Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: hnYBMr1CoTdBg7B8oLCBt3MuUci0tszrsBVs8gED1f0=
Subject key identifier: 3D:8B:2A:2C:1C:EB:A5:EF:4E:8B:1A:06:CF:31:D6:A6:67:EC:C9:63
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 58621BDDB0BAECD53F696D1AB8B9591384B9DF48
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
Signing time: Tue 02 Jun 2026 12:56:02 +0000
ROA not before: Tue 02 Jun 2026 12:51:02 +0000
ROA not after: Tue 01 Jun 2027 12:56:02 +0000
asID: 396356
IP address blocks: 82.21.242.0/24 maxlen: 24
82.24.68.0/22 maxlen: 22
82.24.144.0/24 maxlen: 24
82.26.243.0/24 maxlen: 24
82.27.100.0/24 maxlen: 24
82.27.243.0/24 maxlen: 24
82.39.81.0/24 maxlen: 24
2a13:9500:3::/48 maxlen: 48
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
2a13:9500:24::/48 maxlen: 48
2a13:9500:25::/48 maxlen: 48
2a13:9500:26::/48 maxlen: 48
2a13:9500:27::/48 maxlen: 48
2a13:9500:28::/48 maxlen: 48
2a13:9500:33::/48 maxlen: 48
2a13:9500:5b::/48 maxlen: 48
2a13:9500:5c::/48 maxlen: 48
2a13:9500:5d::/48 maxlen: 48
2a13:9500:5e::/48 maxlen: 48
2a13:9500:5f::/48 maxlen: 48
2a13:9500:82::/48 maxlen: 48
2a13:9500:83::/48 maxlen: 48
2a13:9500:84::/48 maxlen: 48
2a13:9500:85::/48 maxlen: 48
2a13:9500:86::/48 maxlen: 48
2a13:9500:87::/48 maxlen: 48
2a13:9500:88::/48 maxlen: 48
2a13:9500:89::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:62:1b:dd:b0:ba:ec:d5:3f:69:6d:1a:b8:b9:59:13:84:b9:df:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 12:51:02 2026 GMT
Not After : Jun 1 12:56:02 2027 GMT
Subject: CN=3D8B2A2C1CEBA5EF4E8B1A06CF31D6A667ECC963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a5:f8:50:56:3e:f1:52:17:57:5f:4e:15:bb:
ee:fb:75:dd:d9:a5:61:1d:60:56:b5:0a:e0:f6:30:
10:1a:c8:11:a3:b3:d2:c2:4c:90:b2:2d:d0:49:2e:
d7:9e:8f:64:0b:5a:29:17:a1:bd:74:38:bd:b8:77:
f8:a2:39:04:89:0a:70:00:d0:5d:97:3c:1d:95:6d:
19:e6:21:77:35:78:a5:31:fd:8c:75:63:9a:91:34:
c9:3f:65:a4:4a:95:5d:dc:98:7a:37:c6:a6:2c:d7:
79:e6:bb:34:9e:36:4d:22:d5:7f:6d:0f:32:92:4e:
82:ad:34:a7:dc:85:81:d8:22:02:15:65:79:c2:9b:
56:9d:48:ac:78:6a:1f:a2:31:e7:89:36:bc:8e:0f:
40:96:33:88:d9:cf:48:9f:02:6d:a9:35:1b:9d:98:
16:b5:d7:7e:6d:dd:3a:b2:df:d0:73:1a:96:8b:76:
61:c9:56:1e:63:ee:78:b8:44:81:4b:34:27:e9:23:
9f:9e:6a:1f:d0:c3:67:23:93:7a:7f:59:e5:69:5b:
70:2b:5a:88:a5:12:e2:eb:18:8a:8b:3f:87:37:36:
1a:42:61:7e:5f:d4:be:f3:88:8c:9a:90:b2:7c:e0:
78:3e:39:71:0a:0a:ad:fc:ce:d5:81:24:e0:d0:19:
2d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8B:2A:2C:1C:EB:A5:EF:4E:8B:1A:06:CF:31:D6:A6:67:EC:C9:63
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.242.0/24
