Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS401293.roa
File: AS401293.roa (raw, json)
Hash identifier: lT93oA7hNPXJyZeP0GpgMjbFKP6NwdNRAUWVt9DOEIk=
Subject key identifier: 83:DB:E5:44:C4:CC:C3:CC:7D:8D:04:62:06:F0:EE:D0:28:1B:AB:39
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 40466648F8BED97F7186E1417B2437E7EA2AB156
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS401293.roa
Signing time: Wed 08 Apr 2026 08:16:02 +0000
ROA not before: Wed 08 Apr 2026 08:11:02 +0000
ROA not after: Wed 07 Apr 2027 08:16:02 +0000
asID: 401293
IP address blocks: 82.38.172.0/24 maxlen: 24
84.75.159.0/24 maxlen: 24
178.83.99.0/24 maxlen: 24
178.83.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 Apr 2026 17:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:46:66:48:f8:be:d9:7f:71:86:e1:41:7b:24:37:e7:ea:2a:b1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 8 08:11:02 2026 GMT
Not After : Apr 7 08:16:02 2027 GMT
Subject: CN=83DBE544C4CCC3CC7D8D046206F0EED0281BAB39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e3:10:60:5f:fd:02:63:2b:dd:35:12:08:b1:
c9:51:35:d6:6a:ff:a6:ca:16:e6:0e:6d:07:80:ae:
fe:d4:bf:9c:75:87:6b:83:bc:8e:4c:c2:e7:ab:b0:
6c:0f:f5:84:d2:c3:4f:2c:5a:4d:76:a2:00:48:aa:
46:09:f4:46:99:dc:b7:69:63:b4:1e:77:a0:ac:de:
ca:e9:bd:a6:dd:21:a6:c1:eb:52:21:fc:df:90:16:
2d:05:c3:74:ac:18:06:31:8a:db:1e:86:b1:71:f0:
43:2c:29:22:fe:b8:2d:c0:20:8f:94:a5:39:25:85:
d7:97:33:48:5d:cc:eb:af:b7:6a:13:25:b8:b1:d0:
ed:85:6a:b5:69:fb:13:00:58:01:16:19:fa:c9:b3:
6c:f8:88:46:a3:1a:50:51:c7:59:96:a0:72:24:f1:
f4:06:6a:08:6a:4e:a9:60:8c:98:b2:bb:50:59:c3:
06:1b:da:57:27:e6:cc:bc:9c:ba:aa:c1:96:df:82:
bd:54:11:9c:d7:c4:4f:56:dd:a3:4f:4f:52:fa:75:
42:e7:3d:a2:a4:28:ee:cb:f8:73:d0:4f:8d:72:8a:
98:f8:98:f6:01:09:6f:77:8f:22:ce:30:48:d8:54:
d2:ed:1f:dd:03:bc:de:47:ab:74:e3:2a:a3:ec:66:
26:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:DB:E5:44:C4:CC:C3:CC:7D:8D:04:62:06:F0:EE:D0:28:1B:AB:39
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS401293.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.172.0/24
84.75.159.0/24
178.83.99.0/24
178.83.206.0/24
Signature Algorithm: sha256WithRSAEncryption
94:f8:21:13:67:7d:23:03:71:31:eb:03:39:e2:74:b7:17:da:
38:7e:c9:27:56:9d:3c:b8:8e:65:cb:a6:53:6b:b1:6e:bd:e4:
27:e2:1e:08:f7:f1:98:95:40:a9:d1:fb:60:7b:34:93:71:76:
fd:f1:57:fe:42:28:b4:91:d2:96:b9:0d:17:b1:ce:9a:91:b2:
53:3f:bd:fe:fb:fe:8f:4e:80:56:51:a5:91:45:ea:37:d3:c3:
ff:0b:23:87:d6:cc:34:a5:71:55:8a:b7:b9:b3:f9:0c:51:bb:
ff:9d:c6:d0:34:4c:85:61:02:8b:83:f6:50:d9:ff:67:c1:ea:
1a:5a:26:b1:c6:66:88:a6:10:f9:3a:d4:2f:fa:29:4d:f7:b5:
6d:34:32:0e:b7:bb:27:ea:8d:1e:05:71:72:22:0b:a0:cd:4d:
7f:1a:71:1c:a6:b1:4c:1c:53:5a:ed:07:a9:1c:f7:ce:8a:71:
d5:e7:3b:7b:76:38:7f:5a:42:a8:8a:35:84:31:76:ed:b2:f0:
92:59:be:a5:7e:f0:5b:15:6e:19:cc:b2:29:d0:c1:dc:8e:6f:
6e:58:e3:ea:5b:1f:c1:f2:80:d2:ec:c5:85:c6:52:6b:36:19:
af:8c:75:6e:bf:2b:3f:31:c9:57:fd:6d:7d:1a:00:f8:2f:49:
2e:b8:a5:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUQEZmSPi+2X9xhuFBeyQ35+oqsVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDgwODExMDJaFw0yNzA0MDcwODE2MDJaMDMxMTAvBgNV
BAMTKDgzREJFNTQ0QzRDQ0MzQ0M3RDhEMDQ2MjA2RjBFRUQwMjgxQkFCMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt4xBgX/0CYyvdNRIIsclRNdZq
/6bKFuYObQeArv7Uv5x1h2uDvI5MwuersGwP9YTSw08sWk12ogBIqkYJ9EaZ3Ldp
Y7Qed6Cs3srpvabdIabB61Ih/N+QFi0Fw3SsGAYxitsehrFx8EMsKSL+uC3AII+U
pTklhdeXM0hdzOuvt2oTJbix0O2FarVp+xMAWAEWGfrJs2z4iEajGlBRx1mWoHIk
8fQGaghqTqlgjJiyu1BZwwYb2lcn5sy8nLqqwZbfgr1UEZzXxE9W3aNPT1L6dULn
PaKkKO7L+HPQT41yipj4mPYBCW93jyLOMEjYVNLtH90DvN5Hq3TjKqPsZiaNAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUg9vlRMTMw8x9jQRiBvDu0CgbqzkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAxMjkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUias
AwQAVEufAwQAslNjAwQAslPOMA0GCSqGSIb3DQEBCwUAA4IBAQCU+CETZ30jA3Ex
6wM54nS3F9o4fsknVp08uI5ly6ZTa7FuveQn4h4I9/GYlUCp0ftgezSTcXb98Vf+
Qii0kdKWuQ0Xsc6akbJTP73++/6PToBWUaWRReo308P/CyOH1sw0pXFVire5s/kM
Ubv/ncbQNEyFYQKLg/ZQ2f9nweoaWiaxxmaIphD5OtQv+ilN97VtNDIOt7sn6o0e
BXFyIgugzU1/GnEcprFMHFNa7QepHPfOinHV5zt7djh/WkKoijWEMXbtsvCSWb6l
fvBbFW4ZzLIp0MHcjm9uWOPqWx/B8oDS7MWFxlJrNhmvjHVuvys/MclX/W19GgD4
L0kuuKUa
-----END CERTIFICATE-----
Generated at Sat Apr 11 01:28:33 2026 by rpki-client