Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
File: AS393942.roa (raw, json)
Hash identifier: UVCPTeBiEYvvEpLdST2CNBReavwGSDIQ8RParwdAn4M=
Subject key identifier: 3A:ED:A1:D4:E9:67:F6:1D:89:7E:A0:68:74:7F:E5:11:29:B1:9E:9C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3BD6AD0D508E274F0BBBD9F5230DCCBF49E5AABF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
Signing time: Wed 04 Mar 2026 03:15:02 +0000
ROA not before: Wed 04 Mar 2026 03:10:02 +0000
ROA not after: Wed 03 Mar 2027 03:15:02 +0000
asID: 393942
IP address blocks: 82.29.95.0/24 maxlen: 24
178.83.39.0/24 maxlen: 24
178.83.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:d6:ad:0d:50:8e:27:4f:0b:bb:d9:f5:23:0d:cc:bf:49:e5:aa:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 4 03:10:02 2026 GMT
Not After : Mar 3 03:15:02 2027 GMT
Subject: CN=3AEDA1D4E967F61D897EA068747FE51129B19E9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4f:cd:51:06:cf:11:1d:07:0a:c8:55:d3:83:
b6:fe:5c:38:e0:79:0d:0b:63:a0:51:ad:b3:db:b2:
9d:fe:6c:70:51:c9:9a:1a:84:a9:2b:a6:f4:33:bc:
a0:c3:54:72:22:0c:9b:dd:38:0a:f8:e8:51:6e:c9:
d8:6f:9a:95:aa:9c:88:cf:0a:13:60:f9:86:92:9d:
7d:b7:ec:07:06:10:07:db:f6:36:f2:aa:e0:cb:f5:
da:ac:c0:c3:ac:a2:a9:87:42:3f:13:e2:7c:3c:c2:
e2:cc:14:4b:9e:fc:0a:9c:59:36:02:06:02:04:6b:
2f:b6:c7:44:c4:b5:aa:2b:d7:b9:11:a6:87:36:18:
9d:ec:d0:df:2d:de:14:1a:cb:17:bd:35:b4:d2:54:
42:5c:e6:2e:d9:93:db:d2:28:f8:b1:d6:a0:03:3f:
38:ab:42:7c:2c:37:0c:7a:d5:8d:6e:58:43:73:22:
01:ce:58:42:42:ba:2b:08:e7:ef:53:e8:40:10:57:
06:41:3a:3d:cc:3e:8f:07:91:6d:77:d3:2e:d1:c9:
c4:c5:d7:e3:71:2f:6c:4d:a6:0f:09:50:c1:e0:da:
e2:51:2f:56:d7:f7:03:ad:83:23:69:3c:f2:85:3a:
8d:49:22:95:3c:b4:88:30:3e:bf:4c:e3:9f:86:57:
31:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:ED:A1:D4:E9:67:F6:1D:89:7E:A0:68:74:7F:E5:11:29:B1:9E:9C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.95.0/24
178.83.39.0/24
178.83.65.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:30:04:5f:73:18:2b:ab:8d:22:c6:35:5a:57:cd:75:b3:b1:
c2:6f:ba:42:1b:82:19:7b:ea:e5:78:bc:b6:d2:71:bd:94:47:
d4:22:1f:37:f7:11:ac:9f:6e:be:f3:e4:19:73:70:f1:6c:96:
ae:e0:67:8a:3e:78:02:1f:d5:d8:1c:1c:b4:81:fb:fc:2c:16:
03:ac:ab:bd:9b:84:fa:d7:24:5b:3e:8a:8d:4c:8c:48:cd:42:
3a:4a:df:7e:de:72:2d:f8:95:75:76:21:1f:8e:b1:de:ed:3c:
b9:6c:ec:12:dd:8d:00:d8:85:38:19:e5:88:d1:ee:01:44:38:
07:21:20:7c:12:59:1c:e2:1e:86:67:f9:71:bc:61:74:bf:b2:
48:ec:f8:18:a4:d0:72:a4:8e:74:56:38:b4:ab:28:e2:c6:da:
11:74:7e:4e:c2:38:34:5d:e3:f0:28:1d:9d:da:47:ac:55:c9:
84:cd:db:c6:39:b7:8c:bd:85:94:8b:24:53:b8:5b:90:b9:56:
87:43:e9:d1:cc:16:03:db:3c:e5:1a:3b:78:f6:73:0d:82:c1:
81:a6:fb:82:96:6b:91:55:a5:e4:bb:e7:7f:af:ed:bf:a0:07:
0b:54:cc:95:c0:0c:66:21:32:2b:a4:20:ed:45:db:bd:4b:38:
7a:ad:f2:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUO9atDVCOJ08Lu9n1Iw3Mv0nlqr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDQwMzEwMDJaFw0yNzAzMDMwMzE1MDJaMDMxMTAvBgNV
BAMTKDNBRURBMUQ0RTk2N0Y2MUQ4OTdFQTA2ODc0N0ZFNTExMjlCMTlFOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2T81RBs8RHQcKyFXTg7b+XDjg
eQ0LY6BRrbPbsp3+bHBRyZoahKkrpvQzvKDDVHIiDJvdOAr46FFuydhvmpWqnIjP
ChNg+YaSnX237AcGEAfb9jbyquDL9dqswMOsoqmHQj8T4nw8wuLMFEue/AqcWTYC
BgIEay+2x0TEtaor17kRpoc2GJ3s0N8t3hQayxe9NbTSVEJc5i7Zk9vSKPix1qAD
PzirQnwsNwx61Y1uWENzIgHOWEJCuisI5+9T6EAQVwZBOj3MPo8HkW130y7RycTF
1+NxL2xNpg8JUMHg2uJRL1bX9wOtgyNpPPKFOo1JIpU8tIgwPr9M45+GVzFzAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUOu2h1Oln9h2JfqBodH/lESmxnpwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzkzOTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUh1f
AwQAslMnAwQAslNBMA0GCSqGSIb3DQEBCwUAA4IBAQAtMARfcxgrq40ixjVaV811
s7HCb7pCG4IZe+rleLy20nG9lEfUIh839xGsn26+8+QZc3DxbJau4GeKPngCH9XY
HBy0gfv8LBYDrKu9m4T61yRbPoqNTIxIzUI6St9+3nIt+JV1diEfjrHe7Ty5bOwS
3Y0A2IU4GeWI0e4BRDgHISB8Elkc4h6GZ/lxvGF0v7JI7PgYpNBypI50Vji0qyji
xtoRdH5Owjg0XePwKB2d2kesVcmEzdvGObeMvYWUiyRTuFuQuVaHQ+nRzBYD2zzl
Gjt49nMNgsGBpvuClmuRVaXku+d/r+2/oAcLVMyVwAxmITIrpCDtRdu9Szh6rfIZ
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:05:27 2026 by rpki-client