Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: c1w26MhhrDHDdTwmrcjLPGPMa4y1cmA0y5qlkUmQmxs=
Subject key identifier: AE:AC:2B:A5:F4:F7:9A:BA:27:2D:BE:BB:DC:9A:49:A8:9A:9C:B1:E3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 79F927B4CA923F8C14ED26B40B7823D362423172
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
Signing time: Fri 29 Aug 2025 11:47:30 +0000
ROA not before: Fri 29 Aug 2025 11:42:30 +0000
ROA not after: Fri 28 Aug 2026 11:47:30 +0000
asID: 396356
IP address blocks: 82.21.96.0/22 maxlen: 22
82.21.242.0/24 maxlen: 24
82.24.68.0/22 maxlen: 22
82.26.243.0/24 maxlen: 24
82.27.100.0/24 maxlen: 24
82.27.243.0/24 maxlen: 24
82.29.242.0/24 maxlen: 24
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
2a13:9500:33::/48 maxlen: 48
2a13:9500:82::/48 maxlen: 48
2a13:9500:83::/48 maxlen: 48
2a13:9500:84::/48 maxlen: 48
2a13:9500:85::/48 maxlen: 48
2a13:9500:86::/48 maxlen: 48
2a13:9500:87::/48 maxlen: 48
2a13:9500:88::/48 maxlen: 48
2a13:9500:89::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 13:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:f9:27:b4:ca:92:3f:8c:14:ed:26:b4:0b:78:23:d3:62:42:31:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 29 11:42:30 2025 GMT
Not After : Aug 28 11:47:30 2026 GMT
Subject: CN=AEAC2BA5F4F79ABA272DBEBBDC9A49A89A9CB1E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bb:57:cc:d7:a5:7d:01:d8:e6:7e:fb:4f:61:
23:86:4f:45:17:ce:dc:23:f1:b6:3e:47:7f:5a:27:
45:ea:1d:b0:8d:84:a0:6e:e7:3a:83:69:56:d0:c2:
40:05:0e:7c:1b:52:da:d2:6d:25:2e:53:67:b6:61:
6c:eb:53:4d:22:d7:94:83:8e:45:b5:09:91:d2:bb:
85:bc:32:87:9c:06:f7:c1:3d:a8:3d:df:6d:5a:b6:
c6:97:72:29:3f:3c:96:09:7a:cd:6b:56:09:b7:c9:
e2:3c:3d:b7:e4:89:c9:87:78:31:c3:3a:96:1f:bd:
a8:70:13:a6:42:23:0a:93:d0:0f:2a:69:fb:b2:6e:
a9:fb:1b:79:2b:5a:c7:3f:f1:9c:59:b0:84:b4:92:
03:bd:ab:b6:74:f2:cb:b6:68:9d:89:fb:17:c4:f3:
2b:7e:a9:ed:fe:0d:fb:a0:2d:3f:e7:f4:b6:dd:05:
9b:9c:76:fa:8f:7c:9a:af:6c:e5:06:87:75:1c:6d:
b1:57:02:c0:be:0d:3a:71:7a:13:f0:dc:b4:33:0e:
68:d8:ee:15:8c:f5:71:61:69:6a:72:0a:87:d7:2f:
66:a7:96:5b:8c:10:6d:9d:e6:4f:ee:ff:d2:57:d7:
06:8b:fb:de:c7:5d:46:70:17:68:7a:14:38:78:ec:
d9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:AC:2B:A5:F4:F7:9A:BA:27:2D:BE:BB:DC:9A:49:A8:9A:9C:B1:E3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.96.0/22
82.21.242.0/24
