Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4229.roa
File: AS4229.roa (raw, json)
Hash identifier: Ez+4YbF7vuYPzoaQrbLOr94RvMqs1APYJgP21wWxYTQ=
Subject key identifier: 2D:30:26:46:27:46:41:6F:FB:86:79:14:41:15:BD:81:96:C8:F7:69
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 016A0A8B8AF6C7A06081BE6EE66DC59780832748
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4229.roa
Signing time: Mon 25 May 2026 07:00:35 +0000
ROA not before: Mon 25 May 2026 06:55:35 +0000
ROA not after: Mon 24 May 2027 07:00:35 +0000
asID: 4229
IP address blocks: 82.38.180.0/24 maxlen: 24
84.75.148.0/24 maxlen: 24
84.75.150.0/24 maxlen: 24
84.75.155.0/24 maxlen: 24
84.75.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:6a:0a:8b:8a:f6:c7:a0:60:81:be:6e:e6:6d:c5:97:80:83:27:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 25 06:55:35 2026 GMT
Not After : May 24 07:00:35 2027 GMT
Subject: CN=2D3026462746416FFB8679144115BD8196C8F769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0f:4c:ab:2d:4b:cf:b2:df:5c:b6:41:74:4d:
35:8e:db:44:cf:97:7e:ee:98:b7:0c:74:55:70:6f:
a2:00:41:59:7a:68:b6:6b:60:8c:fa:3e:3e:3e:13:
13:7f:b0:1d:3a:af:24:9e:5d:0c:4a:e4:ba:41:a2:
a9:89:09:8a:ba:03:d8:cc:f9:5c:5d:68:4c:81:07:
be:6c:a1:03:4c:37:44:b6:21:2c:8b:1f:1c:2b:36:
00:e2:c5:67:25:f0:bc:c7:0f:09:b8:13:55:fe:1e:
4d:21:92:74:8e:3d:c7:8a:51:75:7c:13:34:07:f6:
eb:ee:5b:ef:d4:3a:9b:76:a7:74:fb:c4:5a:e8:aa:
64:e9:76:11:a3:7f:11:0a:a3:58:46:c3:31:d9:34:
79:c2:e9:6c:94:8c:ec:6a:a1:ed:cc:37:45:9b:ef:
d2:c2:58:45:6b:3f:76:41:49:8e:c0:91:dc:28:a8:
9a:2a:c1:4b:c2:ce:88:4d:30:8c:41:e3:4b:b2:eb:
aa:2c:0c:27:9d:93:f9:95:43:f8:f5:4f:07:37:20:
06:3d:dd:d3:57:5e:a8:f6:16:d6:ef:11:7c:6f:66:
7d:1e:bd:19:d2:a0:8d:7e:25:3a:48:b8:76:8c:19:
b8:e2:2b:33:ff:c9:d8:2b:fb:87:22:6d:b5:63:86:
78:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:30:26:46:27:46:41:6F:FB:86:79:14:41:15:BD:81:96:C8:F7:69
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4229.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.180.0/24
84.75.148.0/24
84.75.150.0/24
84.75.155.0/24
84.75.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:c8:b6:70:79:b0:44:b7:20:b7:3e:85:c4:49:63:29:c7:46:
53:33:cd:d0:42:f8:59:ee:97:eb:28:7b:f5:82:c0:51:59:34:
ec:81:7c:10:93:a3:44:59:81:ab:67:4c:c4:11:a9:43:48:c4:
90:09:dc:89:9f:a2:1c:c0:81:c5:28:92:93:17:9b:75:94:82:
d9:77:b5:e0:d2:be:e6:4f:79:8e:00:1d:f3:29:e7:c7:06:3c:
40:a8:bf:fb:33:3a:79:45:05:7c:ed:46:0f:05:9b:8a:04:3a:
31:d9:87:40:a8:c2:a0:b3:80:3f:a2:9b:3e:59:c0:32:76:11:
49:0b:60:97:e5:6f:84:d2:b4:97:76:af:2f:3e:72:66:ff:b1:
f1:18:2d:09:e3:95:d4:04:a9:94:ca:22:02:21:61:54:d8:9c:
fb:21:df:06:dc:e4:f1:7a:62:6c:39:13:c1:6a:26:d3:7f:bc:
00:66:0e:13:18:e6:c3:4a:e0:17:ae:cd:ff:25:19:90:f2:4e:
40:f5:06:57:0b:79:20:7a:82:c5:86:c6:80:03:b0:44:9b:a5:
c5:0b:04:3b:5c:6c:ce:04:a7:af:ea:d9:c5:3a:dd:72:de:e0:
91:14:54:3e:78:6e:07:ef:a0:15:0a:12:0c:67:7d:16:02:d8:
cd:16:06:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUAWoKi4r2x6Bggb5u5m3Fl4CDJ0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjUwNjU1MzVaFw0yNzA1MjQwNzAwMzVaMDMxMTAvBgNV
BAMTKDJEMzAyNjQ2Mjc0NjQxNkZGQjg2NzkxNDQxMTVCRDgxOTZDOEY3NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDED0yrLUvPst9ctkF0TTWO20TP
l37umLcMdFVwb6IAQVl6aLZrYIz6Pj4+ExN/sB06rySeXQxK5LpBoqmJCYq6A9jM
+VxdaEyBB75soQNMN0S2ISyLHxwrNgDixWcl8LzHDwm4E1X+Hk0hknSOPceKUXV8
EzQH9uvuW+/UOpt2p3T7xFroqmTpdhGjfxEKo1hGwzHZNHnC6WyUjOxqoe3MN0Wb
79LCWEVrP3ZBSY7AkdwoqJoqwUvCzohNMIxB40uy66osDCedk/mVQ/j1Twc3IAY9
3dNXXqj2FtbvEXxvZn0evRnSoI1+JTpIuHaMGbjiKzP/ydgr+4cibbVjhngVAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQULTAmRidGQW/7hnkUQRW9gZbI92kwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDIyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFImtAME
AFRLlAMEAFRLlgMEAFRLmwMEAFRLnjANBgkqhkiG9w0BAQsFAAOCAQEAp8i2cHmw
RLcgtz6FxEljKcdGUzPN0EL4We6X6yh79YLAUVk07IF8EJOjRFmBq2dMxBGpQ0jE
kAnciZ+iHMCBxSiSkxebdZSC2Xe14NK+5k95jgAd8ynnxwY8QKi/+zM6eUUFfO1G
DwWbigQ6MdmHQKjCoLOAP6KbPlnAMnYRSQtgl+VvhNK0l3avLz5yZv+x8RgtCeOV
1ASplMoiAiFhVNic+yHfBtzk8XpibDkTwWom03+8AGYOExjmw0rgF67N/yUZkPJO
QPUGVwt5IHqCxYbGgAOwRJulxQsEO1xszgSnr+rZxTrdct7gkRRUPnhuB++gFQoS
DGd9FgLYzRYGQQ==
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:43 2026 by rpki-client