Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
File:                     AS13335.roa (raw, json)
Hash identifier:          W6hqGU1a8sZXl4+4HtE+iXo4/Loh6CI3g4TbbTDJAw8=
Subject key identifier:   9D:F1:54:1E:6E:6C:20:5B:25:E8:2B:B8:17:61:AC:13:00:81:AA:53
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       53E71BFEA252F5C9B278FE8EA4D07AA3803CEEE6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa
Signing time:             Mon 13 Jul 2026 10:44:44 +0000
ROA not before:           Mon 13 Jul 2026 10:39:44 +0000
ROA not after:            Mon 12 Jul 2027 10:44:44 +0000
asID:                     13335
IP address blocks:        82.21.82.0/24 maxlen: 24
                          82.22.16.0/24 maxlen: 24
                          82.24.40.0/24 maxlen: 24
                          82.25.20.0/24 maxlen: 24
                          82.26.156.0/24 maxlen: 24
                          82.39.142.0/24 maxlen: 24
                          82.40.22.0/24 maxlen: 24
                          178.83.176.0/24 maxlen: 24
                          2a13:9500:3e::/48 maxlen: 48
                          2a13:9500:b7::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:e7:1b:fe:a2:52:f5:c9:b2:78:fe:8e:a4:d0:7a:a3:80:3c:ee:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul 13 10:39:44 2026 GMT
            Not After : Jul 12 10:44:44 2027 GMT
        Subject: CN=9DF1541E6E6C205B25E82BB81761AC130081AA53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:a2:c5:27:f6:2f:93:4f:3c:7e:43:f4:b1:e3:
                    f2:51:97:b9:aa:27:ef:d8:f5:e8:f2:10:85:80:fe:
                    05:ef:13:63:70:9d:23:d8:11:94:2f:2f:58:fa:26:
                    4f:91:e1:be:33:21:01:30:39:f5:c1:60:0b:13:62:
                    ec:81:06:c3:f9:7d:27:df:cb:a7:50:8d:dd:43:5a:
                    d7:0d:7d:ca:97:f7:ae:dd:b2:1b:02:03:14:41:32:
                    bf:8e:58:bf:ff:c5:28:b0:f7:0d:b7:f9:64:cb:f4:
                    2f:ce:f4:91:40:7e:27:86:ff:00:9f:eb:a0:48:e6:
                    3e:05:0b:bb:1d:67:78:83:6e:04:25:56:cb:60:d6:
                    12:5f:d6:03:be:44:48:b3:3c:e4:b1:ab:76:0d:5d:
                    fb:7b:f2:55:9f:75:4b:b1:91:4e:fb:0e:b7:43:fb:
                    27:f2:27:a8:04:53:4e:53:50:5e:96:9b:06:26:ce:
                    a5:70:94:ba:55:7f:48:1d:af:4e:df:89:09:e4:3e:
                    ad:c4:97:9d:52:12:a2:66:eb:cc:dd:fb:f6:f9:50:
                    d3:fd:a4:46:9a:ad:fb:91:ca:7b:e6:7a:10:6c:d3:
                    a9:73:1c:68:16:86:4c:8d:1f:46:09:de:9f:21:2e:
                    0c:e1:9f:22:8f:36:45:97:a4:0b:99:8c:c8:ea:63:
                    58:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:F1:54:1E:6E:6C:20:5B:25:E8:2B:B8:17:61:AC:13:00:81:AA:53
