Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS8368.roa
File: AS8368.roa (raw, json)
Hash identifier: 3y9/lX5L7LViiJQgPs3LSRLvfxmbuwk616qxZB2dfio=
Subject key identifier: 13:20:D6:12:B1:CA:87:C0:B0:A2:EE:C3:85:96:D1:C5:03:C7:A4:E8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2D68E76A03FB0D8E6E56EA7B1342E05CC1AD2489
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS8368.roa
Signing time: Thu 19 Mar 2026 07:01:57 +0000
ROA not before: Thu 19 Mar 2026 06:56:57 +0000
ROA not after: Thu 18 Mar 2027 07:01:57 +0000
asID: 8368
IP address blocks: 82.21.234.0/24 maxlen: 24
82.22.233.0/24 maxlen: 24
82.23.228.0/24 maxlen: 24
82.29.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:68:e7:6a:03:fb:0d:8e:6e:56:ea:7b:13:42:e0:5c:c1:ad:24:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 19 06:56:57 2026 GMT
Not After : Mar 18 07:01:57 2027 GMT
Subject: CN=1320D612B1CA87C0B0A2EEC38596D1C503C7A4E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:55:63:cc:31:e6:0d:b8:db:1b:0a:4e:6c:b4:
8e:65:9a:ea:da:81:ad:6e:4e:80:7c:15:13:85:dc:
d5:0f:b5:f0:78:fa:30:c0:da:77:5e:47:9a:e4:4c:
ee:e9:74:4d:54:6c:ca:e1:6e:ab:35:63:66:67:39:
62:61:bc:f8:f7:81:bf:79:49:52:79:74:ed:d7:ad:
d8:bd:30:ea:bc:92:2b:e7:70:03:bd:ca:c2:19:35:
a3:f4:38:d9:43:2d:e5:5e:c9:9e:2d:f6:e0:03:42:
34:5d:0e:f7:c9:49:61:99:f1:70:7c:f2:dc:6c:ff:
24:2f:57:4f:27:96:af:32:0b:4b:f8:1a:5f:f3:1c:
7c:db:c9:98:57:98:98:23:87:77:71:67:21:44:35:
ac:ee:00:a0:7c:59:d4:e9:5e:98:44:3e:4d:08:c0:
b3:c9:7b:85:f1:82:82:8f:11:37:e1:6e:0f:e0:60:
46:dd:f0:81:0a:b9:be:50:74:ed:45:43:81:a3:67:
74:0a:a5:46:c2:ab:86:b3:ca:ec:15:76:33:27:a3:
cd:e5:ca:b2:76:06:6f:3c:b0:ff:ba:5a:f8:6e:9f:
ad:87:d4:31:c0:cc:c1:7a:35:05:4e:2f:aa:d8:6c:
62:51:cf:1a:ef:e8:46:b3:44:f4:ef:06:58:c9:49:
f1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:20:D6:12:B1:CA:87:C0:B0:A2:EE:C3:85:96:D1:C5:03:C7:A4:E8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS8368.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.234.0/24
82.22.233.0/24
82.23.228.0/24
82.29.239.0/24
Signature Algorithm: sha256WithRSAEncryption
84:49:da:49:e3:3b:2c:80:a1:5d:12:c5:b5:7b:39:9f:86:78:
f9:7c:32:a2:75:e5:26:7e:d1:75:11:19:8c:5c:b7:6b:27:35:
f9:d7:d0:24:cb:6c:99:e6:e8:1e:ae:58:fb:11:d1:ec:98:5c:
d4:bd:78:ca:aa:5e:72:44:3f:87:43:c3:3c:d0:4c:1f:7a:d8:
45:ae:3f:4b:c2:d4:c2:91:9a:23:6f:63:2c:5e:59:59:fc:e1:
cf:34:74:b0:ff:62:42:f2:7d:aa:cd:27:ec:b3:e4:d6:ee:6e:
bc:42:f4:dd:47:2c:ba:eb:17:0f:26:4f:79:60:15:1f:87:a9:
12:6a:d5:21:e3:dd:34:1e:10:64:57:7a:15:3b:06:ad:80:53:
c1:7c:4e:5d:29:ba:46:4c:27:3e:7d:9a:d0:45:e7:86:af:5e:
78:3b:3e:4e:f7:cd:77:a8:f1:a7:cc:e3:0c:ad:c3:37:27:c6:
9a:0b:e0:a8:c1:a1:3d:ee:63:77:c8:40:06:66:8d:c6:e5:42:
cf:16:30:fa:35:42:cb:64:ea:03:95:56:89:59:f8:60:3b:19:
44:f1:2a:06:f4:ec:5d:fb:d6:e4:07:f0:b9:aa:ce:f2:ef:21:
a8:db:6d:0a:07:73:b4:e6:1d:06:bf:ca:01:14:1b:0c:26:d8:
12:d4:2b:c4
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIULWjnagP7DY5uVup7E0LgXMGtJIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTkwNjU2NTdaFw0yNzAzMTgwNzAxNTdaMDMxMTAvBgNV
BAMTKDEzMjBENjEyQjFDQTg3QzBCMEEyRUVDMzg1OTZEMUM1MDNDN0E0RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHVWPMMeYNuNsbCk5stI5lmura
ga1uToB8FROF3NUPtfB4+jDA2ndeR5rkTO7pdE1UbMrhbqs1Y2ZnOWJhvPj3gb95
SVJ5dO3Xrdi9MOq8kivncAO9ysIZNaP0ONlDLeVeyZ4t9uADQjRdDvfJSWGZ8XB8
8txs/yQvV08nlq8yC0v4Gl/zHHzbyZhXmJgjh3dxZyFENazuAKB8WdTpXphEPk0I
wLPJe4XxgoKPETfhbg/gYEbd8IEKub5QdO1FQ4GjZ3QKpUbCq4azyuwVdjMno83l
yrJ2Bm88sP+6Wvhun62H1DHAzMF6NQVOL6rYbGJRzxrv6EazRPTvBljJSfGzAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQUEyDWErHKh8Cwou7DhZbRxQPHpOgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM2OC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFIV6gME
AFIW6QMEAFIX5AMEAFId7zANBgkqhkiG9w0BAQsFAAOCAQEAhEnaSeM7LIChXRLF
tXs5n4Z4+XwyonXlJn7RdREZjFy3ayc1+dfQJMtsmeboHq5Y+xHR7Jhc1L14yqpe
ckQ/h0PDPNBMH3rYRa4/S8LUwpGaI29jLF5ZWfzhzzR0sP9iQvJ9qs0n7LPk1u5u
vEL03UcsuusXDyZPeWAVH4epEmrVIePdNB4QZFd6FTsGrYBTwXxOXSm6RkwnPn2a
0EXnhq9eeDs+TvfNd6jxp8zjDK3DNyfGmgvgqMGhPe5jd8hABmaNxuVCzxYw+jVC
y2TqA5VWiVn4YDsZRPEqBvTsXfvW5AfwuarO8u8hqNttCgdztOYdBr/KARQbDCbY
EtQrxA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:50 2026 by rpki-client