Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
File: AS395793.roa (raw, json)
Hash identifier: aRolGCSAb3zQ4Tu1dJjlxmc6jawQi4OAkuQv/JTIamM=
Subject key identifier: 3E:53:A5:72:9C:91:00:D6:A9:BD:DF:31:14:51:DB:99:BA:93:9D:4A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 447F699209B3962A57470815C9DF8214C51973D9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
Signing time: Wed 24 Sep 2025 18:02:37 +0000
ROA not before: Wed 24 Sep 2025 17:57:37 +0000
ROA not after: Wed 23 Sep 2026 18:02:37 +0000
asID: 395793
IP address blocks: 82.22.170.0/24 maxlen: 24
82.23.128.0/24 maxlen: 24
82.23.129.0/24 maxlen: 24
82.23.130.0/24 maxlen: 24
82.23.131.0/24 maxlen: 24
82.23.132.0/24 maxlen: 24
82.23.133.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.42.0/24 maxlen: 24
82.24.64.0/24 maxlen: 24
82.24.121.0/24 maxlen: 24
82.24.146.0/24 maxlen: 24
82.26.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:50:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:7f:69:92:09:b3:96:2a:57:47:08:15:c9:df:82:14:c5:19:73:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 24 17:57:37 2025 GMT
Not After : Sep 23 18:02:37 2026 GMT
Subject: CN=3E53A5729C9100D6A9BDDF311451DB99BA939D4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a9:33:78:38:c0:16:33:88:03:ad:ca:ef:74:
c1:ec:2b:3d:20:b6:25:11:73:df:9f:29:a1:68:56:
f2:d7:3f:dc:a4:56:de:27:60:2a:51:13:d6:02:12:
15:fe:5c:93:bf:64:9c:ff:83:02:ae:75:a5:af:52:
b8:1e:8b:88:08:68:5a:f9:ab:9b:b5:20:77:2d:e6:
48:70:e5:52:69:b5:64:14:14:94:e5:0f:82:d8:ce:
fa:f9:d5:ef:d5:d4:7b:e4:59:2e:d4:c8:f8:ae:40:
9a:cd:86:c9:8c:5f:53:5a:dd:72:f5:30:cd:8a:f2:
46:5e:22:a5:df:6a:00:1d:04:23:93:3a:b2:e0:07:
fb:a5:55:71:d4:86:d2:c1:7d:87:ec:75:63:72:4c:
3b:40:58:ff:4b:7e:ab:17:d0:96:a6:40:19:78:1b:
fd:1f:74:95:41:69:8f:11:47:7f:c7:3d:f8:9f:fd:
d2:74:31:cc:12:5a:50:bc:5b:7b:4f:d8:15:bc:01:
83:4b:97:ef:45:ce:e4:57:dd:1f:92:eb:ba:a3:b8:
43:88:3f:09:de:4e:6d:da:2a:eb:01:0a:6c:42:d4:
4d:1b:fe:3c:65:de:ce:53:46:22:87:56:e8:19:66:
80:f4:e6:90:14:72:b2:24:28:c1:51:0e:8b:a7:10:
05:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:53:A5:72:9C:91:00:D6:A9:BD:DF:31:14:51:DB:99:BA:93:9D:4A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.170.0/24
82.23.128.0-82.23.133.255
82.23.147.0/24
82.24.42.0/24
82.24.64.0/24
82.24.121.0/24
82.24.146.0/24
82.26.207.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:21:c0:a3:4b:02:65:8d:55:b7:b5:ca:7a:28:d9:f8:51:f7:
f4:fe:07:ef:21:ec:2d:52:dc:f1:a4:28:c4:53:56:1c:f6:de:
49:7c:68:ff:48:d2:0e:8c:a5:22:13:14:78:c9:af:9e:70:78:
ef:a7:16:7a:54:95:e5:ee:83:b9:59:34:40:f1:3b:da:17:09:
6b:65:0d:4e:81:de:8c:68:ed:1b:92:c8:c7:86:f9:bd:bc:12:
30:65:ac:60:02:f1:a2:d4:ec:3a:f4:1f:2f:28:84:67:22:57:
aa:39:db:9e:65:f2:ef:a4:46:93:37:85:21:2b:aa:f0:72:4f:
6a:51:63:d3:3e:a2:29:c7:a8:6d:74:5d:1f:c0:7e:51:a2:cc:
1a:0b:b6:6c:5c:40:b3:82:4a:eb:2a:c3:6d:81:7b:40:b0:4e:
2c:d8:72:82:2e:16:b7:49:9b:c5:b2:d3:23:de:d0:7c:f1:b3:
87:03:f7:31:f4:b8:d4:ac:b4:00:cb:5c:2d:e3:1d:a3:3b:10:
40:2c:cd:39:2c:48:11:0d:52:be:ad:a1:86:b9:1f:07:33:58:
e6:aa:58:ef:55:1e:32:50:5b:e9:33:a6:d1:0f:ba:a9:8c:32:
19:02:ac:ed:52:b5:ed:e6:86:21:a7:87:96:74:98:8d:91:79:
04:57:a6:b8
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIURH9pkgmzlipXRwgVyd+CFMUZc9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjQxNzU3MzdaFw0yNjA5MjMxODAyMzdaMDMxMTAvBgNV
BAMTKDNFNTNBNTcyOUM5MTAwRDZBOUJEREYzMTE0NTFEQjk5QkE5MzlENEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtqTN4OMAWM4gDrcrvdMHsKz0g
tiURc9+fKaFoVvLXP9ykVt4nYCpRE9YCEhX+XJO/ZJz/gwKudaWvUrgei4gIaFr5
q5u1IHct5khw5VJptWQUFJTlD4LYzvr51e/V1HvkWS7UyPiuQJrNhsmMX1Na3XL1
MM2K8kZeIqXfagAdBCOTOrLgB/ulVXHUhtLBfYfsdWNyTDtAWP9LfqsX0JamQBl4
G/0fdJVBaY8RR3/HPfif/dJ0McwSWlC8W3tP2BW8AYNLl+9FzuRX3R+S67qjuEOI
PwneTm3aKusBCmxC1E0b/jxl3s5TRiKHVugZZoD05pAUcrIkKMFRDounEAWbAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUPlOlcpyRANapvd8xFFHbmbqTnUowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1NzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUhaq
MAwDBAdSF4ADBAFSF4QDBABSF5MDBABSGCoDBABSGEADBABSGHkDBABSGJIDBABS
Gs8wDQYJKoZIhvcNAQELBQADggEBADwhwKNLAmWNVbe1ynoo2fhR9/T+B+8h7C1S
3PGkKMRTVhz23kl8aP9I0g6MpSITFHjJr55weO+nFnpUleXug7lZNEDxO9oXCWtl
DU6B3oxo7RuSyMeG+b28EjBlrGAC8aLU7Dr0Hy8ohGciV6o5255l8u+kRpM3hSEr
qvByT2pRY9M+oinHqG10XR/AflGizBoLtmxcQLOCSusqw22Be0CwTizYcoIuFrdJ
m8Wy0yPe0Hzxs4cD9zH0uNSstADLXC3jHaM7EEAszTksSBENUr6toYa5HwczWOaq
WO9VHjJQW+kzptEPuqmMMhkCrO1Ste3mhiGnh5Z0mI2ReQRXprg=
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:11:48 2025 by rpki-client