Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43094.roa
File: AS43094.roa (raw, json)
Hash identifier: YxBqlveoJqRlaS5ftPtx7gs1cDg65WLDs3HWd7eKvVE=
Subject key identifier: 7F:FB:70:DB:A8:9E:BF:06:17:1B:ED:BB:F8:D0:38:22:F4:E0:56:F0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5334648F5E4CCF45B0FE77D9E377DF94B4635F2B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43094.roa
Signing time: Sat 06 Jun 2026 05:13:29 +0000
ROA not before: Sat 06 Jun 2026 05:08:29 +0000
ROA not after: Sat 05 Jun 2027 05:13:29 +0000
asID: 43094
IP address blocks: 82.38.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 19:37:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:34:64:8f:5e:4c:cf:45:b0:fe:77:d9:e3:77:df:94:b4:63:5f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 6 05:08:29 2026 GMT
Not After : Jun 5 05:13:29 2027 GMT
Subject: CN=7FFB70DBA89EBF06171BEDBBF8D03822F4E056F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:04:63:ea:05:af:b2:c2:fe:03:b3:83:71:53:
ff:c2:3d:f0:02:6b:f4:01:47:44:be:10:f3:b9:c7:
19:41:b9:e9:95:e7:7d:63:4c:3d:af:11:d1:96:8f:
d4:6a:e2:21:6b:8f:0e:06:bb:d6:13:32:e5:37:5f:
b9:65:be:3b:34:06:75:39:bf:ab:a5:5b:15:c4:d9:
c2:5d:5f:47:39:a5:2d:6f:07:ff:f6:98:61:a7:5b:
84:35:f5:9d:9f:92:a5:c1:69:7c:15:b2:46:6b:67:
bf:f9:28:be:40:26:11:d2:ba:2e:85:18:7f:a1:61:
8a:8a:11:18:32:3e:d4:d0:8c:ff:3e:4e:17:aa:d1:
c7:7a:3e:cd:d8:df:98:16:b0:8f:ec:63:b3:e6:d3:
96:6f:ee:26:8b:49:96:be:e9:b3:44:f8:c9:80:e6:
e1:c1:90:fd:a8:39:a5:b2:fa:98:bc:b0:16:aa:9a:
66:4b:ab:71:9c:d3:ea:63:5b:5d:a3:03:3e:77:59:
81:73:d4:d9:97:ce:e2:af:2b:1c:2f:8c:fa:27:d8:
a8:dc:c7:8f:ee:d9:ba:55:9b:78:f6:ed:c0:a5:69:
f7:d2:83:8c:db:92:1b:58:e3:61:cd:bd:fb:69:c8:
5f:43:c5:32:9c:5e:79:8d:f8:c7:2c:6e:a5:f3:42:
82:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:FB:70:DB:A8:9E:BF:06:17:1B:ED:BB:F8:D0:38:22:F4:E0:56:F0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43094.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.21.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:84:92:f0:0e:b6:d6:aa:bd:9f:be:95:a9:1f:17:4e:ce:e8:
b6:fa:ac:aa:30:c0:13:9b:31:a9:e4:b3:00:84:52:a7:81:91:
f6:dd:ca:27:b5:22:a2:59:d3:e0:2f:b4:7c:c6:d7:3f:ff:78:
d9:b9:8a:cd:c3:9d:71:7f:40:a1:be:fd:98:a0:dc:72:a6:31:
cf:58:f6:85:a2:7b:91:ae:f6:e8:0e:6d:ea:60:51:3e:e5:dd:
48:dc:0f:1e:36:c6:5b:a1:d6:5f:43:6c:18:11:13:86:f1:96:
84:fa:00:7a:02:9c:fd:8f:e0:c5:c2:e2:7f:9d:61:a5:6a:31:
a8:45:a8:f5:59:91:1a:18:88:98:db:42:40:4d:44:5f:1a:52:
dc:5c:a8:72:fa:49:b6:44:a9:a1:2c:f8:42:7c:29:36:f2:8a:
2b:f0:f8:ca:3a:10:67:8e:ff:38:f0:d2:9d:36:e8:77:12:d9:
9b:cb:cc:1b:e4:e2:da:0a:db:99:de:6a:fd:68:cb:d4:3a:77:
7d:9f:14:b0:d9:21:9c:10:30:89:f4:89:e4:8e:9f:bd:11:aa:
cd:84:12:39:2e:69:65:7f:2a:8f:81:09:5f:9a:ad:02:44:b8:
b5:04:4a:22:88:dc:e4:d2:b5:36:ee:77:f2:13:6e:86:12:c2:
b9:60:69:f2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUUzRkj15Mz0Ww/nfZ43fflLRjXyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDYwNTA4MjlaFw0yNzA2MDUwNTEzMjlaMDMxMTAvBgNV
BAMTKDdGRkI3MERCQTg5RUJGMDYxNzFCRURCQkY4RDAzODIyRjRFMDU2RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaBGPqBa+ywv4Ds4NxU//CPfAC
a/QBR0S+EPO5xxlBuemV531jTD2vEdGWj9Rq4iFrjw4Gu9YTMuU3X7llvjs0BnU5
v6ulWxXE2cJdX0c5pS1vB//2mGGnW4Q19Z2fkqXBaXwVskZrZ7/5KL5AJhHSui6F
GH+hYYqKERgyPtTQjP8+Theq0cd6Ps3Y35gWsI/sY7Pm05Zv7iaLSZa+6bNE+MmA
5uHBkP2oOaWy+pi8sBaqmmZLq3Gc0+pjW12jAz53WYFz1NmXzuKvKxwvjPon2Kjc
x4/u2bpVm3j27cClaffSg4zbkhtY42HNvftpyF9DxTKcXnmN+McsbqXzQoJpAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUf/tw26ievwYXG+27+NA4IvTgVvAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDMwOTQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSJhUw
DQYJKoZIhvcNAQELBQADggEBAKOEkvAOttaqvZ++lakfF07O6Lb6rKowwBObMank
swCEUqeBkfbdyie1IqJZ0+AvtHzG1z//eNm5is3DnXF/QKG+/Zig3HKmMc9Y9oWi
e5Gu9ugObepgUT7l3UjcDx42xluh1l9DbBgRE4bxloT6AHoCnP2P4MXC4n+dYaVq
MahFqPVZkRoYiJjbQkBNRF8aUtxcqHL6SbZEqaEs+EJ8KTbyiivw+Mo6EGeO/zjw
0p026HcS2ZvLzBvk4toK25neav1oy9Q6d32fFLDZIZwQMIn0ieSOn70Rqs2EEjku
aWV/Ko+BCV+arQJEuLUESiKI3OTStTbud/ITboYSwrlgafI=
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:40:51 2026 by rpki-client