Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
File: AS4766.roa (raw, json)
Hash identifier: ED3E+vwYLrr0x36ZnFSu/jeLDKtVyBNP7jndHLCT12w=
Subject key identifier: 12:B7:2F:98:E1:0D:B2:B2:B6:C0:6F:AB:47:D0:2C:88:F7:06:DD:72
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4861B3149ECEA8178EB83463174E2A848AC5DE7D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
Signing time: Fri 22 May 2026 13:17:41 +0000
ROA not before: Fri 22 May 2026 13:12:41 +0000
ROA not after: Fri 21 May 2027 13:17:41 +0000
asID: 4766
IP address blocks: 82.22.240.0/24 maxlen: 24
82.23.198.0/24 maxlen: 24
82.23.240.0/24 maxlen: 24
82.24.209.0/24 maxlen: 24
82.24.219.0/24 maxlen: 24
82.24.233.0/24 maxlen: 24
82.24.240.0/24 maxlen: 24
82.24.250.0/24 maxlen: 24
82.25.208.0/24 maxlen: 24
82.25.211.0/24 maxlen: 24
84.75.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:61:b3:14:9e:ce:a8:17:8e:b8:34:63:17:4e:2a:84:8a:c5:de:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 22 13:12:41 2026 GMT
Not After : May 21 13:17:41 2027 GMT
Subject: CN=12B72F98E10DB2B2B6C06FAB47D02C88F706DD72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:98:f9:4b:c3:55:ab:ca:ec:71:8f:7c:03:35:
15:55:5c:e3:91:ea:c4:5d:6d:16:e1:79:5b:1c:0a:
97:bc:c3:ce:f9:17:cb:b2:7b:ce:a3:77:61:a4:c6:
aa:bd:2c:21:92:fb:e1:25:ee:b3:44:03:3c:31:ef:
d1:45:bd:83:bb:56:9c:2e:09:02:5a:e7:a4:42:be:
f6:bc:93:29:bf:2a:59:73:90:62:be:fb:09:b1:27:
8c:57:b4:d3:3c:cb:1c:9b:02:fe:33:9b:52:7d:8e:
ea:da:81:f3:ff:98:be:ff:ed:fd:f3:4c:35:82:b5:
1d:b3:43:ac:b5:94:8b:2f:c1:bd:f5:78:4b:d1:11:
72:43:5a:4d:4c:14:2a:df:07:9b:ce:31:d3:fe:d4:
b1:7b:8c:23:94:4e:81:56:be:12:28:f3:19:31:cd:
9e:83:ac:9d:3d:95:e2:4d:fc:08:78:13:34:37:59:
2f:cb:25:4b:6b:64:d4:f6:be:9a:af:8b:65:41:8b:
02:b6:69:c4:f0:1c:b0:46:c9:59:d9:0d:c6:85:70:
a5:af:3e:29:43:89:51:c9:a0:61:ee:86:80:6a:b1:
c4:63:0e:1d:f4:81:84:84:36:59:71:cc:ed:82:fb:
da:07:17:d2:30:f5:7b:30:1a:73:3e:1a:25:71:72:
3a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B7:2F:98:E1:0D:B2:B2:B6:C0:6F:AB:47:D0:2C:88:F7:06:DD:72
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS4766.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.240.0/24
82.23.198.0/24
82.23.240.0/24
82.24.209.0/24
82.24.219.0/24
82.24.233.0/24
82.24.240.0/24
82.24.250.0/24
82.25.208.0/24
82.25.211.0/24
84.75.2.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:0a:c6:8e:08:de:48:7c:b6:7f:7c:70:68:69:5c:94:10:96:
4b:61:fc:e7:ad:de:7f:5a:ba:ec:f6:a9:02:af:0c:46:33:94:
13:bb:8c:e5:6b:d6:8c:8f:aa:4e:6c:b5:68:f2:3a:08:4c:e8:
93:19:a3:6e:d9:4f:c6:c2:2a:1a:d4:eb:90:e6:1a:b0:70:ef:
3e:48:74:4c:f0:1b:6b:d4:a7:5a:a6:e7:ed:18:74:2a:01:b8:
62:0d:80:11:6a:a9:ed:cd:83:91:1f:03:ec:cc:51:1c:40:69:
99:90:8e:af:aa:9b:79:e5:f5:7a:cc:67:95:71:99:90:f2:f6:
31:43:b9:ce:3a:f3:5f:1f:07:5c:8e:f9:d4:f8:b2:dc:28:b9:
65:b6:7d:e6:9e:71:56:a8:0f:65:55:2d:b2:b4:48:f9:ba:0d:
78:50:15:73:ac:4b:cc:a5:d1:55:13:09:1b:ab:2a:e9:96:b8:
8f:1b:b6:d0:18:92:39:14:81:cc:7a:50:bb:ca:2b:ac:b0:c9:
9b:41:07:63:c4:e0:f9:3f:30:b5:bd:95:ed:55:ab:b1:43:e2:
86:ac:c0:f4:3d:5c:d6:be:30:dc:2f:39:f2:6d:2b:cf:23:57:
56:1f:2e:57:6b:1d:f3:55:2c:2e:21:d5:88:88:e9:58:cd:8d:
1a:db:db:02
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUSGGzFJ7OqBeOuDRjF04qhIrF3n0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjIxMzEyNDFaFw0yNzA1MjExMzE3NDFaMDMxMTAvBgNV
BAMTKDEyQjcyRjk4RTEwREIyQjJCNkMwNkZBQjQ3RDAyQzg4RjcwNkRENzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDamPlLw1Wryuxxj3wDNRVVXOOR
6sRdbRbheVscCpe8w875F8uye86jd2Gkxqq9LCGS++El7rNEAzwx79FFvYO7Vpwu
CQJa56RCvva8kym/KllzkGK++wmxJ4xXtNM8yxybAv4zm1J9juragfP/mL7/7f3z
TDWCtR2zQ6y1lIsvwb31eEvREXJDWk1MFCrfB5vOMdP+1LF7jCOUToFWvhIo8xkx
zZ6DrJ09leJN/Ah4EzQ3WS/LJUtrZNT2vpqvi2VBiwK2acTwHLBGyVnZDcaFcKWv
PilDiVHJoGHuhoBqscRjDh30gYSENllxzO2C+9oHF9Iw9XswGnM+GiVxcjrfAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUErcvmOENsrK2wG+rR9AsiPcG3XIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDc2Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBbBggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAFIW8AME
AFIXxgMEAFIX8AMEAFIY0QMEAFIY2wMEAFIY6QMEAFIY8AMEAFIY+gMEAFIZ0AME
AFIZ0wMEAVRLAjANBgkqhkiG9w0BAQsFAAOCAQEAewrGjgjeSHy2f3xwaGlclBCW
S2H8563ef1q67PapAq8MRjOUE7uM5WvWjI+qTmy1aPI6CEzokxmjbtlPxsIqGtTr
kOYasHDvPkh0TPAba9SnWqbn7Rh0KgG4Yg2AEWqp7c2DkR8D7MxRHEBpmZCOr6qb
eeX1esxnlXGZkPL2MUO5zjrzXx8HXI751Piy3Ci5ZbZ95p5xVqgPZVUtsrRI+boN
eFAVc6xLzKXRVRMJG6sq6Za4jxu20BiSORSBzHpQu8orrLDJm0EHY8Tg+T8wtb2V
7VWrsUPihqzA9D1c1r4w3C858m0rzyNXVh8uV2sd81UsLiHViIjpWM2NGtvbAg==
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:18:30 2026 by rpki-client