Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: hzK/wS4p4Duo+KjJhrj17bsowXTp3A9+IGvm+K5rPq4=
Subject key identifier: 90:51:A5:04:F4:65:00:92:F9:E6:8A:B5:D9:85:27:5B:7F:D6:17:5E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 03AEC11E3A8F8BC698B44DDF9431C53E5A5B0302
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
Signing time: Wed 22 Apr 2026 22:05:46 +0000
ROA not before: Wed 22 Apr 2026 22:00:46 +0000
ROA not after: Wed 21 Apr 2027 22:05:46 +0000
asID: 42831
IP address blocks: 82.21.128.0/24 maxlen: 24
82.21.131.0/24 maxlen: 24
82.22.56.0/24 maxlen: 24
82.22.58.0/24 maxlen: 24
82.24.24.0/24 maxlen: 24
82.24.33.0/24 maxlen: 24
82.24.81.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.25.41.0/24 maxlen: 24
82.25.59.0/24 maxlen: 24
82.25.143.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.140.0/24 maxlen: 24
82.26.169.0/24 maxlen: 24
82.38.5.0/24 maxlen: 24
82.38.6.0/24 maxlen: 24
82.38.18.0/24 maxlen: 24
82.38.29.0/24 maxlen: 24
82.38.30.0/24 maxlen: 24
82.38.33.0/24 maxlen: 24
82.38.48.0/24 maxlen: 24
82.38.49.0/24 maxlen: 24
82.38.50.0/24 maxlen: 24
82.38.51.0/24 maxlen: 24
82.38.99.0/24 maxlen: 24
82.38.182.0/24 maxlen: 24
82.39.115.0/24 maxlen: 24
82.39.132.0/24 maxlen: 24
82.39.144.0/24 maxlen: 24
82.39.153.0/24 maxlen: 24
82.39.184.0/24 maxlen: 24
82.39.204.0/24 maxlen: 24
82.41.4.0/24 maxlen: 24
82.41.16.0/24 maxlen: 24
82.41.17.0/24 maxlen: 24
82.41.18.0/24 maxlen: 24
82.41.43.0/24 maxlen: 24
82.41.59.0/24 maxlen: 24
82.41.118.0/24 maxlen: 24
82.41.121.0/24 maxlen: 24
82.41.141.0/24 maxlen: 24
82.41.144.0/24 maxlen: 24
82.41.145.0/24 maxlen: 24
82.41.147.0/24 maxlen: 24
82.41.196.0/24 maxlen: 24
82.41.201.0/24 maxlen: 24
82.41.203.0/24 maxlen: 24
82.47.20.0/24 maxlen: 24
82.47.166.0/24 maxlen: 24
82.47.175.0/24 maxlen: 24
2a13:9500:108::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:ae:c1:1e:3a:8f:8b:c6:98:b4:4d:df:94:31:c5:3e:5a:5b:03:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 22 22:00:46 2026 GMT
Not After : Apr 21 22:05:46 2027 GMT
Subject: CN=9051A504F4650092F9E68AB5D985275B7FD6175E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:60:ce:98:11:d8:a2:99:35:5f:9a:1b:cb:15:
c8:38:8c:bd:78:ff:7f:48:3f:ca:4d:d5:ef:b1:b9:
ad:ad:9e:5e:96:f4:3d:fb:19:b5:d5:7b:30:90:28:
42:13:31:2e:c1:77:67:8e:68:12:15:a7:9b:54:17:
89:b4:a8:45:21:14:f9:75:a7:16:39:a6:a3:ae:49:
4b:e8:62:6b:2e:13:a7:d7:1f:c6:0f:45:5e:25:b4:
ac:9e:a1:ce:e2:58:9b:f5:e4:cc:f9:e3:f4:e9:5a:
9e:05:0e:5d:04:86:bf:08:62:b9:df:43:c8:29:cc:
af:c7:8b:c3:83:6f:bc:a2:60:e3:c2:aa:b5:e8:36:
67:ca:fd:0c:da:34:b6:e0:80:b9:78:88:18:54:88:
60:9a:32:11:e3:71:6e:b4:e0:42:75:31:e1:a3:84:
51:98:2f:cf:25:eb:1b:37:7c:07:72:aa:0a:3e:6a:
68:73:c4:3d:db:5d:16:0d:8c:14:ba:f8:df:93:ff:
8c:60:04:12:24:ca:48:10:85:15:85:ba:f0:46:23:
6e:72:38:ee:69:38:40:c6:20:b0:23:84:a9:e4:5b:
75:01:fb:f8:ad:e4:04:d4:3e:fc:0d:d3:d2:34:02:
d7:95:20:e2:b0:25:11:a7:61:7f:9f:b4:ec:96:09:
cf:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:51:A5:04:F4:65:00:92:F9:E6:8A:B5:D9:85:27:5B:7F:D6:17:5E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.128.0/24
82.21.131.0/24
82.22.56.0/24
