Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49592.roa
File: AS49592.roa (raw, json)
Hash identifier: HiuQiCvMUspbv76QexweZNnwhr4wi/wqEAK2e3xh1ek=
Subject key identifier: 7E:BA:18:C4:8F:80:3A:04:FD:39:90:DE:F9:2C:75:D7:8D:76:1B:45
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 753554E1ED9F9A0C239A830DF925096F7122427F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49592.roa
Signing time: Fri 20 Mar 2026 07:12:26 +0000
ROA not before: Fri 20 Mar 2026 07:07:26 +0000
ROA not after: Fri 19 Mar 2027 07:12:26 +0000
asID: 49592
IP address blocks: 178.83.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Mar 2026 09:03:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:35:54:e1:ed:9f:9a:0c:23:9a:83:0d:f9:25:09:6f:71:22:42:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 20 07:07:26 2026 GMT
Not After : Mar 19 07:12:26 2027 GMT
Subject: CN=7EBA18C48F803A04FD3990DEF92C75D78D761B45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6f:a4:40:03:68:e4:ea:b1:d8:ec:01:06:7e:
5a:38:71:42:96:40:bc:6f:3b:09:61:bb:f9:b0:d0:
1f:33:3e:57:3c:9a:ce:c2:b7:5f:d0:37:fd:a5:63:
6c:de:f7:f4:ac:81:4e:1d:7d:e8:b3:f6:1f:c9:f1:
42:11:ff:55:70:19:fc:2e:58:10:5c:d8:d6:da:df:
0b:06:5e:26:98:99:57:7d:d1:26:bd:16:47:71:04:
d7:12:cf:08:7f:87:22:9a:41:ae:2d:56:37:d2:d0:
a7:1a:85:72:60:04:9b:8a:61:64:8b:46:e0:10:47:
97:08:d4:00:68:38:ec:a7:20:f5:41:05:52:e5:36:
17:a3:a5:5b:23:76:70:f8:b4:2d:cb:b6:49:88:d0:
37:13:e0:4a:ba:60:ee:61:af:aa:df:15:20:d6:dd:
1a:0e:5f:dd:e4:a0:9b:c4:67:8c:21:84:b6:a8:f8:
6c:4f:80:23:da:c9:cb:b3:1e:80:93:49:43:15:e9:
ad:2d:04:61:75:25:24:4c:a1:ce:ad:08:cc:c3:72:
f3:fe:9e:34:6d:4a:ab:e6:75:f5:b4:7c:6f:2d:b1:
45:b4:9e:e7:82:c8:65:1c:9c:08:75:57:1b:df:fb:
87:6f:e9:0a:b9:cf:1f:12:ff:d0:20:5b:d7:f5:20:
30:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:BA:18:C4:8F:80:3A:04:FD:39:90:DE:F9:2C:75:D7:8D:76:1B:45
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49592.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.83.208.0/22
Signature Algorithm: sha256WithRSAEncryption
47:8c:f5:23:f9:e2:25:fe:ad:3a:87:0e:f4:b5:9e:1d:71:c9:
e3:27:e0:fb:7f:f2:32:ac:64:ce:17:57:96:b6:d9:f6:51:dd:
90:a9:d5:53:0b:28:ec:cd:9b:75:50:cc:82:39:2d:5d:42:e8:
48:f2:5f:54:af:a8:2a:ad:3e:89:0c:11:d9:6f:e5:cb:01:74:
37:f1:43:b3:a0:1c:40:54:d0:cf:33:79:97:6a:95:cd:d8:4e:
e0:9b:56:ce:a1:80:a2:2d:29:6a:9b:1f:af:87:46:b1:40:49:
6d:b7:b1:0f:e0:dc:8b:db:c8:d6:11:fc:9c:b8:b3:20:af:60:
55:91:41:9b:04:60:34:38:57:bf:74:cf:05:3d:fa:97:ba:bd:
7e:1b:36:77:29:17:bd:1a:b7:52:1d:9a:34:af:37:65:f3:bf:
7a:9b:49:0f:4d:a2:51:4b:a9:5e:e4:c4:7d:24:95:b8:6d:55:
e5:f9:ce:d9:90:7c:64:68:28:a8:66:94:02:6d:b2:3f:a8:66:
54:20:fd:62:6c:c4:ef:c0:51:2c:9a:0e:81:70:34:71:1c:12:
54:70:3f:11:af:15:e3:29:29:3a:24:87:16:09:00:4e:3b:01:
ab:4e:d1:5d:63:20:d6:22:65:b9:cc:25:4b:2b:9a:ca:56:bd:
b2:b9:12:5a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUdTVU4e2fmgwjmoMN+SUJb3EiQn8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjAwNzA3MjZaFw0yNzAzMTkwNzEyMjZaMDMxMTAvBgNV
BAMTKDdFQkExOEM0OEY4MDNBMDRGRDM5OTBERUY5MkM3NUQ3OEQ3NjFCNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWb6RAA2jk6rHY7AEGflo4cUKW
QLxvOwlhu/mw0B8zPlc8ms7Ct1/QN/2lY2ze9/SsgU4dfeiz9h/J8UIR/1VwGfwu
WBBc2Nba3wsGXiaYmVd90Sa9FkdxBNcSzwh/hyKaQa4tVjfS0KcahXJgBJuKYWSL
RuAQR5cI1ABoOOynIPVBBVLlNhejpVsjdnD4tC3LtkmI0DcT4Eq6YO5hr6rfFSDW
3RoOX93koJvEZ4whhLao+GxPgCPaycuzHoCTSUMV6a0tBGF1JSRMoc6tCMzDcvP+
njRtSqvmdfW0fG8tsUW0nueCyGUcnAh1Vxvf+4dv6Qq5zx8S/9AgW9f1IDDZAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUfroYxI+AOgT9OZDe+Sx11412G0UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDk1OTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKyU9Aw
DQYJKoZIhvcNAQELBQADggEBAEeM9SP54iX+rTqHDvS1nh1xyeMn4Pt/8jKsZM4X
V5a22fZR3ZCp1VMLKOzNm3VQzII5LV1C6EjyX1SvqCqtPokMEdlv5csBdDfxQ7Og
HEBU0M8zeZdqlc3YTuCbVs6hgKItKWqbH6+HRrFASW23sQ/g3IvbyNYR/Jy4syCv
YFWRQZsEYDQ4V790zwU9+pe6vX4bNncpF70at1IdmjSvN2Xzv3qbSQ9NolFLqV7k
xH0klbhtVeX5ztmQfGRoKKhmlAJtsj+oZlQg/WJsxO/AUSyaDoFwNHEcElRwPxGv
FeMpKTokhxYJAE47AatO0V1jINYiZbnMJUsrmspWvbK5Elo=
-----END CERTIFICATE-----
Generated at Tue Mar 24 13:21:48 2026 by rpki-client