Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS8881.roa
File: AS8881.roa (raw, json)
Hash identifier: nw1zO+sNiA2y4jP9XNCqV9ssc8xE+oLwugaikAY3kZ4=
Subject key identifier: A6:E0:71:85:7D:59:36:76:2F:8E:A7:47:20:19:E3:78:32:8D:32:30
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 76B62A78E81FB9974AA882EA85BC797D6A21C813
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS8881.roa
Signing time: Fri 20 Mar 2026 00:02:00 +0000
ROA not before: Thu 19 Mar 2026 23:57:00 +0000
ROA not after: Fri 19 Mar 2027 00:02:00 +0000
asID: 8881
IP address blocks: 82.21.129.0/24 maxlen: 24
82.22.177.0/24 maxlen: 24
82.22.178.0/24 maxlen: 24
82.22.180.0/24 maxlen: 24
82.23.65.0/24 maxlen: 24
82.23.66.0/24 maxlen: 24
82.23.67.0/24 maxlen: 24
82.23.68.0/24 maxlen: 24
82.23.70.0/24 maxlen: 24
82.23.71.0/24 maxlen: 24
82.23.72.0/24 maxlen: 24
82.23.73.0/24 maxlen: 24
82.23.75.0/24 maxlen: 24
82.23.76.0/24 maxlen: 24
82.23.77.0/24 maxlen: 24
82.23.78.0/24 maxlen: 24
82.23.80.0/24 maxlen: 24
82.23.81.0/24 maxlen: 24
82.23.82.0/24 maxlen: 24
82.23.83.0/24 maxlen: 24
82.23.84.0/24 maxlen: 24
82.23.85.0/24 maxlen: 24
82.23.86.0/24 maxlen: 24
82.23.87.0/24 maxlen: 24
82.23.88.0/24 maxlen: 24
82.23.89.0/24 maxlen: 24
82.23.90.0/24 maxlen: 24
82.23.91.0/24 maxlen: 24
82.24.22.0/24 maxlen: 24
82.24.61.0/24 maxlen: 24
82.24.207.0/24 maxlen: 24
82.26.206.0/24 maxlen: 24
82.29.127.0/24 maxlen: 24
82.29.138.0/24 maxlen: 24
82.29.140.0/24 maxlen: 24
82.29.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:b6:2a:78:e8:1f:b9:97:4a:a8:82:ea:85:bc:79:7d:6a:21:c8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 19 23:57:00 2026 GMT
Not After : Mar 19 00:02:00 2027 GMT
Subject: CN=A6E071857D5936762F8EA7472019E378328D3230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:38:ba:57:a3:cf:16:e6:b6:b4:50:02:84:67:
e7:0b:03:ed:bc:e3:9c:b0:b8:8f:9e:9a:a1:dd:e9:
95:08:e7:98:90:97:c3:df:1d:91:66:bb:1c:28:6a:
82:1c:91:11:f9:04:c7:89:8a:c4:99:47:dd:9e:c1:
c2:dc:df:59:02:29:55:9e:c8:90:e1:27:34:b0:96:
a6:d5:08:e4:ba:35:2d:9b:01:56:b0:78:7e:4d:cb:
23:ec:f3:8f:65:f9:68:8e:7f:c0:72:28:ee:c9:d5:
3b:e3:ff:8b:49:1d:57:b8:95:e3:e3:ac:be:e5:48:
3f:3f:19:11:3c:52:c7:3b:2a:66:54:b0:a1:de:1c:
87:a6:a0:95:0e:c8:52:a2:cd:1b:e5:04:cb:48:40:
9c:f1:6b:b8:b8:b4:92:6f:7e:96:27:33:6f:fd:7e:
13:ee:19:c7:42:7a:97:62:0d:da:b4:31:bc:95:31:
54:38:b2:4d:59:fe:e0:c4:1a:dd:d0:de:37:1b:8c:
d2:ab:fc:8b:82:4f:31:ba:85:7b:f4:7e:5b:14:36:
48:04:56:38:b9:75:82:70:f1:4e:bf:f3:cf:af:c9:
02:c4:9e:0f:09:b9:1e:20:a1:28:c9:1b:e5:25:85:
fd:fc:12:97:ae:18:7e:a0:17:26:1f:1e:42:ec:0a:
3c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E0:71:85:7D:59:36:76:2F:8E:A7:47:20:19:E3:78:32:8D:32:30