82.24.68.0/22
82.26.243.0/24
82.27.100.0/24
82.27.243.0/24
82.29.242.0/24
IPv6:
2a13:9500:1c::/46
2a13:9500:33::/48
2a13:9500:82::-2a13:9500:89:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
98:f0:70:ab:44:86:f1:5d:49:44:09:87:c7:cf:8b:79:c1:75:
05:f0:3f:61:af:43:bd:0b:2e:d4:3c:d0:5c:0d:18:52:6d:b0:
6d:b1:4e:5a:42:22:f9:4a:49:70:0f:0e:42:63:23:5b:ac:b5:
69:96:61:ed:e0:17:9e:90:cb:14:8f:de:c9:c1:71:73:9e:c0:
d4:5e:73:4e:2a:7a:c4:d3:98:4b:5e:62:f5:65:2e:29:71:1a:
f4:29:19:dc:b7:e1:93:64:84:b9:e2:8f:05:51:e6:5e:3e:a0:
b8:04:d0:9b:db:e9:0d:44:80:9f:7d:d3:89:20:88:83:03:65:
17:6c:32:2d:fa:60:7e:01:e1:3a:ae:7d:37:9a:5b:ad:19:3c:
cf:f6:a4:62:76:53:7b:0c:0b:2d:9e:e5:fa:3b:45:d1:6f:91:
d1:82:6c:ee:a0:70:06:e1:21:12:6e:9b:65:b3:0a:5e:0f:96:
c8:c0:93:b9:28:45:f9:44:67:7a:0b:19:9b:c2:25:66:14:0c:
10:01:6b:d1:09:fd:8a:83:a7:a5:f9:82:cf:f5:c2:70:2f:ae:
24:bd:83:1c:ce:b8:1d:ad:99:8e:4f:82:8b:74:bd:4d:3d:4e:
f7:fb:ce:0a:e6:8b:46:5a:9f:88:e8:86:5a:11:79:62:2d:fd:
b4:1f:4e:c7
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIUefkntMqSP4wU7Sa0C3gj02JCMXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MjkxMTQyMzBaFw0yNjA4MjgxMTQ3MzBaMDMxMTAvBgNV
BAMTKEFFQUMyQkE1RjRGNzlBQkEyNzJEQkVCQkRDOUE0OUE4OUE5Q0IxRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLu1fM16V9AdjmfvtPYSOGT0UX
ztwj8bY+R39aJ0XqHbCNhKBu5zqDaVbQwkAFDnwbUtrSbSUuU2e2YWzrU00i15SD
jkW1CZHSu4W8MoecBvfBPag9321atsaXcik/PJYJes1rVgm3yeI8PbfkicmHeDHD
OpYfvahwE6ZCIwqT0A8qafuybqn7G3krWsc/8ZxZsIS0kgO9q7Z08su2aJ2J+xfE
8yt+qe3+DfugLT/n9LbdBZucdvqPfJqvbOUGh3UcbbFXAsC+DTpxehPw3LQzDmjY
7hWM9XFhaWpyCofXL2anlluMEG2d5k/u/9JX1waL+97HXUZwF2h6FDh47NldAgMB
AAGjggJcMIICWDAdBgNVHQ4EFgQUrqwrpfT3mronLb673JpJqJqcseMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDAwBAIAATAqAwQCUhVg
AwQAUhXyAwQCUhhEAwQAUhrzAwQAUhtkAwQAUhvzAwQAUh3yMCwEAgACMCYDBwIq
E5UAABwDBwAqE5UAADMwEgMHASoTlQAAggMHASoTlQAAiDANBgkqhkiG9w0BAQsF
AAOCAQEAmPBwq0SG8V1JRAmHx8+LecF1BfA/Ya9DvQsu1DzQXA0YUm2wbbFOWkIi
+UpJcA8OQmMjW6y1aZZh7eAXnpDLFI/eycFxc57A1F5zTip6xNOYS15i9WUuKXEa
9CkZ3Lfhk2SEueKPBVHmXj6guATQm9vpDUSAn33TiSCIgwNlF2wyLfpgfgHhOq59
N5pbrRk8z/akYnZTewwLLZ7l+jtF0W+R0YJs7qBwBuEhEm6bZbMKXg+WyMCTuShF
+URnegsZm8IlZhQMEAFr0Qn9ioOnpfmCz/XCcC+uJL2DHM64Ha2Zjk+Ci3S9TT1O
9/vOCuaLRlqfiOiGWhF5Yi39tB9Oxw==
-----END CERTIFICATE-----
Generated at Thu Sep 18 22:53:47 2025 by rpki-client