Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: tcf0sKIwR80f/uaH0wQYREhVtTo/0rsBvoid5C8Nswg=
Subject key identifier: 55:20:9B:DD:D1:56:9C:65:1C:BC:16:62:34:DC:16:AB:24:C9:4A:C8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 49EA7EC833F41B3A122062C80F43FB889B92D361
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
Signing time: Thu 11 Jun 2026 07:17:07 +0000
ROA not before: Thu 11 Jun 2026 07:12:07 +0000
ROA not after: Thu 10 Jun 2027 07:17:07 +0000
asID: 395374
IP address blocks: 84.75.16.0/24 maxlen: 24
178.83.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ea:7e:c8:33:f4:1b:3a:12:20:62:c8:0f:43:fb:88:9b:92:d3:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 11 07:12:07 2026 GMT
Not After : Jun 10 07:17:07 2027 GMT
Subject: CN=55209BDDD1569C651CBC166234DC16AB24C94AC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b0:4c:ff:fc:34:6c:9b:95:ce:12:16:a6:46:
b2:20:2c:8f:5a:54:1e:df:29:94:7e:35:19:3d:53:
94:05:7d:a9:b8:55:9e:cf:63:86:bb:4c:eb:7f:7b:
b5:9d:0b:45:36:0a:b7:8a:8e:da:8f:e7:b8:6c:a1:
8a:97:96:00:1d:9f:c7:25:c8:7a:69:24:05:df:0d:
f3:bd:9a:dc:bb:99:7c:84:39:c1:39:ac:35:6b:8a:
94:71:98:4f:49:5f:ea:e5:ef:10:81:04:80:97:a5:
24:89:7b:37:96:b8:d0:73:18:31:7d:71:cb:ec:29:
cf:51:c9:b5:93:21:b5:69:8e:c0:be:2a:0a:93:48:
2b:08:35:ee:ad:28:e4:20:80:42:48:8b:81:d7:f5:
9b:62:ac:78:27:02:5f:98:72:d8:0e:23:57:ee:ea:
3f:dc:ef:b3:99:2a:15:d0:5f:d9:75:32:db:e4:b7:
63:e9:0c:54:01:b2:d0:ed:6d:4e:82:e1:5b:64:ba:
83:5b:2c:c2:e0:86:2b:fb:93:9b:6b:68:56:16:4c:
be:4a:b1:5d:1a:c0:96:dc:10:2d:7d:d4:97:3c:d5:
18:83:cd:7d:d0:da:35:12:ee:d6:34:b3:56:2e:09:
eb:5a:98:d9:2e:b9:bf:87:df:cc:57:66:6c:4c:6b:
fe:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:20:9B:DD:D1:56:9C:65:1C:BC:16:62:34:DC:16:AB:24:C9:4A:C8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.75.16.0/24
178.83.69.0/24
Signature Algorithm: sha256WithRSAEncryption
08:86:14:08:91:d6:bd:d5:57:63:e7:85:7f:bf:bb:0a:5e:3e:
b5:73:cf:c0:4a:07:3d:da:d5:03:a9:02:96:c4:b7:6e:58:a9:
ae:a3:02:77:01:3e:0c:6e:39:74:24:a7:9a:c2:6e:64:ee:e4:
d9:a1:0a:09:97:78:61:1e:dc:a3:0f:95:c4:5b:86:a4:a0:69:
ef:ab:6f:f0:53:59:d8:56:16:7b:8b:ec:6b:ed:90:09:de:bb:
be:84:fd:d9:57:9e:9e:55:73:d1:53:25:c0:71:82:45:7c:0b:
15:a0:e9:34:40:72:f1:d3:da:22:92:70:5a:14:83:bb:bd:b2:
9d:5b:08:ec:c0:87:4c:56:6d:ea:01:b2:7f:54:e2:a2:06:d4:
d0:68:92:a8:70:d1:85:90:f2:af:e2:7a:f2:53:58:e0:0c:c4:
27:97:40:90:f1:f3:4a:7e:e9:52:61:12:01:f2:c2:fd:98:ee:
2d:a2:f1:26:a5:98:bc:c0:ee:ab:64:27:df:69:ad:55:08:92:
2d:85:ec:35:6a:07:7e:b3:46:10:a9:97:a5:38:15:8f:c7:eb:
25:18:29:d6:e0:0c:af:f7:37:b2:41:b7:7c:2d:2d:d7:92:92:
f0:47:05:e5:83:16:d6:9a:11:e4:d6:36:2f:a4:34:4e:f0:f9:
e6:ec:df:81
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUSep+yDP0GzoSIGLID0P7iJuS02EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MTEwNzEyMDdaFw0yNzA2MTAwNzE3MDdaMDMxMTAvBgNV
BAMTKDU1MjA5QkRERDE1NjlDNjUxQ0JDMTY2MjM0REMxNkFCMjRDOTRBQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrsEz//DRsm5XOEhamRrIgLI9a
VB7fKZR+NRk9U5QFfam4VZ7PY4a7TOt/e7WdC0U2CreKjtqP57hsoYqXlgAdn8cl
yHppJAXfDfO9mty7mXyEOcE5rDVripRxmE9JX+rl7xCBBICXpSSJezeWuNBzGDF9
ccvsKc9RybWTIbVpjsC+KgqTSCsINe6tKOQggEJIi4HX9ZtirHgnAl+YctgOI1fu
6j/c77OZKhXQX9l1Mtvkt2PpDFQBstDtbU6C4VtkuoNbLMLghiv7k5traFYWTL5K
sV0awJbcEC191Jc81RiDzX3Q2jUS7tY0s1YuCetamNkuub+H38xXZmxMa/4pAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUVSCb3dFWnGUcvBZiNNwWqyTJSsgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVEsQ
AwQAslNFMA0GCSqGSIb3DQEBCwUAA4IBAQAIhhQIkda91Vdj54V/v7sKXj61c8/A
Sgc92tUDqQKWxLduWKmuowJ3AT4Mbjl0JKeawm5k7uTZoQoJl3hhHtyjD5XEW4ak
oGnvq2/wU1nYVhZ7i+xr7ZAJ3ru+hP3ZV56eVXPRUyXAcYJFfAsVoOk0QHLx09oi
knBaFIO7vbKdWwjswIdMVm3qAbJ/VOKiBtTQaJKocNGFkPKv4nryU1jgDMQnl0CQ
8fNKfulSYRIB8sL9mO4tovEmpZi8wO6rZCffaa1VCJIthew1agd+s0YQqZelOBWP
x+slGCnW4Ayv9zeyQbd8LS3XkpLwRwXlgxbWmhHk1jYvpDRO8Pnm7N+B
-----END CERTIFICATE-----
Generated at Thu Jun 11 18:26:43 2026 by rpki-client