Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
File:                     AS13335.roa (raw, json)
Hash identifier:          q6tA6IVa6Z8QcI3wMqEbscK808hqbdSBJvXijhZ8TP8=
Subject key identifier:   26:83:CA:C4:3C:05:EB:D3:E4:F5:5F:16:BC:FD:DA:15:8A:FC:75:6A
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       3DD29E496166AD9AF4E36E090B49A8CF06525ABB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
Signing time:             Mon 21 Jul 2025 12:47:33 +0000
ROA not before:           Mon 21 Jul 2025 12:42:33 +0000
ROA not after:            Mon 20 Jul 2026 12:47:33 +0000
asID:                     13335
IP address blocks:        82.21.82.0/24 maxlen: 24
                          82.24.40.0/24 maxlen: 24
                          82.26.156.0/24 maxlen: 24
                          2a13:9500:3e::/48 maxlen: 48
                          2a13:9500:b7::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 13:47:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:d2:9e:49:61:66:ad:9a:f4:e3:6e:09:0b:49:a8:cf:06:52:5a:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul 21 12:42:33 2025 GMT
            Not After : Jul 20 12:47:33 2026 GMT
        Subject: CN=2683CAC43C05EBD3E4F55F16BCFDDA158AFC756A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:eb:4d:7e:8f:5d:ad:bb:4e:01:03:82:91:e7:
                    08:46:3d:4c:87:e9:09:d9:91:90:6b:61:db:33:9c:
                    54:c5:46:b0:f5:04:15:fb:ca:dd:cb:b9:2f:eb:ae:
                    de:2b:72:2a:a7:b6:be:39:95:d3:2d:02:ce:24:8c:
                    a7:21:41:79:70:ca:66:2a:f4:d9:cf:42:6f:94:3d:
                    dd:cf:0b:21:76:7e:92:c8:3d:03:92:58:f2:ab:33:
                    c9:e9:1f:18:e2:84:f4:4e:5e:d3:01:a5:0d:52:e2:
                    70:6a:d5:6c:e1:7f:d6:06:2a:31:94:23:90:f8:a2:
                    3f:6f:26:07:50:fa:e1:c2:8f:b2:70:41:c6:35:50:
                    c3:10:93:f5:67:71:60:47:67:2c:b8:d0:68:37:0a:
                    e2:d8:f7:8a:5f:38:1f:88:75:bf:ac:3d:a3:2a:30:
                    5b:01:9c:b5:06:d9:83:87:9a:df:40:18:7b:87:ad:
                    d5:8a:1a:2f:c8:a7:28:68:b6:a5:ca:8b:88:0b:65:
                    60:14:2a:6b:9f:51:8a:d2:45:85:9a:92:0e:f9:4a:
                    8d:b4:d1:2b:be:d2:e3:c4:a1:fa:67:45:49:36:57:
                    a9:b1:e4:9b:24:66:37:3a:9e:b5:77:de:76:c6:64:
                    45:b5:d9:e8:be:89:c2:6c:bb:3a:63:d4:e3:b3:3f:
                    fc:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:83:CA:C4:3C:05:EB:D3:E4:F5:5F:16:BC:FD:DA:15:8A:FC:75:6A
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.82.0/24
                  82.24.40.0/24
                  82.26.156.0/24
                IPv6:
                  2a13:9500:3e::/48
                  2a13:9500:b7::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:33:5a:3f:01:16:b3:83:ac:73:d1:d2:0a:18:c9:3b:66:26:
         18:7f:d2:e9:92:53:9c:3f:42:c9:4e:07:e9:9f:0d:bf:ad:ed:
         6e:d9:e1:14:63:0a:92:b3:ad:20:85:23:79:c2:41:79:ec:10:
         c4:40:35:d0:60:fd:f5:9e:63:b3:63:3b:02:03:81:35:54:69:
         87:52:75:b5:49:f1:14:89:fc:75:ac:10:9f:c0:1a:20:82:a3:
         81:82:89:31:91:da:27:53:97:47:ca:a3:ca:3a:b4:4e:3c:9f:
         1b:65:64:b6:ae:a2:3d:4b:bd:76:3a:97:41:c8:88:e9:be:f2:
         1c:26:2d:5d:e7:78:50:7a:93:ae:f6:fc:11:5c:9a:7f:00:69:
         74:eb:47:59:1d:05:8c:41:17:9a:b5:60:46:ba:0e:b3:eb:7a:
         06:b6:78:93:8c:cc:a8:c1:69:7e:86:20:63:4e:b9:f5:59:77:
         87:40:6e:1e:a9:a8:2c:82:f8:47:94:ae:03:c0:38:17:e3:61:
         85:d3:51:14:1f:76:bf:cb:93:d2:7f:53:58:2d:41:4c:80:66:
         b9:44:2b:40:f9:07:d2:e4:10:c1:b1:f8:d4:93:13:4c:ab:c7:
         74:a5:c3:ef:5d:ae:26:20:e4:37:09:67:8f:79:52:ff:aa:f6:
         08:e9:27:6c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIUPdKeSWFmrZr0424JC0mozwZSWrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjExMjQyMzNaFw0yNjA3MjAxMjQ3MzNaMDMxMTAvBgNV
BAMTKDI2ODNDQUM0M0MwNUVCRDNFNEY1NUYxNkJDRkREQTE1OEFGQzc1NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz601+j12tu04BA4KR5whGPUyH
6QnZkZBrYdsznFTFRrD1BBX7yt3LuS/rrt4rciqntr45ldMtAs4kjKchQXlwymYq
9NnPQm+UPd3PCyF2fpLIPQOSWPKrM8npHxjihPROXtMBpQ1S4nBq1Wzhf9YGKjGU
I5D4oj9vJgdQ+uHCj7JwQcY1UMMQk/VncWBHZyy40Gg3CuLY94pfOB+Idb+sPaMq
MFsBnLUG2YOHmt9AGHuHrdWKGi/IpyhotqXKi4gLZWAUKmufUYrSRYWakg75So20
0Su+0uPEofpnRUk2V6mx5JskZjc6nrV33nbGZEW12ei+icJsuzpj1OOzP/xLAgMB
AAGjggIvMIICKzAdBgNVHQ4EFgQUJoPKxDwF69Pk9V8WvP3aFYr8dWowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRQYIKwYBBQUHAQcBAf8ENjA0MBgEAgABMBIDBABSFVID
BABSGCgDBABSGpwwGAQCAAIwEgMHACoTlQAAPgMHACoTlQAAtzANBgkqhkiG9w0B
AQsFAAOCAQEAUzNaPwEWs4Osc9HSChjJO2YmGH/S6ZJTnD9CyU4H6Z8Nv63tbtnh
FGMKkrOtIIUjecJBeewQxEA10GD99Z5js2M7AgOBNVRph1J1tUnxFIn8dawQn8Aa
IIKjgYKJMZHaJ1OXR8qjyjq0TjyfG2Vktq6iPUu9djqXQciI6b7yHCYtXed4UHqT
rvb8EVyafwBpdOtHWR0FjEEXmrVgRroOs+t6BrZ4k4zMqMFpfoYgY0659Vl3h0Bu
HqmoLIL4R5SuA8A4F+NhhdNRFB92v8uT0n9TWC1BTIBmuUQrQPkH0uQQwbH41JMT
TKvHdKXD712uJiDkNwlnj3lS/6r2COknbA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:43 2025 by rpki-client