82.22.58.0/24
82.24.24.0/24
82.24.33.0/24
82.24.81.0/24
82.24.126.0/24
82.25.41.0/24
82.25.59.0/24
82.25.143.0/24
82.25.205.0/24
82.26.120.0/24
82.26.140.0/24
82.26.169.0/24
82.38.5.0-82.38.6.255
82.38.18.0/24
82.38.29.0-82.38.30.255
82.38.33.0/24
82.38.48.0/22
82.38.99.0/24
82.38.182.0/24
82.39.115.0/24
82.39.132.0/24
82.39.144.0/24
82.39.153.0/24
82.39.184.0/24
82.39.204.0/24
82.41.4.0/24
82.41.16.0-82.41.18.255
82.41.43.0/24
82.41.59.0/24
82.41.118.0/24
82.41.121.0/24
82.41.141.0/24
82.41.144.0/23
82.41.147.0/24
82.41.196.0/24
82.41.201.0/24
82.41.203.0/24
82.47.20.0/24
82.47.166.0/24
82.47.175.0/24
IPv6:
2a13:9500:108::/48
Signature Algorithm: sha256WithRSAEncryption
68:9c:8a:71:64:90:d3:d4:55:aa:5a:da:18:81:de:bb:24:13:
aa:ac:78:41:09:3a:c4:d1:4e:41:d7:b4:2c:b3:a2:d8:43:18:
2a:8c:09:8f:91:8f:11:4c:b7:ef:f2:77:10:4a:16:c2:f9:86:
13:f5:6d:da:e2:ff:40:4f:22:6d:db:6f:6c:9a:92:ef:cb:c7:
01:5b:e1:d6:7c:8e:62:8f:96:d2:b8:82:66:02:93:3d:49:bc:
b1:f1:81:09:4c:e6:f3:8e:80:a1:84:23:db:c5:72:cd:5a:b4:
3c:c9:c4:00:06:57:56:5c:d9:18:00:7e:87:8e:ea:7b:98:15:
de:51:cb:1a:69:69:74:a6:35:5d:83:ff:28:cf:e3:27:bf:d8:
17:be:73:3c:54:55:4b:1c:c5:b6:94:2e:c1:28:20:41:13:8c:
9f:08:a8:6c:db:28:e1:b1:6b:7c:82:f1:c6:eb:d6:10:2b:94:
c4:8b:f2:e9:3d:1d:4e:fc:85:df:6c:1e:82:ed:5c:59:9c:96:
ed:62:3c:ea:a7:9f:27:13:a5:b5:e9:9a:ca:36:81:26:af:3e:
cd:5f:fd:61:24:63:7b:58:ee:a5:fa:0c:30:cf:3e:73:8f:24:
0a:85:4b:85:b0:cc:3e:56:ee:56:4c:3f:1d:65:ae:e1:2d:09:
7a:ca:c3:dd
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIUA67BHjqPi8aYtE3flDHFPlpbAwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjIyMjAwNDZaFw0yNzA0MjEyMjA1NDZaMDMxMTAvBgNV
BAMTKDkwNTFBNTA0RjQ2NTAwOTJGOUU2OEFCNUQ5ODUyNzVCN0ZENjE3NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPYM6YEdiimTVfmhvLFcg4jL14
/39IP8pN1e+xua2tnl6W9D37GbXVezCQKEITMS7Bd2eOaBIVp5tUF4m0qEUhFPl1
pxY5pqOuSUvoYmsuE6fXH8YPRV4ltKyeoc7iWJv15Mz54/TpWp4FDl0Ehr8IYrnf
Q8gpzK/Hi8ODb7yiYOPCqrXoNmfK/QzaNLbggLl4iBhUiGCaMhHjcW604EJ1MeGj
hFGYL88l6xs3fAdyqgo+amhzxD3bXRYNjBS6+N+T/4xgBBIkykgQhRWFuvBGI25y
OO5pOEDGILAjhKnkW3UB+/it5ATUPvwN09I0AteVIOKwJRGnYX+ftOyWCc+9AgMB
AAGjggM4MIIDNDAdBgNVHQ4EFgQUkFGlBPRlAJL55oq12YUnW3/WF14wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFMBggrBgEFBQcBBwEB/wSCATswggE3MIIBIgQCAAEw
ggEaAwQAUhWAAwQAUhWDAwQAUhY4AwQAUhY6AwQAUhgYAwQAUhghAwQAUhhRAwQA
Uhh+AwQAUhkpAwQAUhk7AwQAUhmPAwQAUhnNAwQAUhp4AwQAUhqMAwQAUhqpMAwD
BABSJgUDBABSJgYDBABSJhIwDAMEAFImHQMEAFImHgMEAFImIQMEAlImMAMEAFIm
YwMEAFImtgMEAFIncwMEAFInhAMEAFInkAMEAFInmQMEAFInuAMEAFInzAMEAFIp
BDAMAwQEUikQAwQAUikSAwQAUikrAwQAUik7AwQAUil2AwQAUil5AwQAUimNAwQB
UimQAwQAUimTAwQAUinEAwQAUinJAwQAUinLAwQAUi8UAwQAUi+mAwQAUi+vMA8E
AgACMAkDBwAqE5UAAQgwDQYJKoZIhvcNAQELBQADggEBAGicinFkkNPUVapa2hiB
3rskE6qseEEJOsTRTkHXtCyzothDGCqMCY+RjxFMt+/ydxBKFsL5hhP1bdri/0BP
Im3bb2yaku/LxwFb4dZ8jmKPltK4gmYCkz1JvLHxgQlM5vOOgKGEI9vFcs1atDzJ
xAAGV1Zc2RgAfoeO6nuYFd5RyxppaXSmNV2D/yjP4ye/2Be+czxUVUscxbaULsEo
IEETjJ8IqGzbKOGxa3yC8cbr1hArlMSL8uk9HU78hd9sHoLtXFmclu1iPOqnnycT
pbXpmso2gSavPs1f/WEkY3tY7qX6DDDPPnOPJAqFS4WwzD5W7lZMPx1lruEtCXrK
w90=
-----END CERTIFICATE-----
Generated at Tue May 12 21:47:26 2026 by rpki-client