Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: OnRkDFK7Z8TW/tnAKlWt4D94sTOMs8ufBb5e8QquKZQ=
Subject key identifier: CD:CA:5D:EE:78:DF:B0:0F:6F:1A:87:B6:F2:46:D5:93:EB:5A:9F:E9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 718955F090D5FB5F76F56CD552843F62E794E17C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
Signing time: Sun 19 Oct 2025 00:00:36 +0000
ROA not before: Sat 18 Oct 2025 23:55:36 +0000
ROA not after: Sun 18 Oct 2026 00:00:36 +0000
asID: 42831
IP address blocks: 82.21.128.0/24 maxlen: 24
82.21.131.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:89:55:f0:90:d5:fb:5f:76:f5:6c:d5:52:84:3f:62:e7:94:e1:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 18 23:55:36 2025 GMT
Not After : Oct 18 00:00:36 2026 GMT
Subject: CN=CDCA5DEE78DFB00F6F1A87B6F246D593EB5A9FE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2b:c9:f4:de:5b:f4:a7:ad:5a:a6:c3:fe:99:
96:e4:00:29:cb:8d:5d:fb:06:80:70:ac:b4:59:17:
a0:29:9e:f8:1a:2f:68:00:07:b3:b2:ba:e3:d9:2c:
07:d7:98:88:13:5f:ef:ae:a6:e1:83:9e:b6:20:9c:
af:73:60:d3:61:3d:ef:2e:36:ba:95:9a:b2:b5:bd:
70:68:c1:9c:85:b0:d5:45:0d:3f:61:19:18:64:8a:
5b:4b:92:44:2a:99:0a:27:23:1d:6f:c4:4a:7d:69:
ac:af:0e:ff:1d:6f:30:cf:01:62:73:32:03:e4:d0:
fe:b2:25:8f:fd:4a:41:84:ef:9f:98:58:aa:f1:73:
b7:4a:6b:2e:83:5e:27:46:04:c3:2d:38:56:b2:79:
09:bf:3a:21:81:a5:7f:aa:b8:c6:37:ab:00:1a:87:
96:e5:62:e5:a9:9e:cb:aa:29:96:9b:d5:6f:6b:11:
93:c4:94:fe:30:ed:36:e0:da:1c:f8:4b:f4:ee:ae:
58:af:15:42:bb:90:c9:1b:1e:01:30:35:a1:8a:43:
7d:3f:62:e0:ed:62:d7:1c:3d:50:5a:73:8d:93:b5:
44:7b:db:37:4d:8a:f2:ea:27:86:1a:27:2b:af:39:
bb:aa:91:da:a3:85:3e:33:c0:ce:45:9d:b7:3e:56:
c1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CA:5D:EE:78:DF:B0:0F:6F:1A:87:B6:F2:46:D5:93:EB:5A:9F:E9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.128.0/24
82.21.131.0/24
82.26.120.0/24
82.26.140.0/24
Signature Algorithm: sha256WithRSAEncryption
39:47:86:f6:e2:b5:60:59:d0:dc:34:da:d8:b2:da:58:42:92:
91:fa:81:0a:61:3b:0a:33:30:50:e0:51:82:f7:1e:89:18:41:
dd:10:f6:02:6e:6c:f4:d7:ac:30:18:be:97:b3:42:c1:ba:19:
4f:70:47:87:44:75:1c:c3:cb:b6:d2:2c:a6:2d:42:fb:e2:9a:
87:99:e7:ed:f1:c2:bd:db:f8:8d:e6:c3:85:e7:45:c1:ee:1c:
e3:c5:01:c2:66:3a:c3:4e:ca:f3:2b:4e:78:20:fe:7b:34:ae:
54:32:df:ee:d7:6c:1b:21:eb:2f:25:77:f2:76:f9:e3:81:03:
7b:e0:88:c9:4d:4a:fb:9b:e4:a9:f9:56:c9:40:6e:e6:82:20:
94:3e:25:8f:9e:b5:fc:22:54:0d:c2:dc:2e:3b:93:cf:cc:4f:
f3:cd:82:49:00:ac:81:0e:35:f1:2e:34:26:32:f1:ea:d2:d5:
c3:21:99:be:26:7e:0a:56:c8:94:16:dd:30:4f:a8:ef:02:51:
7e:34:37:a2:65:5b:68:2e:49:af:00:bf:7c:fc:d1:bd:71:e6:
15:38:44:fd:17:fd:79:22:ac:64:6d:7c:40:b1:5f:16:73:c5:
b2:68:b0:cc:ec:85:84:fc:6b:a1:cb:58:5f:4c:d5:d2:8e:a3:
07:5a:61:10
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUcYlV8JDV+1929WzVUoQ/YueU4XwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMTgyMzU1MzZaFw0yNjEwMTgwMDAwMzZaMDMxMTAvBgNV
BAMTKENEQ0E1REVFNzhERkIwMEY2RjFBODdCNkYyNDZENTkzRUI1QTlGRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeK8n03lv0p61apsP+mZbkACnL
jV37BoBwrLRZF6ApnvgaL2gAB7OyuuPZLAfXmIgTX++upuGDnrYgnK9zYNNhPe8u
NrqVmrK1vXBowZyFsNVFDT9hGRhkiltLkkQqmQonIx1vxEp9aayvDv8dbzDPAWJz
MgPk0P6yJY/9SkGE75+YWKrxc7dKay6DXidGBMMtOFayeQm/OiGBpX+quMY3qwAa
h5blYuWpnsuqKZab1W9rEZPElP4w7Tbg2hz4S/TurlivFUK7kMkbHgEwNaGKQ30/
YuDtYtccPVBac42TtUR72zdNivLqJ4YaJyuvObuqkdqjhT4zwM5Fnbc+VsERAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUzcpd7njfsA9vGoe28kbVk+tan+kwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABSFYAD
BABSFYMDBABSGngDBABSGowwDQYJKoZIhvcNAQELBQADggEBADlHhvbitWBZ0Nw0
2tiy2lhCkpH6gQphOwozMFDgUYL3HokYQd0Q9gJubPTXrDAYvpezQsG6GU9wR4dE
dRzDy7bSLKYtQvvimoeZ5+3xwr3b+I3mw4XnRcHuHOPFAcJmOsNOyvMrTngg/ns0
rlQy3+7XbBsh6y8ld/J2+eOBA3vgiMlNSvub5Kn5VslAbuaCIJQ+JY+etfwiVA3C
3C47k8/MT/PNgkkArIEONfEuNCYy8erS1cMhmb4mfgpWyJQW3TBPqO8CUX40N6Jl
W2guSa8Av3z80b1x5hU4RP0X/XkirGRtfECxXxZzxbJosMzshYT8a6HLWF9M1dKO
owdaYRA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:42:40 2025 by rpki-client