
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43128.roa
File: AS43128.roa (raw, json)
Hash identifier: zOtxPUB4w8BpTzKVoQQeh7kq2eb6g5mDtmzROR2c8Sc=
Subject key identifier: 9E:C7:E1:9E:91:A4:FD:F4:A6:42:50:B0:E1:E2:53:FC:56:10:85:D2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 20EDE675DE8F3557D888CC146F42DA07198769D8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43128.roa
Signing time: Fri 26 Jun 2026 12:37:01 +0000
ROA not before: Fri 26 Jun 2026 12:32:01 +0000
ROA not after: Fri 25 Jun 2027 12:37:01 +0000
asID: 43128
IP address blocks: 82.22.240.0/24 maxlen: 24
82.22.241.0/24 maxlen: 24
82.23.198.0/24 maxlen: 24
82.23.231.0/24 maxlen: 24
82.24.240.0/24 maxlen: 24
82.24.241.0/24 maxlen: 24
82.25.208.0/24 maxlen: 24
82.25.241.0/24 maxlen: 24
82.26.241.0/24 maxlen: 24
82.27.241.0/24 maxlen: 24
82.29.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Jul 2026 16:14:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:ed:e6:75:de:8f:35:57:d8:88:cc:14:6f:42:da:07:19:87:69:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 26 12:32:01 2026 GMT
Not After : Jun 25 12:37:01 2027 GMT
Subject: CN=9EC7E19E91A4FDF4A64250B0E1E253FC561085D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9b:81:e7:25:e7:dc:04:9c:7c:26:53:cb:9a:
3d:3c:85:81:df:47:af:f1:fe:05:79:62:c4:9c:8c:
16:49:92:9f:64:4c:ce:f0:a8:e6:c0:af:e1:c2:97:
ed:c4:c9:f5:97:b6:86:14:f7:fa:a1:4a:5a:86:4e:
f5:06:fa:45:47:b7:6b:d8:65:58:8d:bb:5e:3b:fc:
94:4c:73:14:f3:8e:12:ba:0a:48:7b:a4:71:b5:9a:
45:4a:c0:d6:27:b4:8a:aa:1f:67:37:d5:73:0e:5a:
a7:fe:d7:4b:8f:71:92:22:dd:07:cc:99:86:ef:48:
70:96:83:fc:c3:55:50:c5:4c:57:c0:bc:da:75:3b:
d3:81:7d:6b:95:08:8f:0c:ac:7f:8d:56:88:11:62:
6f:eb:0c:30:de:0f:f5:5b:d7:d2:5f:13:68:03:ba:
4a:b9:77:30:ff:b9:d8:91:25:f4:21:50:77:d7:3f:
2a:72:ea:0e:dd:c7:51:f0:80:a6:5b:27:da:e9:c0:
36:36:d2:17:84:bc:35:22:4b:41:a1:9f:c9:14:84:
a5:e3:5b:e7:a3:6d:3d:16:9a:8c:d6:b4:ab:fc:0d:
c2:45:f7:6a:e0:fa:61:c9:f2:8f:45:29:21:df:98:
71:8f:1f:1d:30:1c:6a:00:ba:a5:79:0f:7e:c0:66:
c7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C7:E1:9E:91:A4:FD:F4:A6:42:50:B0:E1:E2:53:FC:56:10:85:D2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43128.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.240.0/23
82.23.198.0/24
82.23.231.0/24
82.24.240.0/23
82.25.208.0/24
82.25.241.0/24
82.26.241.0/24
82.27.241.0/24
82.29.240.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:f4:8b:d1:6d:b6:22:31:b0:d4:81:79:7d:4e:ce:3b:41:65:
2c:b6:5a:ce:41:e7:32:00:29:22:03:6c:a2:69:1e:71:b8:21:
2c:b2:9a:7b:fe:06:f3:52:dc:83:88:91:1a:96:4e:e7:fa:4c:
6a:0c:c1:a8:e4:42:c7:69:f5:70:84:8d:d1:b6:0c:6e:46:ec:
e6:1b:42:6c:51:46:26:96:90:9c:17:33:a3:5a:60:69:68:00:
06:2e:c7:fe:d9:60:26:7d:fd:95:84:5e:89:23:a0:44:2e:01:
9b:da:b0:d3:5d:f2:1c:22:76:52:39:dc:e3:39:40:bf:89:3c:
c6:a5:64:23:da:00:01:7a:7d:04:c6:a8:4c:f1:ef:46:fc:de:
28:4b:b5:7f:9d:c8:bd:38:bd:3d:13:99:09:f1:53:02:d2:8d:
9d:82:db:21:72:91:74:65:75:d1:a5:bd:ab:db:17:5f:5d:f2:
3e:7c:39:c0:25:30:25:0c:75:2b:fb:bf:a9:ea:c3:0d:cc:e9:
57:9f:2d:6d:d0:54:3f:4e:6d:af:b3:0f:51:07:d8:a8:1f:a3:
b1:c4:06:e3:d5:10:60:ab:ff:86:70:2c:d5:4a:8d:78:76:75:
db:1b:05:a5:ea:65:54:03:e8:55:82:15:d3:83:7f:67:cf:f2:
52:1a:e3:77
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUIO3mdd6PNVfYiMwUb0LaBxmHadgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjYxMjMyMDFaFw0yNzA2MjUxMjM3MDFaMDMxMTAvBgNV
BAMTKDlFQzdFMTlFOTFBNEZERjRBNjQyNTBCMEUxRTI1M0ZDNTYxMDg1RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCom4HnJefcBJx8JlPLmj08hYHf
R6/x/gV5YsScjBZJkp9kTM7wqObAr+HCl+3EyfWXtoYU9/qhSlqGTvUG+kVHt2vY
ZViNu147/JRMcxTzjhK6Ckh7pHG1mkVKwNYntIqqH2c31XMOWqf+10uPcZIi3QfM
mYbvSHCWg/zDVVDFTFfAvNp1O9OBfWuVCI8MrH+NVogRYm/rDDDeD/Vb19JfE2gD
ukq5dzD/udiRJfQhUHfXPypy6g7dx1HwgKZbJ9rpwDY20heEvDUiS0Ghn8kUhKXj
W+ejbT0WmozWtKv8DcJF92rg+mHJ8o9FKSHfmHGPHx0wHGoAuqV5D37AZsfjAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUnsfhnpGk/fSmQlCw4eJT/FYQhdIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDMxMjgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAFSFvAD
BABSF8YDBABSF+cDBAFSGPADBABSGdADBABSGfEDBABSGvEDBABSG/EDBABSHfAw
DQYJKoZIhvcNAQELBQADggEBAJ/0i9FttiIxsNSBeX1OzjtBZSy2Ws5B5zIAKSID
bKJpHnG4ISyymnv+BvNS3IOIkRqWTuf6TGoMwajkQsdp9XCEjdG2DG5G7OYbQmxR
RiaWkJwXM6NaYGloAAYux/7ZYCZ9/ZWEXokjoEQuAZvasNNd8hwidlI53OM5QL+J
PMalZCPaAAF6fQTGqEzx70b83ihLtX+dyL04vT0TmQnxUwLSjZ2C2yFykXRlddGl
vavbF19d8j58OcAlMCUMdSv7v6nqww3M6VefLW3QVD9Oba+zD1EH2Kgfo7HEBuPV
EGCr/4ZwLNVKjXh2ddsbBaXqZVQD6FWCFdODf2fP8lIa43c=
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:06:56 2026 by rpki-client