Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42460.roa
File: AS42460.roa (raw, json)
Hash identifier: 3iXk3GNX8yiSiHpsrqCLmJvkuGkjDzgQrbXtbZ0ceuE=
Subject key identifier: FF:A6:97:00:0B:6C:49:33:8D:D2:6B:3A:A6:3A:90:74:ED:7C:E2:68
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2AA1271617F7F5A55763D3FB269703714E90D4BB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42460.roa
Signing time: Tue 26 May 2026 10:12:23 +0000
ROA not before: Tue 26 May 2026 10:07:23 +0000
ROA not after: Tue 25 May 2027 10:12:23 +0000
asID: 42460
IP address blocks: 82.22.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:a1:27:16:17:f7:f5:a5:57:63:d3:fb:26:97:03:71:4e:90:d4:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 26 10:07:23 2026 GMT
Not After : May 25 10:12:23 2027 GMT
Subject: CN=FFA697000B6C49338DD26B3AA63A9074ED7CE268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:91:5d:f3:86:da:ca:21:2c:21:b9:c0:eb:e2:
9d:ba:07:39:86:25:9c:02:41:cc:68:e3:ca:ce:21:
8d:04:34:4a:25:9e:22:08:f5:cd:87:d5:5c:ac:cb:
3a:ef:b4:2d:68:40:50:2b:c3:c8:ea:74:9e:43:63:
9e:44:14:f7:46:6a:29:7f:e6:a3:64:f2:db:df:10:
ba:be:a3:dc:a7:d5:ed:f4:c4:8c:a3:8a:68:29:48:
00:a0:72:8c:17:c7:1f:ef:3d:25:8f:f2:63:00:d2:
12:ea:be:41:d6:3a:f9:99:fd:3d:ad:f3:53:c5:db:
c1:fd:aa:90:85:d7:6d:6e:a5:84:08:eb:29:52:ac:
62:79:6c:60:85:a6:fb:10:42:46:19:93:a0:eb:80:
11:4f:a1:12:48:73:59:a9:94:a6:02:94:05:20:f6:
d3:1b:91:4c:c2:a7:16:dc:8c:5d:a2:17:53:37:25:
c1:c2:cf:3f:6d:1f:42:44:b2:db:61:05:21:40:b3:
98:46:0d:65:ff:e7:5a:9c:3a:35:22:a6:e9:85:3c:
48:89:3e:78:eb:bc:5c:93:bc:b9:2a:fd:c3:eb:b1:
9d:8a:0b:fd:06:9a:59:00:d3:16:90:a1:b6:39:02:
74:a4:59:69:5f:69:20:ae:4d:ba:05:36:98:78:ff:
41:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A6:97:00:0B:6C:49:33:8D:D2:6B:3A:A6:3A:90:74:ED:7C:E2:68
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42460.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.190.0/24
Signature Algorithm: sha256WithRSAEncryption
25:d8:fc:4f:2c:72:d7:fb:cb:5e:9f:7e:8a:67:25:9e:ca:8d:
08:ce:ad:68:27:ec:8e:7d:79:39:4d:3d:5a:3d:07:a7:16:94:
0f:03:56:c8:75:c1:2b:55:7c:4b:cd:3e:e1:56:8e:97:d2:63:
79:6f:b4:b6:bc:41:86:9e:07:54:06:87:b0:f1:90:14:95:e1:
5b:74:cb:f2:39:79:a9:35:19:81:0b:e1:09:19:bf:92:30:16:
71:f0:53:21:0d:75:7a:11:52:a0:7a:d5:c0:cd:60:62:96:d3:
29:10:9b:df:d7:6a:93:8e:28:53:45:56:12:0a:fd:8f:64:7f:
54:d7:d0:ce:21:6f:3c:4d:d6:57:47:25:be:f2:9c:9f:37:41:
b3:62:7f:61:f5:98:da:2b:57:92:ab:c6:43:39:5d:2d:7f:c4:
c2:68:73:5c:36:42:a3:cd:82:a2:ea:68:ad:ee:6a:d2:5f:fc:
1f:21:90:4c:6a:45:6b:7c:51:b0:a3:c1:ea:85:fb:a7:f6:d3:
5d:31:aa:86:06:d6:de:bc:cf:b8:02:69:24:28:c9:3b:b4:af:
50:af:dd:b1:c2:22:39:66:f3:9d:fc:f2:01:1d:07:e7:d9:e3:
2e:2b:f0:59:46:68:65:73:e6:fb:b6:d9:ce:d3:b0:08:12:de:
78:82:6f:0b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUKqEnFhf39aVXY9P7JpcDcU6Q1LswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjYxMDA3MjNaFw0yNzA1MjUxMDEyMjNaMDMxMTAvBgNV
BAMTKEZGQTY5NzAwMEI2QzQ5MzM4REQyNkIzQUE2M0E5MDc0RUQ3Q0UyNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8kV3zhtrKISwhucDr4p26BzmG
JZwCQcxo48rOIY0ENEolniII9c2H1VysyzrvtC1oQFArw8jqdJ5DY55EFPdGail/
5qNk8tvfELq+o9yn1e30xIyjimgpSACgcowXxx/vPSWP8mMA0hLqvkHWOvmZ/T2t
81PF28H9qpCF121upYQI6ylSrGJ5bGCFpvsQQkYZk6DrgBFPoRJIc1mplKYClAUg
9tMbkUzCpxbcjF2iF1M3JcHCzz9tH0JEstthBSFAs5hGDWX/51qcOjUipumFPEiJ
PnjrvFyTvLkq/cPrsZ2KC/0GmlkA0xaQobY5AnSkWWlfaSCuTboFNph4/0EbAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU/6aXAAtsSTON0ms6pjqQdO184mgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDI0NjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSFr4w
DQYJKoZIhvcNAQELBQADggEBACXY/E8sctf7y16ffopnJZ7KjQjOrWgn7I59eTlN
PVo9B6cWlA8DVsh1wStVfEvNPuFWjpfSY3lvtLa8QYaeB1QGh7DxkBSV4Vt0y/I5
eak1GYEL4QkZv5IwFnHwUyENdXoRUqB61cDNYGKW0ykQm9/XapOOKFNFVhIK/Y9k
f1TX0M4hbzxN1ldHJb7ynJ83QbNif2H1mNorV5KrxkM5XS1/xMJoc1w2QqPNgqLq
aK3uatJf/B8hkExqRWt8UbCjweqF+6f2010xqoYG1t68z7gCaSQoyTu0r1Cv3bHC
Ijlm85388gEdB+fZ4y4r8FlGaGVz5vu22c7TsAgS3niCbws=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:35 2026 by rpki-client