Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS35661.roa
File: AS35661.roa (raw, json)
Hash identifier: 2QffF54YcAvtC3/sHUXO+mMX/kws117KrnUft7JcNMQ=
Subject key identifier: BA:19:0F:07:2D:32:1F:A0:93:62:95:77:F5:5F:7B:59:C7:AA:6B:46
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6D0CA81DA2FA8FFA83F92A20D8736C89DCC7A50E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS35661.roa
Signing time: Tue 21 Apr 2026 06:01:30 +0000
ROA not before: Tue 21 Apr 2026 05:56:30 +0000
ROA not after: Tue 20 Apr 2027 06:01:30 +0000
asID: 35661
IP address blocks: 84.75.12.0/22 maxlen: 22
84.75.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:0c:a8:1d:a2:fa:8f:fa:83:f9:2a:20:d8:73:6c:89:dc:c7:a5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 21 05:56:30 2026 GMT
Not After : Apr 20 06:01:30 2027 GMT
Subject: CN=BA190F072D321FA093629577F55F7B59C7AA6B46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:19:49:bf:aa:82:a7:e5:67:f2:16:81:cc:bb:
d6:3e:a4:23:ae:2b:a7:e2:5b:7d:db:71:27:3b:32:
ca:aa:0c:a4:31:ab:13:aa:ea:e9:0c:d3:59:69:d1:
e5:d8:fa:e7:f0:9b:40:80:df:ac:e2:de:d7:80:c2:
06:3e:04:c8:61:6b:19:59:83:cb:7e:e0:a6:46:55:
c1:dc:7a:41:26:06:cf:0d:8e:bc:6a:4e:6a:fe:02:
52:ce:63:21:7f:c8:53:0c:59:62:5a:0e:27:7e:22:
eb:80:45:51:d9:e6:ad:09:27:3c:e9:5c:c2:89:cc:
d3:f6:b0:13:00:70:24:16:d9:0d:8f:1a:4f:1f:fb:
dd:35:f8:ca:63:a9:0e:2d:fc:94:cd:36:e2:06:b0:
ef:ff:5c:0b:66:a4:a0:30:95:5e:4a:8f:4c:ea:c7:
33:79:18:f5:cb:c2:d3:28:ed:78:94:17:86:52:2e:
77:a6:0b:fc:01:14:23:b3:c3:3d:73:5f:3b:e2:fe:
ab:7c:ac:ee:2d:ac:3e:56:34:98:ff:66:c0:51:53:
f2:66:aa:a4:4b:2a:c5:5c:92:ec:9f:97:ea:3f:20:
86:8b:11:3d:25:7a:d9:0e:df:dc:cb:0b:81:ef:bc:
5d:6e:ef:c2:1b:d5:09:4d:15:82:08:ba:1a:6c:7b:
d0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:19:0F:07:2D:32:1F:A0:93:62:95:77:F5:5F:7B:59:C7:AA:6B:46
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS35661.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.75.12.0/22
84.75.20.0/22
Signature Algorithm: sha256WithRSAEncryption
32:c3:95:52:b3:1c:d0:f2:74:6f:6a:e6:bc:2f:a4:e5:a1:3c:
cd:d2:7b:4f:e2:cc:30:d3:9f:c1:46:19:fa:13:e6:c7:10:39:
7e:d9:8d:12:23:44:46:5d:6f:94:66:78:87:c2:ff:e4:79:0e:
f3:a6:6b:d4:2c:57:1b:da:5a:a7:a6:9f:76:3e:ca:1c:dd:d3:
7a:02:e3:a3:6a:9b:c4:cd:95:1d:87:a2:e2:74:b4:41:e5:7b:
88:f8:72:d5:54:f5:26:55:62:77:3f:24:71:d1:0a:a3:45:c8:
de:90:27:72:cf:b3:b1:f8:0d:f6:65:bc:74:f0:56:64:3c:49:
09:26:4a:2e:dd:38:b8:16:a1:07:4b:c3:f8:04:70:df:30:23:
9d:e0:90:f1:fe:79:b8:87:f1:28:df:be:b5:35:65:07:98:8c:
a2:98:b1:63:f1:43:ec:8b:2d:4f:d0:3f:1b:5a:45:90:06:5e:
fc:e5:15:ac:0c:4c:ed:c1:12:0a:6f:32:61:02:41:3d:4e:81:
5b:f1:ee:60:bf:19:b8:85:06:c2:de:40:35:a5:5e:a7:67:10:
ec:b7:0d:fd:8d:6c:d9:d0:08:90:fd:09:9c:70:f6:6f:ca:69:
42:ef:ca:66:07:d2:43:ea:bd:d6:33:b2:3f:ba:0d:c2:d7:b6:
79:b6:7a:f4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUbQyoHaL6j/qD+Sog2HNsidzHpQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjEwNTU2MzBaFw0yNzA0MjAwNjAxMzBaMDMxMTAvBgNV
BAMTKEJBMTkwRjA3MkQzMjFGQTA5MzYyOTU3N0Y1NUY3QjU5QzdBQTZCNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1GUm/qoKn5WfyFoHMu9Y+pCOu
K6fiW33bcSc7MsqqDKQxqxOq6ukM01lp0eXY+ufwm0CA36zi3teAwgY+BMhhaxlZ
g8t+4KZGVcHcekEmBs8NjrxqTmr+AlLOYyF/yFMMWWJaDid+IuuARVHZ5q0JJzzp
XMKJzNP2sBMAcCQW2Q2PGk8f+901+MpjqQ4t/JTNNuIGsO//XAtmpKAwlV5Kj0zq
xzN5GPXLwtMo7XiUF4ZSLnemC/wBFCOzwz1zXzvi/qt8rO4trD5WNJj/ZsBRU/Jm
qqRLKsVckuyfl+o/IIaLET0letkO39zLC4HvvF1u78Ib1QlNFYIIuhpse9AJAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUuhkPBy0yH6CTYpV39V97Wceqa0YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzU2NjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAJUSwwD
BAJUSxQwDQYJKoZIhvcNAQELBQADggEBADLDlVKzHNDydG9q5rwvpOWhPM3Se0/i
zDDTn8FGGfoT5scQOX7ZjRIjREZdb5RmeIfC/+R5DvOma9QsVxvaWqemn3Y+yhzd
03oC46Nqm8TNlR2HouJ0tEHle4j4ctVU9SZVYnc/JHHRCqNFyN6QJ3LPs7H4DfZl
vHTwVmQ8SQkmSi7dOLgWoQdLw/gEcN8wI53gkPH+ebiH8SjfvrU1ZQeYjKKYsWPx
Q+yLLU/QPxtaRZAGXvzlFawMTO3BEgpvMmECQT1OgVvx7mC/GbiFBsLeQDWlXqdn
EOy3Df2NbNnQCJD9CZxw9m/KaULvymYH0kPqvdYzsj+6DcLXtnm2evQ=
-----END CERTIFICATE-----
Generated at Mon Apr 27 21:55:12 2026 by rpki-client