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS8881.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.129.0/24
82.22.177.0-82.22.178.255
82.22.180.0/24
82.23.65.0-82.23.68.255
82.23.70.0-82.23.73.255
82.23.75.0-82.23.78.255
82.23.80.0-82.23.91.255
82.24.22.0/24
82.24.61.0/24
82.24.207.0/24
82.26.206.0/24
82.29.127.0/24
82.29.138.0/24
82.29.140.0/24
82.29.142.0/24
Signature Algorithm: sha256WithRSAEncryption
15:fe:a2:5d:fb:4a:5e:c3:95:f4:20:5a:e9:2d:76:9a:14:e1:
21:19:87:eb:af:ef:2e:35:00:ff:a5:7a:36:34:01:91:47:c9:
34:60:f9:2a:c1:73:35:a8:f1:ac:b1:dc:bc:72:e7:89:8a:e1:
7d:d0:ca:87:aa:23:78:7e:57:7e:c6:37:ab:94:6e:55:05:38:
93:75:fb:a3:45:5f:a1:4c:51:49:eb:0c:24:ec:cd:00:c7:b0:
3d:3f:e9:93:3c:07:c0:19:31:b6:ad:4d:72:2a:b9:19:3b:ba:
05:a4:71:22:e6:b8:47:d0:ea:73:86:49:22:15:fe:ee:62:41:
b4:6b:d9:68:b1:15:c7:dc:3a:78:fc:38:5b:69:5d:f0:3a:a6:
bf:3d:84:08:79:d2:20:d5:70:92:cb:a5:d8:24:33:38:94:3f:
79:72:ed:0c:10:d0:1e:bc:50:9f:cc:b3:ec:4e:95:27:c2:e9:
8d:e7:d8:a0:82:c2:99:d7:86:29:e4:88:ba:c6:33:c5:95:6c:
56:1f:d5:9f:cb:d8:5f:00:49:a5:fe:f9:61:bf:e0:20:0f:8b:
42:f1:44:c8:5b:43:2c:de:98:e4:e4:ef:63:54:5a:c0:37:74:
b9:37:83:22:6f:14:df:df:dc:cd:40:9d:29:37:fe:6a:70:da:
07:20:aa:29
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIUdrYqeOgfuZdKqILqhbx5fWohyBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTkyMzU3MDBaFw0yNzAzMTkwMDAyMDBaMDMxMTAvBgNV
BAMTKEE2RTA3MTg1N0Q1OTM2NzYyRjhFQTc0NzIwMTlFMzc4MzI4RDMyMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYOLpXo88W5ra0UAKEZ+cLA+28
45ywuI+emqHd6ZUI55iQl8PfHZFmuxwoaoIckRH5BMeJisSZR92ewcLc31kCKVWe
yJDhJzSwlqbVCOS6NS2bAVaweH5NyyPs849l+WiOf8ByKO7J1Tvj/4tJHVe4lePj
rL7lSD8/GRE8Usc7KmZUsKHeHIemoJUOyFKizRvlBMtIQJzxa7i4tJJvfpYnM2/9
fhPuGcdCepdiDdq0MbyVMVQ4sk1Z/uDEGt3Q3jcbjNKr/IuCTzG6hXv0flsUNkgE
Vji5dYJw8U6/88+vyQLEng8JuR4goSjJG+Ulhf38EpeuGH6gFyYfHkLsCjy5AgMB
AAGjggKJMIIChTAdBgNVHQ4EFgQUpuBxhX1ZNnYvjqdHIBnjeDKNMjAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODg4MS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBnwYIKwYBBQUHAQcBAf8EgY8wgYwwgYkEAgABMIGCAwQA
UhWBMAwDBABSFrEDBABSFrIDBABSFrQwDAMEAFIXQQMEAFIXRDAMAwQBUhdGAwQB
UhdIMAwDBABSF0sDBABSF04wDAMEBFIXUAMEAlIXWAMEAFIYFgMEAFIYPQMEAFIY
zwMEAFIazgMEAFIdfwMEAFIdigMEAFIdjAMEAFIdjjANBgkqhkiG9w0BAQsFAAOC
AQEAFf6iXftKXsOV9CBa6S12mhThIRmH66/vLjUA/6V6NjQBkUfJNGD5KsFzNajx
rLHcvHLniYrhfdDKh6ojeH5XfsY3q5RuVQU4k3X7o0VfoUxRSesMJOzNAMewPT/p
kzwHwBkxtq1Nciq5GTu6BaRxIua4R9Dqc4ZJIhX+7mJBtGvZaLEVx9w6ePw4W2ld
8Dqmvz2ECHnSINVwksul2CQzOJQ/eXLtDBDQHrxQn8yz7E6VJ8LpjefYoILCmdeG
KeSIusYzxZVsVh/Vn8vYXwBJpf75Yb/gIA+LQvFEyFtDLN6Y5OTvY1RawDd0uTeD
Im8U39/czUCdKTf+anDaByCqKQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:25 2026 by rpki-client