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS13335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.82.0/24
                  82.22.16.0/24
                  82.24.40.0/24
                  82.25.20.0/24
                  82.26.156.0/24
                  82.39.142.0/24
                  82.40.22.0/24
                  178.83.176.0/24
                IPv6:
                  2a13:9500:3e::/48
                  2a13:9500:b7::/48

    Signature Algorithm: sha256WithRSAEncryption
         32:3a:de:da:c3:77:a3:b2:40:a6:e5:6e:f9:80:19:3b:4c:39:
         6f:6c:1d:9e:58:0a:40:52:09:e9:df:ae:34:30:25:5f:a8:3f:
         c4:e9:47:d9:ee:07:ff:fb:35:6a:45:e2:b9:32:1f:17:4a:be:
         66:e4:f5:c9:52:5e:56:2f:bb:78:07:21:d9:cb:dd:8e:5d:72:
         db:c1:eb:d8:84:d0:72:ce:60:a9:0f:e7:49:48:f5:39:a9:cc:
         22:bc:38:b7:9d:28:56:94:62:02:2c:08:ed:87:e6:7b:5f:99:
         82:63:84:6e:7e:fd:40:07:b1:93:d1:fb:a3:ed:e9:76:f2:2e:
         9b:9d:ce:e6:92:b1:db:e6:1a:88:92:8f:4e:1e:bb:a5:fe:1d:
         26:9d:3b:2c:33:22:6c:b2:02:5a:3c:fd:d6:d0:5d:6a:3b:1b:
         16:d2:5f:4e:f9:06:be:f4:ff:e3:c6:6f:14:6d:9a:65:6b:8d:
         30:90:28:de:78:77:5c:a1:34:67:3f:33:11:34:4e:4d:db:83:
         94:b5:de:83:5f:e6:c4:36:56:80:cc:2f:a5:fd:09:c4:fd:63:
         59:e9:6e:6b:5a:21:49:78:eb:ef:1e:38:0a:48:07:5d:ec:31:
         a1:f8:8b:5d:19:c6:16:04:f0:5f:c0:d1:5e:6c:3e:e1:be:fe:
         b4:43:c8:d1
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUU+cb/qJS9cmyeP6OpNB6o4A87uYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MTMxMDM5NDRaFw0yNzA3MTIxMDQ0NDRaMDMxMTAvBgNV
BAMTKDlERjE1NDFFNkU2QzIwNUIyNUU4MkJCODE3NjFBQzEzMDA4MUFBNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0osUn9i+TTzx+Q/Sx4/JRl7mq
J+/Y9ejyEIWA/gXvE2NwnSPYEZQvL1j6Jk+R4b4zIQEwOfXBYAsTYuyBBsP5fSff
y6dQjd1DWtcNfcqX967dshsCAxRBMr+OWL//xSiw9w23+WTL9C/O9JFAfieG/wCf
66BI5j4FC7sdZ3iDbgQlVstg1hJf1gO+REizPOSxq3YNXft78lWfdUuxkU77DrdD
+yfyJ6gEU05TUF6WmwYmzqVwlLpVf0gdr07fiQnkPq3El51SEqJm68zd+/b5UNP9
pEaarfuRynvmehBs06lzHGgWhkyNH0YJ3p8hLgzhnyKPNkWXpAuZjMjqY1i9AgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUnfFUHm5sIFsl6Cu4F2GsEwCBqlMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYwYIKwYBBQUHAQcBAf8EVDBSMDYEAgABMDADBABSFVID
BABSFhADBABSGCgDBABSGRQDBABSGpwDBABSJ44DBABSKBYDBACyU7AwGAQCAAIw
EgMHACoTlQAAPgMHACoTlQAAtzANBgkqhkiG9w0BAQsFAAOCAQEAMjre2sN3o7JA
puVu+YAZO0w5b2wdnlgKQFIJ6d+uNDAlX6g/xOlH2e4H//s1akXiuTIfF0q+ZuT1
yVJeVi+7eAch2cvdjl1y28Hr2ITQcs5gqQ/nSUj1OanMIrw4t50oVpRiAiwI7Yfm
e1+ZgmOEbn79QAexk9H7o+3pdvIum53O5pKx2+YaiJKPTh67pf4dJp07LDMibLIC
Wjz91tBdajsbFtJfTvkGvvT/48ZvFG2aZWuNMJAo3nh3XKE0Zz8zETROTduDlLXe
g1/mxDZWgMwvpf0JxP1jWelua1ohSXjr7x44CkgHXewxofiLXRnGFgTwX8DRXmw+
4b7+tEPI0Q==
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:07:34 2026 by rpki-client