82.24.68.0/22
82.24.144.0/24
82.26.243.0/24
82.27.100.0/24
82.27.243.0/24
82.39.81.0/24
IPv6:
2a13:9500:3::/48
2a13:9500:1c::/46
2a13:9500:24::-2a13:9500:28:ffff:ffff:ffff:ffff:ffff
2a13:9500:33::/48
2a13:9500:5b::-2a13:9500:5f:ffff:ffff:ffff:ffff:ffff
2a13:9500:82::-2a13:9500:89:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4a:b1:dc:00:ca:4c:e2:31:e8:bb:4a:c3:ef:2b:68:d9:70:1f:
a0:57:2a:28:1b:24:ea:dc:3c:fc:00:48:b3:da:6d:be:9d:e3:
07:05:84:0a:a0:0f:a1:33:34:1a:54:57:a4:d7:28:a4:c2:49:
6f:8f:45:db:5f:0f:ea:85:4f:03:2f:ec:90:8e:da:98:57:a1:
36:4b:a0:77:45:75:0c:ab:d9:70:a9:d8:9f:bd:4f:47:49:5e:
c9:e4:67:23:e4:48:81:dd:0a:c1:8b:12:7c:27:f0:43:f1:be:
94:fa:aa:69:0a:f1:2f:ca:ac:a4:f0:6a:6b:01:4b:a1:bf:5c:
13:8a:c7:d5:bb:5b:cb:db:ed:83:f0:35:86:4c:0c:da:cb:ee:
2c:d1:6b:8d:5c:4c:50:03:84:ce:91:45:f7:9a:64:5e:a4:5c:
f3:2a:99:c4:85:ef:c3:95:af:e3:dc:42:99:28:24:9b:87:e3:
f6:f2:e8:f8:d4:fe:83:eb:94:67:97:69:1c:f5:94:51:f3:62:
cd:5c:4a:a8:ce:8d:8f:0a:ca:e8:8e:c1:65:4a:f2:6e:54:08:
6b:e3:5b:11:e9:52:eb:8e:e9:0f:16:a6:90:a3:df:a9:75:1e:
4f:ce:4b:75:c1:ca:5a:af:27:b1:02:af:92:c7:4d:fa:0d:c0:
63:e8:17:14
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIUWGIb3bC67NU/aW0auLlZE4S530gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIxMjUxMDJaFw0yNzA2MDExMjU2MDJaMDMxMTAvBgNV
BAMTKDNEOEIyQTJDMUNFQkE1RUY0RThCMUEwNkNGMzFENkE2NjdFQ0M5NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbpfhQVj7xUhdXX04Vu+77dd3Z
pWEdYFa1CuD2MBAayBGjs9LCTJCyLdBJLteej2QLWikXob10OL24d/iiOQSJCnAA
0F2XPB2VbRnmIXc1eKUx/Yx1Y5qRNMk/ZaRKlV3cmHo3xqYs13nmuzSeNk0i1X9t
DzKSToKtNKfchYHYIgIVZXnCm1adSKx4ah+iMeeJNryOD0CWM4jZz0ifAm2pNRud
mBa1135t3Tqy39BzGpaLdmHJVh5j7ni4RIFLNCfpI5+eah/Qw2cjk3p/WeVpW3Ar
WoilEuLrGIqLP4c3NhpCYX5f1L7ziIyakLJ84Hg+OXEKCq38ztWBJODQGS0vAgMB
AAGjggKQMIICjDAdBgNVHQ4EFgQUPYsqLBzrpe9OixoGzzHWpmfsyWMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTAwBAIAATAqAwQA
UhXyAwQCUhhEAwQAUhiQAwQAUhrzAwQAUhtkAwQAUhvzAwQAUidRMF0EAgACMFcD
BwAqE5UAAAMDBwIqE5UAABwwEgMHAioTlQAAJAMHACoTlQAAKAMHACoTlQAAMzAS
AwcAKhOVAABbAwcFKhOVAABAMBIDBwEqE5UAAIIDBwEqE5UAAIgwDQYJKoZIhvcN
AQELBQADggEBAEqx3ADKTOIx6LtKw+8raNlwH6BXKigbJOrcPPwASLPabb6d4wcF
hAqgD6EzNBpUV6TXKKTCSW+PRdtfD+qFTwMv7JCO2phXoTZLoHdFdQyr2XCp2J+9
T0dJXsnkZyPkSIHdCsGLEnwn8EPxvpT6qmkK8S/KrKTwamsBS6G/XBOKx9W7W8vb
7YPwNYZMDNrL7izRa41cTFADhM6RRfeaZF6kXPMqmcSF78OVr+PcQpkoJJuH4/by
6PjU/oPrlGeXaRz1lFHzYs1cSqjOjY8KyuiOwWVK8m5UCGvjWxHpUuuO6Q8WppCj
36l1Hk/OS3XBylqvJ7ECr5LHTfoNwGPoFxQ=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:11:15 2026 by rpki-client