Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS219394.roa
File:                     AS219394.roa (raw, json)
Hash identifier:          SZcwqLoHZm6W/I55Ml8209mWYMhqKeQzufdpXqsor8c=
Subject key identifier:   2F:95:F2:49:B1:B0:F9:35:89:95:AD:3F:CA:D9:FE:56:88:69:4F:C2
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       5047C29CB3A4847C633B8623FCEA60A1F42EB27D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS219394.roa
Signing time:             Mon 29 Jun 2026 15:21:41 +0000
ROA not before:           Mon 29 Jun 2026 15:16:41 +0000
ROA not after:            Mon 28 Jun 2027 15:21:41 +0000
asID:                     219394
IP address blocks:        82.38.201.0/24 maxlen: 24
                          82.41.75.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:47:c2:9c:b3:a4:84:7c:63:3b:86:23:fc:ea:60:a1:f4:2e:b2:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun 29 15:16:41 2026 GMT
            Not After : Jun 28 15:21:41 2027 GMT
        Subject: CN=2F95F249B1B0F9358995AD3FCAD9FE5688694FC2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3e:a9:24:11:1b:77:2b:f3:f4:1e:ef:7b:d6:
                    95:ab:8b:41:a8:0e:02:8d:64:2a:9c:eb:bd:85:a2:
                    41:e2:4e:da:4a:dd:77:5c:ee:24:1e:95:d4:06:b3:
                    da:23:e5:a8:04:75:0b:ed:f5:4b:45:27:ea:2d:d2:
                    f4:e3:5c:91:c3:f0:75:93:77:97:99:e0:e3:b4:54:
                    ef:9e:c1:75:1d:68:c0:05:40:1b:10:40:19:40:0e:
                    6e:41:59:d4:64:e6:a7:d6:65:01:1c:cd:cd:a6:06:
                    75:73:9b:7f:29:e4:bc:2e:c7:7e:63:6e:8e:33:df:
                    09:73:ec:11:4e:89:46:cb:62:8c:7a:25:45:12:06:
                    6e:64:65:94:23:8c:14:a2:49:c0:e5:71:0e:09:6b:
                    1c:36:d6:05:53:ed:45:66:c0:fc:81:7c:22:33:74:
                    24:6c:c1:3e:fc:38:58:70:be:ba:75:4d:82:52:31:
                    99:d8:a2:52:2f:89:b0:8b:4e:ed:25:c0:b9:02:81:
                    07:31:e4:4b:5d:c8:48:32:a0:e5:d7:46:c2:b8:3d:
                    46:06:0c:40:65:7b:70:31:c2:0d:ca:aa:01:92:6e:
                    a8:bf:4d:2a:68:a4:e6:30:49:32:39:0e:6b:bf:fd:
                    eb:cb:69:9f:ab:45:bb:44:28:13:ff:7e:22:71:ce:
                    06:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:95:F2:49:B1:B0:F9:35:89:95:AD:3F:CA:D9:FE:56:88:69:4F:C2
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS219394.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.38.201.0/24
                  82.41.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:ee:99:ff:75:45:af:79:6d:08:12:b4:52:1c:3f:6c:15:6b:
         d5:02:5c:01:f5:d5:29:8f:51:32:30:f0:12:64:9a:39:fa:05:
         56:a1:91:5a:d6:f9:e7:85:3b:2b:f2:3b:cb:42:9a:d5:20:a7:
         85:cc:8a:29:18:74:58:01:d8:53:a5:38:02:2e:b0:c9:8e:a9:
         6c:38:ba:0e:c2:77:64:1f:40:f3:8b:c7:50:dc:ad:65:a5:4a:
         1e:42:d0:2c:f7:ad:e9:9c:96:73:2c:93:37:13:a2:28:39:10:
         28:8c:5c:ef:c7:28:5c:d7:4d:17:88:6e:43:e8:e5:83:10:37:
         c3:65:84:ca:10:72:0a:58:a1:2d:1a:31:56:0b:70:6c:ce:e8:
         62:c5:09:aa:b4:8d:58:ff:92:36:2e:29:0f:ac:1b:f6:9d:2f:
         49:bf:6e:a4:60:c5:ed:71:b0:56:68:3a:cf:b4:c4:4e:3e:23:
         77:30:5b:19:5d:0a:30:8c:6a:b9:56:cd:ec:52:ac:78:f4:99:
         a3:fb:05:85:78:ab:bb:da:06:ab:9b:02:be:27:0a:f7:63:1f:
         d1:56:5e:7c:4d:29:17:c7:c0:27:6f:0e:9a:48:81:81:2e:9f:
         e8:20:34:ce:4a:99:01:7d:10:25:b0:64:6a:2f:e0:24:29:d8:
         81:9e:68:2a
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUUEfCnLOkhHxjO4Yj/OpgofQusn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjkxNTE2NDFaFw0yNzA2MjgxNTIxNDFaMDMxMTAvBgNV
BAMTKDJGOTVGMjQ5QjFCMEY5MzU4OTk1QUQzRkNBRDlGRTU2ODg2OTRGQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnPqkkERt3K/P0Hu971pWri0Go
DgKNZCqc672FokHiTtpK3Xdc7iQeldQGs9oj5agEdQvt9UtFJ+ot0vTjXJHD8HWT
d5eZ4OO0VO+ewXUdaMAFQBsQQBlADm5BWdRk5qfWZQEczc2mBnVzm38p5Lwux35j
bo4z3wlz7BFOiUbLYox6JUUSBm5kZZQjjBSiScDlcQ4Jaxw21gVT7UVmwPyBfCIz
dCRswT78OFhwvrp1TYJSMZnYolIvibCLTu0lwLkCgQcx5EtdyEgyoOXXRsK4PUYG
DEBle3Axwg3KqgGSbqi/TSpopOYwSTI5Dmu//evLaZ+rRbtEKBP/fiJxzgatAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUL5XySbGw+TWJla0/ytn+VohpT8IwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE5Mzk0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUibJ
AwQAUilLMA0GCSqGSIb3DQEBCwUAA4IBAQBN7pn/dUWveW0IErRSHD9sFWvVAlwB
9dUpj1EyMPASZJo5+gVWoZFa1vnnhTsr8jvLQprVIKeFzIopGHRYAdhTpTgCLrDJ
jqlsOLoOwndkH0Dzi8dQ3K1lpUoeQtAs963pnJZzLJM3E6IoORAojFzvxyhc100X
iG5D6OWDEDfDZYTKEHIKWKEtGjFWC3BszuhixQmqtI1Y/5I2LikPrBv2nS9Jv26k
YMXtcbBWaDrPtMROPiN3MFsZXQowjGq5Vs3sUqx49Jmj+wWFeKu72garmwK+Jwr3
Yx/RVl58TSkXx8Anbw6aSIGBLp/oIDTOSpkBfRAlsGRqL+AkKdiBnmgq
-----END CERTIFICATE-----
Generated at Fri Jul 3 19:55:54 2026 by rpki-client