Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
File: AS13335.roa (raw, json)
Hash identifier: NkvQYaLFu9k8bVMmiGHGl3hDJNtiKjTxAbtlwcV/TZY=
Subject key identifier: 44:FB:F5:3A:90:85:D1:F8:60:56:ED:31:5D:1A:32:D3:8B:AD:D9:78
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4398DF497794253A51F46E3003035652B4F390D0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
Signing time: Sat 30 May 2026 07:09:43 +0000
ROA not before: Sat 30 May 2026 07:04:43 +0000
ROA not after: Sat 29 May 2027 07:09:43 +0000
asID: 13335
IP address blocks: 82.21.82.0/24 maxlen: 24
82.22.16.0/24 maxlen: 24
82.24.40.0/24 maxlen: 24
82.26.156.0/24 maxlen: 24
82.39.142.0/24 maxlen: 24
82.40.22.0/24 maxlen: 24
84.75.180.0/23 maxlen: 24
2a13:9500:3e::/48 maxlen: 48
2a13:9500:b7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:98:df:49:77:94:25:3a:51:f4:6e:30:03:03:56:52:b4:f3:90:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 30 07:04:43 2026 GMT
Not After : May 29 07:09:43 2027 GMT
Subject: CN=44FBF53A9085D1F86056ED315D1A32D38BADD978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b4:d0:53:fe:41:98:12:91:e0:b7:e4:60:f9:
83:3e:15:14:88:7f:b2:3d:fc:72:91:3b:54:36:5c:
c4:4e:86:f2:91:f4:3c:81:ca:e5:95:41:ee:bf:e2:
08:b9:a6:54:11:a2:28:78:29:89:51:a8:99:47:24:
2a:5a:36:8f:43:b2:03:22:3a:a1:b4:0f:c4:4a:39:
8a:a8:92:e7:ab:f5:40:93:72:1c:b5:29:50:ef:5f:
d0:63:67:22:c5:5d:5f:50:de:e7:cc:15:8d:d3:a2:
a3:4d:b7:ad:37:a1:3a:97:e8:9f:90:01:c1:55:83:
ba:9b:f1:7c:72:1f:4f:31:4d:f8:23:2e:b4:41:97:
34:85:44:8d:65:c5:38:9a:66:5a:46:35:d7:50:90:
41:13:19:fc:73:f3:1b:36:3d:1d:c7:27:0e:8a:e7:
34:20:c2:03:32:ec:06:4e:fe:2e:e6:e3:04:f6:ab:
cd:8b:96:fd:e7:78:8e:f2:3e:a0:14:16:15:73:bc:
2d:ba:34:53:88:a9:4f:f5:aa:d2:10:32:b3:49:ac:
62:1f:eb:01:76:80:89:67:f3:f2:3d:89:16:e1:62:
6f:b4:4f:ed:db:41:d8:91:8b:9a:14:3e:2c:d2:d7:
da:a2:e5:46:be:34:c8:6e:da:a8:a5:6e:7d:7c:aa:
16:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FB:F5:3A:90:85:D1:F8:60:56:ED:31:5D:1A:32:D3:8B:AD:D9:78
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.82.0/24
82.22.16.0/24
82.24.40.0/24
82.26.156.0/24
82.39.142.0/24
82.40.22.0/24
84.75.180.0/23
IPv6:
2a13:9500:3e::/48
2a13:9500:b7::/48
Signature Algorithm: sha256WithRSAEncryption
57:61:cc:41:ce:72:98:69:44:34:48:e6:40:02:19:a5:96:89:
c3:dd:10:0c:53:ef:f0:89:ce:fa:28:a7:5c:f2:22:70:7a:b3:
11:81:aa:4f:cf:33:0a:7b:e2:ae:bd:3d:f6:75:2a:93:40:62:
ca:f5:ea:66:49:7e:94:a6:ae:31:10:74:08:40:fa:2b:21:8c:
8c:62:09:99:b7:a5:5a:dc:4e:7b:fc:9e:52:07:b9:71:c8:b6:
14:de:f6:e4:2b:0a:35:37:fd:5b:5e:68:37:23:88:1a:9f:04:
8b:c1:f8:2a:b1:95:0c:7b:d9:55:c5:63:be:52:fe:c2:8f:07:
78:2b:d0:ea:cd:95:e4:85:f2:96:d6:d0:a2:af:ba:da:1a:a9:
69:09:3a:81:01:70:88:eb:8b:37:a8:76:33:a3:64:fa:48:ac:
fa:6b:18:c4:62:68:ba:55:7c:0c:8c:77:f3:bf:fc:af:39:e9:
53:5a:5d:08:cf:72:a3:a4:81:b0:b0:cf:6e:73:39:c9:e0:e5:
f1:e1:c2:68:9c:d9:2a:e0:68:f8:85:34:8f:b1:8f:d5:f0:e5:
99:de:38:04:89:6d:bf:06:b4:f6:54:3f:99:dd:50:51:eb:cb:
30:b1:6b:fe:45:6e:59:22:e2:45:42:f8:d7:3e:77:46:8a:ed:
17:89:63:e9
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUQ5jfSXeUJTpR9G4wAwNWUrTzkNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MzAwNzA0NDNaFw0yNzA1MjkwNzA5NDNaMDMxMTAvBgNV
BAMTKDQ0RkJGNTNBOTA4NUQxRjg2MDU2RUQzMTVEMUEzMkQzOEJBREQ5NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCatNBT/kGYEpHgt+Rg+YM+FRSI
f7I9/HKRO1Q2XMROhvKR9DyByuWVQe6/4gi5plQRoih4KYlRqJlHJCpaNo9DsgMi
OqG0D8RKOYqokuer9UCTchy1KVDvX9BjZyLFXV9Q3ufMFY3ToqNNt603oTqX6J+Q
AcFVg7qb8XxyH08xTfgjLrRBlzSFRI1lxTiaZlpGNddQkEETGfxz8xs2PR3HJw6K
5zQgwgMy7AZO/i7m4wT2q82Llv3neI7yPqAUFhVzvC26NFOIqU/1qtIQMrNJrGIf
6wF2gIln8/I9iRbhYm+0T+3bQdiRi5oUPizS19qi5Ua+NMhu2qilbn18qhZDAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQURPv1OpCF0fhgVu0xXRoy04ut2XgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMDAEAgABMCoDBABSFVID
BABSFhADBABSGCgDBABSGpwDBABSJ44DBABSKBYDBAFUS7QwGAQCAAIwEgMHACoT
lQAAPgMHACoTlQAAtzANBgkqhkiG9w0BAQsFAAOCAQEAV2HMQc5ymGlENEjmQAIZ
pZaJw90QDFPv8InO+iinXPIicHqzEYGqT88zCnvirr099nUqk0BiyvXqZkl+lKau
MRB0CED6KyGMjGIJmbelWtxOe/yeUge5cci2FN725CsKNTf9W15oNyOIGp8Ei8H4
KrGVDHvZVcVjvlL+wo8HeCvQ6s2V5IXyltbQoq+62hqpaQk6gQFwiOuLN6h2M6Nk
+kis+msYxGJoulV8DIx387/8rznpU1pdCM9yo6SBsLDPbnM5yeDl8eHCaJzZKuBo
+IU0j7GP1fDlmd44BIltvwa09lQ/md1QUevLMLFr/kVuWSLiRUL41z53RortF4lj
6Q==
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:53 2026 by rpki-client