Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: JsaGPd2tmmr/zt24k1eZ2JcgCULWt8N7Lvo/AJ6N2YQ=
Subject key identifier: B2:CA:C4:29:DA:5E:52:CA:12:7D:BD:BF:8E:DB:A8:07:64:4C:91:D4
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0963354ECBBBF692069D13435FDC465A244EE528
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
Signing time: Thu 19 Mar 2026 16:04:24 +0000
ROA not before: Thu 19 Mar 2026 15:59:24 +0000
ROA not after: Thu 18 Mar 2027 16:04:24 +0000
asID: 42831
IP address blocks: 82.21.128.0/24 maxlen: 24
82.21.131.0/24 maxlen: 24
82.22.56.0/24 maxlen: 24
82.22.58.0/24 maxlen: 24
82.24.24.0/24 maxlen: 24
82.24.33.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.25.41.0/24 maxlen: 24
82.25.59.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.140.0/24 maxlen: 24
82.38.18.0/24 maxlen: 24
82.38.29.0/24 maxlen: 24
82.38.30.0/24 maxlen: 24
82.38.33.0/24 maxlen: 24
82.38.48.0/24 maxlen: 24
82.38.49.0/24 maxlen: 24
82.38.50.0/24 maxlen: 24
82.38.99.0/24 maxlen: 24
82.38.182.0/24 maxlen: 24
82.39.115.0/24 maxlen: 24
82.39.144.0/24 maxlen: 24
82.39.153.0/24 maxlen: 24
82.39.184.0/24 maxlen: 24
82.39.204.0/24 maxlen: 24
82.41.4.0/24 maxlen: 24
82.41.16.0/24 maxlen: 24
82.41.17.0/24 maxlen: 24
82.41.18.0/24 maxlen: 24
82.41.43.0/24 maxlen: 24
82.41.59.0/24 maxlen: 24
82.41.118.0/24 maxlen: 24
82.41.121.0/24 maxlen: 24
82.41.144.0/24 maxlen: 24
82.41.145.0/24 maxlen: 24
82.41.147.0/24 maxlen: 24
82.41.201.0/24 maxlen: 24
82.41.203.0/24 maxlen: 24
2a13:9500:108::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:63:35:4e:cb:bb:f6:92:06:9d:13:43:5f:dc:46:5a:24:4e:e5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 19 15:59:24 2026 GMT
Not After : Mar 18 16:04:24 2027 GMT
Subject: CN=B2CAC429DA5E52CA127DBDBF8EDBA807644C91D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4a:1c:b0:2b:f0:13:e4:1b:69:3c:a4:52:80:
6e:80:08:af:a3:08:9c:3e:2c:93:a7:61:45:ed:d4:
82:28:6c:b0:bd:aa:db:6a:e5:e1:09:98:22:6e:1f:
6d:24:e2:46:59:2e:03:17:5f:c5:eb:1a:18:fc:e7:
6d:b1:1d:b8:34:1d:47:5c:41:ea:f4:78:90:a9:62:
e4:90:70:2e:c9:21:08:c6:03:95:33:fa:9d:74:12:
fe:70:29:19:5b:61:73:b9:a6:22:52:2a:df:8a:81:
4c:58:31:7f:6d:e3:37:9e:75:47:9b:48:b1:b2:ee:
7c:b1:ff:c5:1d:b7:ca:b7:b0:21:04:7a:4d:b4:a5:
0e:72:70:dc:4c:54:dd:0d:cd:1f:92:3b:62:89:f7:
eb:3e:03:25:11:76:b8:e0:ba:04:34:29:36:58:08:
ea:8f:db:e6:82:c5:3f:8c:19:84:46:24:8a:05:9f:
c4:c1:cc:37:72:db:1f:58:24:8b:4c:d2:0a:1c:8d:
ee:e8:52:40:96:51:18:1f:d1:7d:4e:46:c5:66:95:
59:76:6f:ac:3f:3f:c7:76:93:cb:8b:23:6f:3b:88:
d2:25:34:d8:7e:6a:37:a1:8d:01:18:f6:27:e3:86:
e2:c0:54:c5:46:2e:e1:b2:af:15:f9:4a:8e:1f:6e:
4d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CA:C4:29:DA:5E:52:CA:12:7D:BD:BF:8E:DB:A8:07:64:4C:91:D4
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.128.0/24
82.21.131.0/24
82.22.56.0/24
82.22.58.0/24
82.24.24.0/24
82.24.33.0/24
