Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
File: AS13335.roa (raw, json)
Hash identifier: q6tA6IVa6Z8QcI3wMqEbscK808hqbdSBJvXijhZ8TP8=
Subject key identifier: 26:83:CA:C4:3C:05:EB:D3:E4:F5:5F:16:BC:FD:DA:15:8A:FC:75:6A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3DD29E496166AD9AF4E36E090B49A8CF06525ABB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
Signing time: Mon 21 Jul 2025 12:47:33 +0000
ROA not before: Mon 21 Jul 2025 12:42:33 +0000
ROA not after: Mon 20 Jul 2026 12:47:33 +0000
asID: 13335
IP address blocks: 82.21.82.0/24 maxlen: 24
82.24.40.0/24 maxlen: 24
82.26.156.0/24 maxlen: 24
2a13:9500:3e::/48 maxlen: 48
2a13:9500:b7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 21:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:d2:9e:49:61:66:ad:9a:f4:e3:6e:09:0b:49:a8:cf:06:52:5a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 21 12:42:33 2025 GMT
Not After : Jul 20 12:47:33 2026 GMT
Subject: CN=2683CAC43C05EBD3E4F55F16BCFDDA158AFC756A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:eb:4d:7e:8f:5d:ad:bb:4e:01:03:82:91:e7:
08:46:3d:4c:87:e9:09:d9:91:90:6b:61:db:33:9c:
54:c5:46:b0:f5:04:15:fb:ca:dd:cb:b9:2f:eb:ae:
de:2b:72:2a:a7:b6:be:39:95:d3:2d:02:ce:24:8c:
a7:21:41:79:70:ca:66:2a:f4:d9:cf:42:6f:94:3d:
dd:cf:0b:21:76:7e:92:c8:3d:03:92:58:f2:ab:33:
c9:e9:1f:18:e2:84:f4:4e:5e:d3:01:a5:0d:52:e2:
70:6a:d5:6c:e1:7f:d6:06:2a:31:94:23:90:f8:a2:
3f:6f:26:07:50:fa:e1:c2:8f:b2:70:41:c6:35:50:
c3:10:93:f5:67:71:60:47:67:2c:b8:d0:68:37:0a:
e2:d8:f7:8a:5f:38:1f:88:75:bf:ac:3d:a3:2a:30:
5b:01:9c:b5:06:d9:83:87:9a:df:40:18:7b:87:ad:
d5:8a:1a:2f:c8:a7:28:68:b6:a5:ca:8b:88:0b:65:
60:14:2a:6b:9f:51:8a:d2:45:85:9a:92:0e:f9:4a:
8d:b4:d1:2b:be:d2:e3:c4:a1:fa:67:45:49:36:57:
a9:b1:e4:9b:24:66:37:3a:9e:b5:77:de:76:c6:64:
45:b5:d9:e8:be:89:c2:6c:bb:3a:63:d4:e3:b3:3f:
fc:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:83:CA:C4:3C:05:EB:D3:E4:F5:5F:16:BC:FD:DA:15:8A:FC:75:6A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.82.0/24
82.24.40.0/24
82.26.156.0/24
IPv6:
2a13:9500:3e::/48
2a13:9500:b7::/48
Signature Algorithm: sha256WithRSAEncryption
53:33:5a:3f:01:16:b3:83:ac:73:d1:d2:0a:18:c9:3b:66:26:
18:7f:d2:e9:92:53:9c:3f:42:c9:4e:07:e9:9f:0d:bf:ad:ed:
6e:d9:e1:14:63:0a:92:b3:ad:20:85:23:79:c2:41:79:ec:10:
c4:40:35:d0:60:fd:f5:9e:63:b3:63:3b:02:03:81:35:54:69:
87:52:75:b5:49:f1:14:89:fc:75:ac:10:9f:c0:1a:20:82:a3:
81:82:89:31:91:da:27:53:97:47:ca:a3:ca:3a:b4:4e:3c:9f:
1b:65:64:b6:ae:a2:3d:4b:bd:76:3a:97:41:c8:88:e9:be:f2:
1c:26:2d:5d:e7:78:50:7a:93:ae:f6:fc:11:5c:9a:7f:00:69:
74:eb:47:59:1d:05:8c:41:17:9a:b5:60:46:ba:0e:b3:eb:7a:
06:b6:78:93:8c:cc:a8:c1:69:7e:86:20:63:4e:b9:f5:59:77:
87:40:6e:1e:a9:a8:2c:82:f8:47:94:ae:03:c0:38:17:e3:61:
85:d3:51:14:1f:76:bf:cb:93:d2:7f:53:58:2d:41:4c:80:66:
b9:44:2b:40:f9:07:d2:e4:10:c1:b1:f8:d4:93:13:4c:ab:c7:
74:a5:c3:ef:5d:ae:26:20:e4:37:09:67:8f:79:52:ff:aa:f6:
08:e9:27:6c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIUPdKeSWFmrZr0424JC0mozwZSWrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjExMjQyMzNaFw0yNjA3MjAxMjQ3MzNaMDMxMTAvBgNV
BAMTKDI2ODNDQUM0M0MwNUVCRDNFNEY1NUYxNkJDRkREQTE1OEFGQzc1NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz601+j12tu04BA4KR5whGPUyH
6QnZkZBrYdsznFTFRrD1BBX7yt3LuS/rrt4rciqntr45ldMtAs4kjKchQXlwymYq
9NnPQm+UPd3PCyF2fpLIPQOSWPKrM8npHxjihPROXtMBpQ1S4nBq1Wzhf9YGKjGU
I5D4oj9vJgdQ+uHCj7JwQcY1UMMQk/VncWBHZyy40Gg3CuLY94pfOB+Idb+sPaMq
MFsBnLUG2YOHmt9AGHuHrdWKGi/IpyhotqXKi4gLZWAUKmufUYrSRYWakg75So20
0Su+0uPEofpnRUk2V6mx5JskZjc6nrV33nbGZEW12ei+icJsuzpj1OOzP/xLAgMB
AAGjggIvMIICKzAdBgNVHQ4EFgQUJoPKxDwF69Pk9V8WvP3aFYr8dWowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRQYIKwYBBQUHAQcBAf8ENjA0MBgEAgABMBIDBABSFVID
BABSGCgDBABSGpwwGAQCAAIwEgMHACoTlQAAPgMHACoTlQAAtzANBgkqhkiG9w0B
AQsFAAOCAQEAUzNaPwEWs4Osc9HSChjJO2YmGH/S6ZJTnD9CyU4H6Z8Nv63tbtnh
FGMKkrOtIIUjecJBeewQxEA10GD99Z5js2M7AgOBNVRph1J1tUnxFIn8dawQn8Aa
IIKjgYKJMZHaJ1OXR8qjyjq0TjyfG2Vktq6iPUu9djqXQciI6b7yHCYtXed4UHqT
rvb8EVyafwBpdOtHWR0FjEEXmrVgRroOs+t6BrZ4k4zMqMFpfoYgY0659Vl3h0Bu
HqmoLIL4R5SuA8A4F+NhhdNRFB92v8uT0n9TWC1BTIBmuUQrQPkH0uQQwbH41JMT
TKvHdKXD712uJiDkNwlnj3lS/6r2COknbA==
-----END CERTIFICATE-----
Generated at Fri Jul 25 03:48:01 2025 by rpki-client