Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402215.roa
File: AS402215.roa (raw, json)
Hash identifier: CnsFyiYArpqsdG0UKg/NWaOd2hZ1+J/7DCSjG+2ySos=
Subject key identifier: C1:A8:DB:58:78:82:EE:F4:82:1F:A7:87:DD:70:DF:74:62:D9:5A:2E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6486E51EA08760CA8AC2CB51C01B2F5FE82391C9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402215.roa
Signing time: Thu 07 May 2026 11:20:11 +0000
ROA not before: Thu 07 May 2026 11:15:11 +0000
ROA not after: Thu 06 May 2027 11:20:11 +0000
asID: 402215
IP address blocks: 82.38.95.0/24 maxlen: 24
178.83.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:86:e5:1e:a0:87:60:ca:8a:c2:cb:51:c0:1b:2f:5f:e8:23:91:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 7 11:15:11 2026 GMT
Not After : May 6 11:20:11 2027 GMT
Subject: CN=C1A8DB587882EEF4821FA787DD70DF7462D95A2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5c:51:9c:ab:c5:14:26:80:7a:bc:e7:dc:2b:
7f:2c:14:98:d5:3a:e9:fa:9a:6d:5a:80:36:a0:dd:
da:2f:54:ae:8c:9c:01:74:24:e6:32:91:af:c1:56:
18:a5:0b:ca:26:e5:15:f2:ae:94:a6:81:1c:8a:b6:
20:e0:96:3f:6b:51:90:70:5b:be:88:43:23:ed:ec:
13:9d:3a:72:32:06:8c:61:dc:c6:96:ae:42:f7:30:
80:43:b8:5b:4e:dc:02:89:78:06:ab:77:7d:f6:83:
86:a4:26:54:bf:e4:0f:cf:ed:dd:dd:a4:b7:34:43:
df:a9:fc:b7:48:55:8d:52:f2:60:48:89:1d:3b:74:
5f:ac:40:a4:20:88:87:de:a5:6a:aa:96:6d:09:2a:
49:98:13:ca:38:59:90:d0:9e:b7:21:fb:6d:a8:d0:
80:0d:df:bb:27:18:c2:54:e3:cb:a2:a7:52:4c:d3:
dc:9e:a8:13:2c:01:89:91:c4:3f:4e:bc:3c:9a:77:
c8:bd:22:3f:fb:b1:b2:eb:ab:56:ec:0c:c6:39:db:
2a:4d:23:6f:36:ed:7a:a0:c4:90:0e:8d:d7:10:61:
08:61:db:56:b6:89:f6:f9:b7:c9:ae:87:13:4e:e3:
67:8e:a4:e8:d2:0f:94:0a:eb:f9:c7:35:18:18:af:
62:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A8:DB:58:78:82:EE:F4:82:1F:A7:87:DD:70:DF:74:62:D9:5A:2E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402215.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.95.0/24
178.83.28.0/24
Signature Algorithm: sha256WithRSAEncryption
34:78:3a:67:b1:a4:f8:31:79:21:2d:8a:3f:f9:a2:28:26:9d:
5b:2b:36:52:58:81:32:63:99:9f:8e:ed:65:30:bf:cf:b4:ee:
8a:ad:36:10:ab:27:8b:f7:68:4d:70:0d:b7:68:f7:74:d0:df:
14:f5:60:98:51:e2:ff:54:ff:b2:0a:6f:a7:56:ef:bb:50:0c:
97:4d:8e:50:d4:1f:61:69:0d:46:df:54:a0:8c:eb:20:da:71:
fc:d1:aa:49:9b:0f:ec:70:c9:7f:10:1e:3a:84:90:5a:ed:3a:
ef:d9:74:3f:eb:48:5d:d1:7b:c3:96:b9:ba:91:e3:cb:ec:87:
03:99:81:67:36:af:34:47:b5:70:6d:f4:7d:c5:5a:aa:d2:be:
19:33:4b:4f:cc:bc:3c:05:4b:0e:de:37:c8:09:c8:ce:aa:31:
d1:c0:23:06:74:69:9e:10:44:3f:e8:0a:bf:b5:4f:a8:56:68:
4b:e8:57:d7:0e:4e:61:58:83:5f:ec:29:65:83:91:07:f7:06:
de:19:17:e8:f3:db:39:0e:96:73:c6:5e:a2:3f:88:bd:50:04:
9c:39:12:af:fa:22:70:56:06:89:dd:fc:88:36:81:65:c7:d0:
d5:28:96:f6:5b:4f:39:99:a1:78:f7:3e:f5:46:07:87:c4:37:
6f:13:31:6a
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUZIblHqCHYMqKwstRwBsvX+gjkckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDcxMTE1MTFaFw0yNzA1MDYxMTIwMTFaMDMxMTAvBgNV
BAMTKEMxQThEQjU4Nzg4MkVFRjQ4MjFGQTc4N0RENzBERjc0NjJEOTVBMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyXFGcq8UUJoB6vOfcK38sFJjV
Oun6mm1agDag3dovVK6MnAF0JOYyka/BVhilC8om5RXyrpSmgRyKtiDglj9rUZBw
W76IQyPt7BOdOnIyBoxh3MaWrkL3MIBDuFtO3AKJeAard332g4akJlS/5A/P7d3d
pLc0Q9+p/LdIVY1S8mBIiR07dF+sQKQgiIfepWqqlm0JKkmYE8o4WZDQnrch+22o
0IAN37snGMJU48uip1JM09yeqBMsAYmRxD9OvDyad8i9Ij/7sbLrq1bsDMY52ypN
I2827XqgxJAOjdcQYQhh21a2ifb5t8muhxNO42eOpOjSD5QK6/nHNRgYr2IHAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUwajbWHiC7vSCH6eH3XDfdGLZWi4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAyMjE1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUiZf
AwQAslMcMA0GCSqGSIb3DQEBCwUAA4IBAQA0eDpnsaT4MXkhLYo/+aIoJp1bKzZS
WIEyY5mfju1lML/PtO6KrTYQqyeL92hNcA23aPd00N8U9WCYUeL/VP+yCm+nVu+7
UAyXTY5Q1B9haQ1G31SgjOsg2nH80apJmw/scMl/EB46hJBa7Trv2XQ/60hd0XvD
lrm6kePL7IcDmYFnNq80R7VwbfR9xVqq0r4ZM0tPzLw8BUsO3jfICcjOqjHRwCMG
dGmeEEQ/6Aq/tU+oVmhL6FfXDk5hWINf7Cllg5EH9wbeGRfo89s5DpZzxl6iP4i9
UAScORKv+iJwVgaJ3fyINoFlx9DVKJb2W085maF49z71RgeHxDdvEzFq
-----END CERTIFICATE-----
Generated at Wed May 13 00:34:52 2026 by rpki-client