82.24.126.0/24
82.25.41.0/24
82.25.59.0/24
82.25.205.0/24
82.26.120.0/24
82.26.140.0/24
82.38.18.0/24
82.38.29.0-82.38.30.255
82.38.33.0/24
82.38.48.0-82.38.50.255
82.38.99.0/24
82.38.182.0/24
82.39.115.0/24
82.39.144.0/24
82.39.153.0/24
82.39.184.0/24
82.39.204.0/24
82.41.4.0/24
82.41.16.0-82.41.18.255
82.41.43.0/24
82.41.59.0/24
82.41.118.0/24
82.41.121.0/24
82.41.144.0/23
82.41.147.0/24
82.41.201.0/24
82.41.203.0/24
IPv6:
2a13:9500:108::/48
Signature Algorithm: sha256WithRSAEncryption
7c:2d:e3:a5:78:3f:2e:04:3e:5d:51:d6:a8:cb:31:05:24:6d:
a6:2d:10:4f:0a:83:39:0a:4e:48:d3:a7:10:7b:5f:2d:8c:1e:
f5:2b:1d:b4:e0:61:a2:2e:a0:0b:7d:de:e4:10:8c:9f:bc:3f:
ea:d3:5c:8e:ae:8d:08:41:ba:51:ab:4f:77:b7:df:eb:e4:ef:
ff:d6:e2:40:70:81:ef:29:cf:ad:b3:f3:38:1d:e4:7b:a2:dd:
6b:85:dd:62:c8:7a:b3:d9:ec:1e:c2:49:42:e2:a6:32:46:80:
bd:39:b5:a6:98:d0:db:07:11:3a:e5:4b:07:64:a0:15:85:c2:
e7:7f:28:a2:ed:67:0c:e0:0a:2c:93:96:82:9b:63:ed:11:90:
b2:56:81:f4:42:43:d7:fa:81:f0:a7:3e:81:2a:6a:fa:d7:78:
d5:33:e0:01:d3:b4:46:6a:b2:09:63:0a:90:86:db:3b:ad:2d:
ce:1f:81:ff:e1:a3:d4:66:a4:0c:6b:3c:e2:2a:f1:b2:c9:df:
ee:26:f3:f8:4c:bf:44:12:f3:c4:05:9a:84:d4:3f:e8:c2:de:
56:e0:35:cd:fc:7d:3d:34:eb:dc:02:4d:00:ba:73:1c:12:40:
ba:a4:b8:85:ef:9a:b8:c8:13:ef:73:7e:63:0b:20:28:5d:64:
fa:6f:86:25
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgIUCWM1Tsu79pIGnRNDX9xGWiRO5SgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTkxNTU5MjRaFw0yNzAzMTgxNjA0MjRaMDMxMTAvBgNV
BAMTKEIyQ0FDNDI5REE1RTUyQ0ExMjdEQkRCRjhFREJBODA3NjQ0QzkxRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnShywK/AT5BtpPKRSgG6ACK+j
CJw+LJOnYUXt1IIobLC9qttq5eEJmCJuH20k4kZZLgMXX8XrGhj8522xHbg0HUdc
Qer0eJCpYuSQcC7JIQjGA5Uz+p10Ev5wKRlbYXO5piJSKt+KgUxYMX9t4zeedUeb
SLGy7nyx/8Udt8q3sCEEek20pQ5ycNxMVN0NzR+SO2KJ9+s+AyURdrjgugQ0KTZY
COqP2+aCxT+MGYRGJIoFn8TBzDdy2x9YJItM0gocje7oUkCWURgf0X1ORsVmlVl2
b6w/P8d2k8uLI287iNIlNNh+ajehjQEY9ifjhuLAVMVGLuGyrxX5So4fbk3hAgMB
AAGjggL4MIIC9DAdBgNVHQ4EFgQUssrEKdpeUsoSfb2/jtuoB2RMkdQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEMBggrBgEFBQcBBwEB/wSB/DCB+TCB5QQCAAEwgd4D
BABSFYADBABSFYMDBABSFjgDBABSFjoDBABSGBgDBABSGCEDBABSGH4DBABSGSkD
BABSGTsDBABSGc0DBABSGngDBABSGowDBABSJhIwDAMEAFImHQMEAFImHgMEAFIm
ITAMAwQEUiYwAwQAUiYyAwQAUiZjAwQAUia2AwQAUidzAwQAUieQAwQAUieZAwQA
Uie4AwQAUifMAwQAUikEMAwDBARSKRADBABSKRIDBABSKSsDBABSKTsDBABSKXYD
BABSKXkDBAFSKZADBABSKZMDBABSKckDBABSKcswDwQCAAIwCQMHACoTlQABCDAN
BgkqhkiG9w0BAQsFAAOCAQEAfC3jpXg/LgQ+XVHWqMsxBSRtpi0QTwqDOQpOSNOn
EHtfLYwe9SsdtOBhoi6gC33e5BCMn7w/6tNcjq6NCEG6UatPd7ff6+Tv/9biQHCB
7ynPrbPzOB3ke6Lda4XdYsh6s9nsHsJJQuKmMkaAvTm1ppjQ2wcROuVLB2SgFYXC
538oou1nDOAKLJOWgptj7RGQslaB9EJD1/qB8Kc+gSpq+td41TPgAdO0RmqyCWMK
kIbbO60tzh+B/+Gj1GakDGs84irxssnf7ibz+Ey/RBLzxAWahNQ/6MLeVuA1zfx9
PTTr3AJNALpzHBJAuqS4he+auMgT73N+YwsgKF1k+m+GJQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:23 2026 by rpki-client