Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS23532.roa
File: AS23532.roa (raw, json)
Hash identifier: gOE+E5HROUqs3NNKVmq8/bkgKskKxMBvXKzxjvmVZjA=
Subject key identifier: 3E:DC:5A:9F:B0:6C:19:EC:13:1D:B7:2E:53:31:14:E7:93:D3:60:6A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 019A56FFC269F75FDBE920AEB0BE1ADD01FF39E0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS23532.roa
Signing time: Thu 07 May 2026 16:22:45 +0000
ROA not before: Thu 07 May 2026 16:17:45 +0000
ROA not after: Thu 06 May 2027 16:22:45 +0000
asID: 23532
IP address blocks: 82.47.189.0/24 maxlen: 24
82.47.190.0/24 maxlen: 24
82.47.208.0/24 maxlen: 24
82.47.212.0/24 maxlen: 24
82.47.214.0/24 maxlen: 24
82.47.218.0/24 maxlen: 24
82.47.219.0/24 maxlen: 24
82.47.221.0/24 maxlen: 24
82.47.224.0/24 maxlen: 24
82.47.225.0/24 maxlen: 24
82.47.228.0/24 maxlen: 24
82.47.229.0/24 maxlen: 24
82.47.231.0/24 maxlen: 24
82.47.242.0/24 maxlen: 24
82.47.243.0/24 maxlen: 24
82.47.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:56:ff:c2:69:f7:5f:db:e9:20:ae:b0:be:1a:dd:01:ff:39:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 7 16:17:45 2026 GMT
Not After : May 6 16:22:45 2027 GMT
Subject: CN=3EDC5A9FB06C19EC131DB72E533114E793D3606A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:40:25:57:de:7a:a4:c2:d2:a3:7b:2f:3a:bc:
cb:be:a6:f8:f6:7d:c6:61:31:e4:e4:61:c8:95:90:
b5:25:c9:a7:bc:ac:b6:5f:e9:4a:bc:b0:37:76:24:
d7:1f:fe:ce:6d:a6:9d:c8:86:d6:7a:72:aa:3d:41:
61:66:4b:c7:12:95:e1:56:cd:bd:11:7a:cb:08:42:
de:ac:21:84:55:20:34:70:9c:8b:d6:04:04:07:76:
0a:a0:a2:5f:91:c6:8c:e7:92:c9:90:06:00:1f:e0:
3a:36:3d:4c:bb:96:26:82:b5:a1:f4:77:40:3f:4b:
d3:79:5d:ae:6f:01:73:5b:d5:89:78:5a:2a:4e:06:
a6:0c:dc:cf:00:1b:a1:b9:d0:2b:df:b4:ee:bb:ee:
84:8a:cf:08:7d:28:a2:23:7e:21:52:79:a7:13:f2:
6f:de:e9:c3:84:6e:17:ba:45:b4:72:07:68:e7:bf:
01:9e:4f:e0:1b:d4:8c:b2:51:08:a8:1d:fc:87:b9:
03:e8:35:6f:7b:f1:19:d0:4d:5a:d1:da:e8:37:d1:
c4:cc:66:c7:ec:35:3b:a3:93:5e:9f:39:1c:30:8d:
69:ff:74:e5:26:02:b9:23:e9:04:f4:c0:4f:66:03:
69:91:88:58:97:32:19:af:f8:bf:94:dd:02:32:fb:
e4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:DC:5A:9F:B0:6C:19:EC:13:1D:B7:2E:53:31:14:E7:93:D3:60:6A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS23532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.47.189.0-82.47.190.255
82.47.208.0/24
82.47.212.0/24
