Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: p6ymXAI5HL/SKf68VuevjH9XKc0TV2sGsyp7B3k72Ws=
Subject key identifier: 12:B3:88:5A:E5:20:F4:4F:ED:9E:7D:BD:C7:64:69:BD:4F:E8:16:A5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6AD81978731C2EE1C8C12D5F7251255924CE70AB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397423.roa
Signing time: Fri 29 May 2026 12:10:56 +0000
ROA not before: Fri 29 May 2026 12:05:56 +0000
ROA not after: Fri 28 May 2027 12:10:56 +0000
asID: 397423
IP address blocks: 82.22.204.0/24 maxlen: 24
82.24.82.0/24 maxlen: 24
82.24.200.0/24 maxlen: 24
82.25.23.0/24 maxlen: 24
82.25.28.0/24 maxlen: 24
82.25.29.0/24 maxlen: 24
82.26.200.0/24 maxlen: 24
82.41.60.0/22 maxlen: 24
82.41.76.0/22 maxlen: 24
82.41.84.0/22 maxlen: 24
82.41.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d8:19:78:73:1c:2e:e1:c8:c1:2d:5f:72:51:25:59:24:ce:70:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 29 12:05:56 2026 GMT
Not After : May 28 12:10:56 2027 GMT
Subject: CN=12B3885AE520F44FED9E7DBDC76469BD4FE816A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:d7:25:98:6c:69:b9:01:6f:da:d0:3f:48:43:
b6:08:1f:00:89:1e:91:53:04:60:28:12:54:54:d9:
ca:51:15:c6:0a:7b:c7:b4:63:9e:fc:5c:49:e3:e7:
90:d4:29:a5:96:52:10:55:9e:ba:7d:9b:07:bd:73:
7a:78:09:e2:aa:8b:d5:f9:04:d3:f3:ab:21:3a:6d:
b8:b7:84:07:d8:46:69:81:f9:19:57:0f:93:45:47:
4c:4e:c4:0d:f1:88:52:02:e2:3f:ed:c3:9d:d2:0f:
0f:d1:ea:8a:4d:7b:3b:01:56:ac:2b:0f:2c:2e:2b:
03:b2:af:3f:bb:28:d0:db:aa:63:73:51:d8:09:a7:
ba:22:45:66:a2:7f:17:07:6d:c0:78:5c:66:b3:52:
5c:a0:92:47:9c:9b:43:c1:47:ce:c1:2b:2e:8d:f5:
3d:27:db:ad:b0:9b:21:91:b2:f4:53:de:41:51:65:
cd:24:9e:28:66:74:a1:16:d9:90:5f:c0:03:eb:aa:
85:56:85:73:07:2e:49:e8:b2:6c:e4:58:d1:6f:93:
8a:9d:76:25:b6:38:0e:7a:96:25:54:a2:54:8d:7f:
e7:1f:b4:ef:29:fd:81:3e:e4:d1:a0:7e:23:0f:c3:
5f:bc:ac:bc:17:03:e6:66:d5:32:d7:52:88:09:cb:
12:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B3:88:5A:E5:20:F4:4F:ED:9E:7D:BD:C7:64:69:BD:4F:E8:16:A5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.204.0/24
82.24.82.0/24
82.24.200.0/24
82.25.23.0/24
82.25.28.0/23
82.26.200.0/24
82.41.60.0/22
82.41.76.0/22
82.41.84.0/22
82.41.92.0/22
Signature Algorithm: sha256WithRSAEncryption
41:2b:6c:1f:80:56:0d:92:5a:78:3a:dd:8a:50:7c:3a:f9:ab:
6f:60:60:76:88:cd:61:8d:72:b7:b1:d2:a9:b0:a5:af:54:ae:
c2:79:ed:75:f2:6e:4e:86:45:f8:bf:7e:8e:5b:3e:55:92:4a:
0c:d8:c0:0d:c8:61:ef:26:1c:b5:1e:28:52:1f:a8:b8:be:f0:
c6:2f:d5:27:f1:87:f4:da:25:25:ba:a9:ba:30:4b:f1:1c:6b:
bc:c7:8f:12:3d:b3:6f:e8:07:3c:1c:a1:ef:36:90:70:a3:5e:
b6:3f:8f:83:0c:4c:b5:04:95:17:ec:ef:2a:f6:ca:d7:9e:0f:
67:27:29:72:33:e7:8a:dd:2b:47:56:55:38:a4:fd:85:a6:91:
4c:19:3e:4b:b2:9d:0d:04:42:b2:1c:2e:6d:07:5c:05:cc:dd:
d4:1e:b4:e1:19:30:79:d3:5e:b2:61:a3:5f:62:d2:59:0d:8d:
6e:1e:19:85:9c:15:a3:7d:68:66:3f:95:a2:99:f6:1f:e1:21:
ee:c3:cf:8c:9f:d9:81:09:12:e0:95:79:64:13:71:e7:c5:dc:
ea:e3:88:c8:ae:18:a1:de:b0:b8:00:d7:93:0b:d6:ef:d7:38:
a5:40:5a:a2:b5:16:a8:2d:19:ff:6e:fa:9b:37:b3:ad:01:39:
de:e9:b8:cd
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUatgZeHMcLuHIwS1fclElWSTOcKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjkxMjA1NTZaFw0yNzA1MjgxMjEwNTZaMDMxMTAvBgNV
BAMTKDEyQjM4ODVBRTUyMEY0NEZFRDlFN0RCREM3NjQ2OUJENEZFODE2QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD31yWYbGm5AW/a0D9IQ7YIHwCJ
HpFTBGAoElRU2cpRFcYKe8e0Y578XEnj55DUKaWWUhBVnrp9mwe9c3p4CeKqi9X5
BNPzqyE6bbi3hAfYRmmB+RlXD5NFR0xOxA3xiFIC4j/tw53SDw/R6opNezsBVqwr
DywuKwOyrz+7KNDbqmNzUdgJp7oiRWaifxcHbcB4XGazUlygkkecm0PBR87BKy6N
9T0n262wmyGRsvRT3kFRZc0knihmdKEW2ZBfwAPrqoVWhXMHLknosmzkWNFvk4qd
diW2OA56liVUolSNf+cftO8p/YE+5NGgfiMPw1+8rLwXA+Zm1TLXUogJyxIrAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUErOIWuUg9E/tnn29x2RpvU/oFqUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUhbM
AwQAUhhSAwQAUhjIAwQAUhkXAwQBUhkcAwQAUhrIAwQCUik8AwQCUilMAwQCUilU
AwQCUilcMA0GCSqGSIb3DQEBCwUAA4IBAQBBK2wfgFYNklp4Ot2KUHw6+atvYGB2
iM1hjXK3sdKpsKWvVK7Cee118m5OhkX4v36OWz5VkkoM2MANyGHvJhy1HihSH6i4
vvDGL9Un8Yf02iUluqm6MEvxHGu8x48SPbNv6Ac8HKHvNpBwo162P4+DDEy1BJUX
7O8q9srXng9nJylyM+eK3StHVlU4pP2FppFMGT5Lsp0NBEKyHC5tB1wFzN3UHrTh
GTB5016yYaNfYtJZDY1uHhmFnBWjfWhmP5WimfYf4SHuw8+Mn9mBCRLglXlkE3Hn
xdzq44jIrhih3rC4ANeTC9bv1zilQFqitRaoLRn/bvqbN7OtATne6bjN
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:11:16 2026 by rpki-client