Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: 1JT7Z+mO4gvBxvYSuz7CswAj8mXp4B5Bt+MsF88FIDM=
Subject key identifier: 1B:BE:AC:19:96:8A:62:C8:2A:8C:D2:44:10:56:E8:B7:B8:94:28:2A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0DB99E25C3CED0BC5EE3FBAD02B80B6DE8298860
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
Signing time: Wed 04 Mar 2026 09:26:41 +0000
ROA not before: Wed 04 Mar 2026 09:21:41 +0000
ROA not after: Wed 03 Mar 2027 09:26:41 +0000
asID: 42831
IP address blocks: 82.21.128.0/24 maxlen: 24
82.21.131.0/24 maxlen: 24
82.22.49.0/24 maxlen: 24
82.22.56.0/24 maxlen: 24
82.22.58.0/24 maxlen: 24
82.24.24.0/24 maxlen: 24
82.24.33.0/24 maxlen: 24
82.24.126.0/24 maxlen: 24
82.25.41.0/24 maxlen: 24
82.25.59.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
82.26.120.0/24 maxlen: 24
82.26.140.0/24 maxlen: 24
82.38.18.0/24 maxlen: 24
82.38.29.0/24 maxlen: 24
82.38.30.0/24 maxlen: 24
82.38.33.0/24 maxlen: 24
82.38.48.0/24 maxlen: 24
82.38.49.0/24 maxlen: 24
82.38.50.0/24 maxlen: 24
82.38.99.0/24 maxlen: 24
82.38.182.0/24 maxlen: 24
82.39.115.0/24 maxlen: 24
82.39.144.0/24 maxlen: 24
82.39.153.0/24 maxlen: 24
82.39.184.0/24 maxlen: 24
82.39.204.0/24 maxlen: 24
82.41.4.0/24 maxlen: 24
82.41.16.0/24 maxlen: 24
82.41.17.0/24 maxlen: 24
82.41.18.0/24 maxlen: 24
82.41.43.0/24 maxlen: 24
82.41.59.0/24 maxlen: 24
82.41.118.0/24 maxlen: 24
82.41.121.0/24 maxlen: 24
82.41.144.0/24 maxlen: 24
82.41.145.0/24 maxlen: 24
82.41.147.0/24 maxlen: 24
82.41.201.0/24 maxlen: 24
82.41.203.0/24 maxlen: 24
2a13:9500:108::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 01:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:b9:9e:25:c3:ce:d0:bc:5e:e3:fb:ad:02:b8:0b:6d:e8:29:88:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 4 09:21:41 2026 GMT
Not After : Mar 3 09:26:41 2027 GMT
Subject: CN=1BBEAC19968A62C82A8CD2441056E8B7B894282A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:22:af:b8:8b:20:64:e4:2d:8a:42:7c:aa:65:
24:a8:ee:f1:40:bf:00:5d:7c:45:38:10:6a:75:7a:
40:2e:32:45:82:b5:6f:23:04:e8:29:bd:b2:0c:05:
95:a2:f0:57:a2:a5:bb:59:ed:ed:0c:1b:cc:be:6c:
99:ca:f8:4a:2e:86:72:fe:74:dc:72:3e:3c:8d:73:
d6:bc:f5:4d:29:b6:3a:bb:68:17:82:10:61:9b:17:
24:6d:38:31:a6:a4:b9:e6:63:71:17:37:2b:95:00:
6f:ff:40:af:ca:33:60:99:03:3b:9b:cd:0a:6e:ee:
dc:10:ff:f9:52:6b:93:c2:dc:5d:82:19:bd:dc:af:
d6:1d:1b:99:9b:78:e3:03:77:89:22:55:5e:6a:6c:
b0:d9:44:1c:55:24:2e:1e:2b:ce:a6:e9:e6:bf:08:
47:ff:07:12:90:81:82:4c:73:8d:40:bb:33:96:b6:
c9:fe:72:17:f5:0b:f9:46:a1:8f:2b:5d:47:e6:8d:
a3:63:ed:85:1c:9c:4a:e2:61:14:70:cc:a2:0a:78:
04:3c:6a:78:e6:a5:c3:99:30:6b:40:93:92:2e:80:
b7:31:ae:d7:89:a7:c0:d5:c7:d0:86:47:e8:4d:c9:
cf:7e:d8:21:6a:56:76:d7:94:07:be:d9:41:c2:52:
d6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BE:AC:19:96:8A:62:C8:2A:8C:D2:44:10:56:E8:B7:B8:94:28:2A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.128.0/24
82.21.131.0/24
82.22.49.0/24
