzU1MDNaMDMxMTAvBgNV
BAMTKEE2NjRENkU5QjM3RUYxRDQxQ0VBOTQ0OEU1RjE4MDI4OTg2RkFGNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOweWqB64FAZYtHk+9r93OG3tg
FOBnoLSivX+NnDbo7ZUHHMtTlLCm5A7kgL4kgIBoe4oSmdma8Z++ywKkhnxaaJPz
KxZRG9eyqttTdtmaMw2uyfUHB1rVRhX7giz0FAjpxiE0gF+Y2Ly6BABhV1CudR6+
jYlBI8PMJJGQj17m4kA3HUQzTdOMzD1+24sLDZZbl0zR2vaBpski2GOiwuc66Av8
4tjkbb60YdRzpnhn2j6iAACnloNv9gT/TcO7jQM9g/y16WCVJ74z4mRoQ7kqa7hQ
s9VJ1Or31Q9a5MLKBWC2Ga2jtUoOCndxnezff+oxHJdAxzVOmIJHzASnxUZ9AgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUpmTW6bN+8dQc6pRI5fGAKJhvr2QwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAyMTg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUig+
AwQAUinTAwQAUindAwQAVEsZAwQBVEsgAwQAVEtNAwQAslO1MA0GCSqGSIb3DQEB
CwUAA4IBAQBusRf3dVq8yEYbfsmOThEeu4y5h30dZYrVV2oZGd6SXCEkB4plEZZu
YM/z1QnQ6rQoDDo1bN/mvPIaEE4H3jcv+SncSZt8GJC25/6mqHFUkSBxjjqo4Icw
KgO1Coo3TAXa6K5GgLTAxP0vvKKTxl7zc087yOu2k7DH9eRjSTtL8qn9PQVzvJtg
KyOPneFfBINueHOT0DUvuaVl+Nm/yhT0PE5CLiypzYzziN4f4eR1sTVurwqkL92l
PaJJ4gS1Q37Y8WuFAOihCAnnIazD5LMc6gtE+x+F7EOTwenzt8cUph12ws1HOb7J
9rUWNiNVeBQQ3rjqxL1epXCh1h1gRK0Z
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:49 2026 by rpki-client