Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400909.roa
File: AS400909.roa (raw, json)
Hash identifier: X2QtGcP8s2EVTCeNqoxyHgTpQ1V2izZdmM8lZiOWLxw=
Subject key identifier: 18:DA:32:8A:45:07:8C:B4:22:C0:B0:EE:8C:5D:0D:16:AF:DE:C1:8E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 615EF61F43569907797440002CA2CF192C4DE2B5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400909.roa
Signing time: Sat 18 Apr 2026 02:04:52 +0000
ROA not before: Sat 18 Apr 2026 01:59:52 +0000
ROA not after: Sat 17 Apr 2027 02:04:52 +0000
asID: 400909
IP address blocks: 82.29.118.0/23 maxlen: 23
82.38.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 09:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:5e:f6:1f:43:56:99:07:79:74:40:00:2c:a2:cf:19:2c:4d:e2:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 18 01:59:52 2026 GMT
Not After : Apr 17 02:04:52 2027 GMT
Subject: CN=18DA328A45078CB422C0B0EE8C5D0D16AFDEC18E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:27:39:64:10:43:5d:b7:86:f1:ce:83:4c:
10:bf:80:71:a0:2d:29:a5:61:32:fc:11:ca:a8:e8:
92:13:5e:32:b1:ee:28:1a:72:7c:fe:5d:d5:88:20:
29:75:fd:58:5b:3f:7d:81:05:9f:53:b8:4a:79:d5:
52:47:0c:8c:c6:e3:00:d8:a5:d3:25:e5:04:8e:fc:
cf:0e:5e:c8:37:59:69:aa:d1:36:94:4a:b6:a9:06:
2a:c3:1f:40:c2:ec:b8:91:0f:d4:7f:65:03:9e:ac:
13:c1:ef:8a:ab:b0:c6:13:75:a4:d2:d1:f7:14:97:
c4:2d:2a:5a:a6:05:9b:89:42:2c:cd:f3:c6:be:1f:
98:34:95:5e:51:49:38:f1:6e:fa:d1:03:8b:80:ed:
e9:dc:64:f3:d1:a8:45:1f:77:0b:48:be:77:23:7f:
0d:d8:ab:74:dc:aa:10:1e:02:55:03:78:7f:e7:1e:
09:be:90:ff:d2:e4:21:b4:e6:91:df:ef:6c:0c:cf:
21:17:97:0f:98:6f:e2:79:94:11:fe:4e:dd:b5:b6:
84:b3:c0:07:03:18:a7:72:ee:7b:0a:89:6a:98:e9:
b0:0c:ab:58:7b:26:c4:36:e4:c0:a5:34:dc:f9:a6:
c2:31:82:51:fb:d9:40:ff:1b:0d:0d:9d:39:ad:81:
ae:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:DA:32:8A:45:07:8C:B4:22:C0:B0:EE:8C:5D:0D:16:AF:DE:C1:8E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400909.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.118.0/23
82.38.149.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:87:52:b3:76:17:95:2f:4b:3f:96:e2:e9:5b:ea:60:fc:cb:
cf:7f:25:58:ba:d7:57:61:31:a0:bf:52:c0:5a:f7:c4:cb:ed:
df:a0:d0:75:8d:18:c6:cf:a5:4f:ff:29:5d:0a:69:54:78:c6:
0e:0f:bd:98:67:bf:6a:18:2b:cb:10:39:f3:f9:8b:ce:cb:c1:
8e:76:18:9c:7c:01:cb:03:1d:fc:da:3c:88:15:cd:f8:8a:34:
d5:33:3b:7d:e9:ba:de:c4:54:f5:83:57:aa:a1:39:85:6e:e0:
b4:ba:26:db:72:ee:a0:ad:e6:2c:48:45:79:5f:54:ff:9d:7f:
b4:40:80:6c:0b:27:dc:20:56:23:80:0f:31:db:a2:e5:75:ca:
61:1c:9b:4f:c6:fe:de:14:cc:d4:d5:b1:87:7b:e0:b3:8e:58:
f4:8d:02:96:45:02:ae:1b:0d:c8:68:90:de:23:ac:b9:fc:09:
01:ee:bd:67:df:ed:18:0d:9d:bc:12:15:e0:52:d5:7f:ba:5c:
6b:15:22:2c:7f:61:48:62:cf:68:10:57:16:37:29:eb:5f:ba:
c2:60:3b:79:62:3c:ef:ff:79:d9:3f:85:a2:82:48:48:bd:32:
17:c6:e5:e6:2d:b8:8f:80:18:05:10:2e:7b:c8:46:fa:71:d3:
28:4b:4b:9c
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUYV72H0NWmQd5dEAALKLPGSxN4rUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTgwMTU5NTJaFw0yNzA0MTcwMjA0NTJaMDMxMTAvBgNV
BAMTKDE4REEzMjhBNDUwNzhDQjQyMkMwQjBFRThDNUQwRDE2QUZERUMxOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMkic5ZBBDXbeG8c6DTBC/gHGg
LSmlYTL8Ecqo6JITXjKx7igacnz+XdWIICl1/VhbP32BBZ9TuEp51VJHDIzG4wDY
pdMl5QSO/M8OXsg3WWmq0TaUSrapBirDH0DC7LiRD9R/ZQOerBPB74qrsMYTdaTS
0fcUl8QtKlqmBZuJQizN88a+H5g0lV5RSTjxbvrRA4uA7encZPPRqEUfdwtIvncj
fw3Yq3TcqhAeAlUDeH/nHgm+kP/S5CG05pHf72wMzyEXlw+Yb+J5lBH+Tt21toSz
wAcDGKdy7nsKiWqY6bAMq1h7JsQ25MClNNz5psIxglH72UD/Gw0NnTmtga7zAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUGNoyikUHjLQiwLDujF0NFq/ewY4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAwOTA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUh12
AwQAUiaVMA0GCSqGSIb3DQEBCwUAA4IBAQCbh1KzdheVL0s/luLpW+pg/MvPfyVY
utdXYTGgv1LAWvfEy+3foNB1jRjGz6VP/yldCmlUeMYOD72YZ79qGCvLEDnz+YvO
y8GOdhicfAHLAx382jyIFc34ijTVMzt96brexFT1g1eqoTmFbuC0uibbcu6greYs
SEV5X1T/nX+0QIBsCyfcIFYjgA8x26LldcphHJtPxv7eFMzU1bGHe+Czjlj0jQKW
RQKuGw3IaJDeI6y5/AkB7r1n3+0YDZ28EhXgUtV/ulxrFSIsf2FIYs9oEFcWNynr
X7rCYDt5Yjzv/3nZP4WigkhIvTIXxuXmLbiPgBgFEC57yEb6cdMoS0uc
-----END CERTIFICATE-----
Generated at Sat Apr 18 19:39:15 2026 by rpki-client