82.47.214.0/24
82.47.218.0/23
82.47.221.0/24
82.47.224.0/23
82.47.228.0/23
82.47.231.0/24
82.47.242.0/23
82.47.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:1f:e2:f6:cf:7f:e8:93:8f:62:99:3d:95:79:1e:00:9d:5f:
38:2e:48:ca:9c:0f:02:a2:25:da:c4:ac:54:1c:22:8f:09:cb:
24:80:eb:30:d4:04:89:6b:af:71:0c:c5:fb:03:4b:62:f1:1c:
a4:86:72:f6:87:7e:e2:86:97:11:15:7b:0d:78:04:e0:5b:02:
0e:99:a1:07:d3:fd:20:7d:03:18:b5:d8:19:3f:7e:5d:26:9c:
9d:d4:97:c8:22:22:b1:73:8d:66:08:8d:78:06:8c:0d:9c:51:
3a:bb:fd:c4:7c:5e:b4:34:0b:47:fe:55:c2:19:02:49:43:e7:
65:76:d9:9a:df:ca:cb:5f:bc:6b:cf:0b:d0:0e:ca:c4:67:53:
02:19:20:d7:31:05:e2:9d:ab:25:a4:78:df:cf:86:de:3d:26:
b3:87:92:10:87:da:58:e5:86:a7:22:9c:04:4d:58:ec:a3:4c:
3f:e3:8a:78:fc:05:47:84:1c:19:6a:f9:42:6e:7f:0a:74:14:
b5:98:f8:a6:40:a0:d3:54:c0:c0:8a:94:70:9c:dc:50:73:e8:
15:ff:b5:ed:bb:3e:ee:66:1f:30:f2:6f:6a:30:fe:79:ce:e6:
fd:4c:47:68:c1:b2:d9:24:d8:9e:47:4c:30:f6:ce:ea:a0:c2:
ec:88:cd:5f
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUAZpW/8Jp91/b6SCusL4a3QH/OeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDcxNjE3NDVaFw0yNzA1MDYxNjIyNDVaMDMxMTAvBgNV
BAMTKDNFREM1QTlGQjA2QzE5RUMxMzFEQjcyRTUzMzExNEU3OTNEMzYwNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPQCVX3nqkwtKjey86vMu+pvj2
fcZhMeTkYciVkLUlyae8rLZf6Uq8sDd2JNcf/s5tpp3IhtZ6cqo9QWFmS8cSleFW
zb0RessIQt6sIYRVIDRwnIvWBAQHdgqgol+RxoznksmQBgAf4Do2PUy7liaCtaH0
d0A/S9N5Xa5vAXNb1Yl4WipOBqYM3M8AG6G50CvftO677oSKzwh9KKIjfiFSeacT
8m/e6cOEbhe6RbRyB2jnvwGeT+Ab1IyyUQioHfyHuQPoNW978RnQTVrR2ug30cTM
ZsfsNTujk16fORwwjWn/dOUmArkj6QT0wE9mA2mRiFiXMhmv+L+U3QIy++QTAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUPtxan7BsGewTHbcuUzEU55PTYGowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjM1MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgABMEowDAMEAFIv
vQMEAFIvvgMEAFIv0AMEAFIv1AMEAFIv1gMEAVIv2gMEAFIv3QMEAVIv4AMEAVIv
5AMEAFIv5wMEAVIv8gMEAFIv/jANBgkqhkiG9w0BAQsFAAOCAQEApx/i9s9/6JOP
Ypk9lXkeAJ1fOC5IypwPAqIl2sSsVBwijwnLJIDrMNQEiWuvcQzF+wNLYvEcpIZy
9od+4oaXERV7DXgE4FsCDpmhB9P9IH0DGLXYGT9+XSacndSXyCIisXONZgiNeAaM
DZxROrv9xHxetDQLR/5VwhkCSUPnZXbZmt/Ky1+8a88L0A7KxGdTAhkg1zEF4p2r
JaR438+G3j0ms4eSEIfaWOWGpyKcBE1Y7KNMP+OKePwFR4QcGWr5Qm5/CnQUtZj4
pkCg01TAwIqUcJzcUHPoFf+17bs+7mYfMPJvajD+ec7m/UxHaMGy2STYnkdMMPbO
6qDC7IjNXw==
-----END CERTIFICATE-----
Generated at Wed May 13 13:32:00 2026 by rpki-client