82.22.56.0/24
82.22.58.0/24
82.24.24.0/24
82.24.33.0/24
82.24.126.0/24
82.25.41.0/24
82.25.59.0/24
82.25.205.0/24
82.26.120.0/24
82.26.140.0/24
82.38.18.0/24
82.38.29.0-82.38.30.255
82.38.33.0/24
82.38.48.0-82.38.50.255
82.38.99.0/24
82.38.182.0/24
82.39.115.0/24
82.39.144.0/24
82.39.153.0/24
82.39.184.0/24
82.39.204.0/24
82.41.4.0/24
82.41.16.0-82.41.18.255
82.41.43.0/24
82.41.59.0/24
82.41.118.0/24
82.41.121.0/24
82.41.144.0/23
82.41.147.0/24
82.41.201.0/24
82.41.203.0/24
IPv6:
2a13:9500:108::/48
Signature Algorithm: sha256WithRSAEncryption
84:c4:e7:98:90:5e:c9:c3:8d:a0:1e:37:30:c9:09:e7:e1:43:
15:27:49:c0:58:79:de:93:f6:3d:8f:4e:d8:7b:6b:f5:d7:31:
5f:64:76:5b:63:aa:49:b5:90:1f:70:95:c1:6e:ff:68:b5:0a:
73:a9:66:25:87:d7:ec:8e:a8:45:39:df:1d:c7:b9:2a:7d:bb:
23:bd:e2:7c:09:79:54:36:db:c9:6f:25:46:5d:2d:11:fb:f7:
6f:da:9e:37:75:e7:51:d7:ee:b1:ef:89:f2:b1:43:b5:36:43:
a6:db:e4:13:49:5e:19:61:62:c1:bd:4d:b0:a7:09:4d:c5:b6:
a9:8e:84:c8:ff:57:65:fd:fa:61:3e:db:70:c7:b9:e3:7c:ae:
21:28:49:a2:f2:5e:81:28:64:80:d3:e3:fe:9b:62:06:7c:fc:
b5:7e:0d:15:1e:be:a5:08:eb:05:c3:e0:17:4d:15:0a:4a:75:
ac:94:48:8a:a5:e4:14:77:92:93:82:16:ff:5b:57:64:3b:7e:
d0:d1:12:75:13:e0:92:d7:ca:68:f6:05:4a:2e:fa:98:e4:18:
84:36:b8:99:34:c4:95:39:88:3b:38:55:de:b6:14:c4:b2:9a:
5f:06:c7:54:84:91:f0:f1:2b:4f:ef:0b:7c:a9:26:a5:45:07:
c7:75:6d:a1
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgIUDbmeJcPO0Lxe4/utArgLbegpiGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDQwOTIxNDFaFw0yNzAzMDMwOTI2NDFaMDMxMTAvBgNV
BAMTKDFCQkVBQzE5OTY4QTYyQzgyQThDRDI0NDEwNTZFOEI3Qjg5NDI4MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAIq+4iyBk5C2KQnyqZSSo7vFA
vwBdfEU4EGp1ekAuMkWCtW8jBOgpvbIMBZWi8FeipbtZ7e0MG8y+bJnK+EouhnL+
dNxyPjyNc9a89U0ptjq7aBeCEGGbFyRtODGmpLnmY3EXNyuVAG//QK/KM2CZAzub
zQpu7twQ//lSa5PC3F2CGb3cr9YdG5mbeOMDd4kiVV5qbLDZRBxVJC4eK86m6ea/
CEf/BxKQgYJMc41AuzOWtsn+chf1C/lGoY8rXUfmjaNj7YUcnEriYRRwzKIKeAQ8
anjmpcOZMGtAk5IugLcxrteJp8DVx9CGR+hNyc9+2CFqVnbXlAe+2UHCUtbjAgMB
AAGjggL/MIIC+zAdBgNVHQ4EFgQUG76sGZaKYsgqjNJEEFbot7iUKCowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggETBggrBgEFBQcBBwEB/wSCAQIwgf8wgesEAgABMIHk
AwQAUhWAAwQAUhWDAwQAUhYxAwQAUhY4AwQAUhY6AwQAUhgYAwQAUhghAwQAUhh+
AwQAUhkpAwQAUhk7AwQAUhnNAwQAUhp4AwQAUhqMAwQAUiYSMAwDBABSJh0DBABS
Jh4DBABSJiEwDAMEBFImMAMEAFImMgMEAFImYwMEAFImtgMEAFIncwMEAFInkAME
AFInmQMEAFInuAMEAFInzAMEAFIpBDAMAwQEUikQAwQAUikSAwQAUikrAwQAUik7
AwQAUil2AwQAUil5AwQBUimQAwQAUimTAwQAUinJAwQAUinLMA8EAgACMAkDBwAq
E5UAAQgwDQYJKoZIhvcNAQELBQADggEBAITE55iQXsnDjaAeNzDJCefhQxUnScBY
ed6T9j2PTth7a/XXMV9kdltjqkm1kB9wlcFu/2i1CnOpZiWH1+yOqEU53x3HuSp9
uyO94nwJeVQ228lvJUZdLRH792/anjd151HX7rHvifKxQ7U2Q6bb5BNJXhlhYsG9
TbCnCU3FtqmOhMj/V2X9+mE+23DHueN8riEoSaLyXoEoZIDT4/6bYgZ8/LV+DRUe
vqUI6wXD4BdNFQpKdayUSIql5BR3kpOCFv9bV2Q7ftDREnUT4JLXymj2BUou+pjk
GIQ2uJk0xJU5iDs4Vd62FMSyml8Gx1SEkfDxK0/vC3ypJqVFB8d1baE=
-----END CERTIFICATE-----
Generated at Fri Mar 6 08:40:34 2026 by rpki-client