Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS1257.roa
File: AS1257.roa (raw, json)
Hash identifier: kybidt6oqaSB8KLqmCG6Se9nxn+GIo1AoOgC/zarZRY=
Subject key identifier: 76:CA:8F:63:A7:82:AF:EC:1B:53:31:04:8D:7F:A0:B9:ED:76:44:2D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6A26A95A71B66D6DC2069015A6375CF7F05633D1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS1257.roa
Signing time: Wed 03 Jun 2026 14:47:26 +0000
ROA not before: Wed 03 Jun 2026 14:42:26 +0000
ROA not after: Wed 02 Jun 2027 14:47:26 +0000
asID: 1257
IP address blocks: 82.26.89.0/24 maxlen: 24
82.26.109.0/24 maxlen: 24
82.26.114.0/24 maxlen: 24
82.26.134.0/24 maxlen: 24
82.26.165.0/24 maxlen: 24
82.26.167.0/24 maxlen: 24
82.26.172.0/24 maxlen: 24
82.27.16.0/24 maxlen: 24
82.27.19.0/24 maxlen: 24
82.29.136.0/24 maxlen: 24
82.29.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:26:a9:5a:71:b6:6d:6d:c2:06:90:15:a6:37:5c:f7:f0:56:33:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 3 14:42:26 2026 GMT
Not After : Jun 2 14:47:26 2027 GMT
Subject: CN=76CA8F63A782AFEC1B5331048D7FA0B9ED76442D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cf:59:9d:6f:ee:6c:86:54:a3:7b:7a:28:3d:
57:34:22:13:da:e3:9d:04:82:ef:99:56:b6:f5:19:
3c:ca:b0:92:0c:2b:96:b7:1e:4d:14:89:2f:fe:96:
b3:87:e5:9a:73:2a:09:11:20:fc:75:1e:69:b7:c1:
91:92:a7:64:61:8e:04:d1:12:5b:b1:02:42:82:bf:
66:d6:86:b4:70:24:65:83:14:be:d5:5a:f0:90:ec:
cd:0b:72:51:18:0a:28:f2:2b:52:54:7b:9b:ac:c2:
6d:10:3b:44:c6:ff:af:13:e7:41:96:c5:a2:4b:87:
bb:59:66:04:3b:40:ac:2c:5b:f6:81:84:01:80:fa:
fd:7b:12:79:97:fe:cf:19:76:71:bc:1e:25:67:8b:
0e:4c:e9:70:0f:4b:65:3b:1b:9f:02:cb:08:16:d8:
d0:88:06:c1:36:78:93:c7:a6:ce:c6:bb:8e:3f:39:
9a:0b:e0:c4:ff:01:b7:76:7d:d6:21:d0:bc:18:78:
95:0b:e6:ed:95:57:23:4f:d1:b0:fa:af:07:e9:a1:
3e:60:a8:6b:67:99:4f:34:f9:61:e1:12:ce:6b:16:
1d:a7:43:ab:68:e1:93:ae:39:bf:41:45:bb:e1:70:
28:aa:e5:5f:fe:13:b0:4d:9e:44:b2:00:1d:1b:75:
4a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CA:8F:63:A7:82:AF:EC:1B:53:31:04:8D:7F:A0:B9:ED:76:44:2D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS1257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.89.0/24
82.26.109.0/24
82.26.114.0/24
82.26.134.0/24
82.26.165.0/24
82.26.167.0/24
82.26.172.0/24
82.27.16.0/24
82.27.19.0/24
82.29.136.0/23
Signature Algorithm: sha256WithRSAEncryption
28:f8:63:3c:37:80:6a:aa:c1:70:91:39:6a:9f:47:62:9e:19:
e0:31:d4:ef:ad:08:c4:da:31:8c:4b:ff:35:cf:08:93:e3:cb:
f5:0b:ca:43:36:12:cb:fa:c7:e8:61:48:b8:c5:40:08:32:00:
d6:67:18:45:17:8a:7d:e8:a0:11:4c:53:4d:b0:c6:1b:25:e4:
cd:b1:df:42:70:f3:12:08:73:a3:7b:84:ce:08:88:d4:2b:2e:
64:8b:82:b5:de:94:f8:c7:14:60:63:0d:7c:bf:c0:d9:d7:3a:
70:64:55:ec:61:3c:a3:53:82:cf:b1:7a:3c:37:8a:21:26:68:
e0:bf:fe:1b:32:0a:c5:1d:86:b1:c1:53:fa:dc:72:cf:71:51:
bf:c3:6f:d3:1c:b8:26:10:99:1f:36:36:99:0b:67:78:04:57:
f3:e9:ce:d5:bf:1f:37:e8:71:89:9a:74:6e:b0:bf:8f:93:c8:
74:f3:ac:22:89:18:8a:70:93:41:e3:c6:87:f3:25:7b:bc:44:
1d:cc:ef:a6:c9:04:be:c6:d0:94:24:aa:5f:b1:2d:d7:dc:b6:
37:17:ab:a3:73:c1:bb:6c:79:8b:ea:08:3b:da:66:6c:d3:88:
49:4f:48:c5:54:1c:f4:3f:72:c9:47:5c:eb:9a:fd:26:19:81:
83:cd:7d:4c
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUaiapWnG2bW3CBpAVpjdc9/BWM9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDMxNDQyMjZaFw0yNzA2MDIxNDQ3MjZaMDMxMTAvBgNV
BAMTKDc2Q0E4RjYzQTc4MkFGRUMxQjUzMzEwNDhEN0ZBMEI5RUQ3NjQ0MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/z1mdb+5shlSje3ooPVc0IhPa
450Egu+ZVrb1GTzKsJIMK5a3Hk0UiS/+lrOH5ZpzKgkRIPx1Hmm3wZGSp2RhjgTR
EluxAkKCv2bWhrRwJGWDFL7VWvCQ7M0LclEYCijyK1JUe5uswm0QO0TG/68T50GW
xaJLh7tZZgQ7QKwsW/aBhAGA+v17EnmX/s8ZdnG8HiVniw5M6XAPS2U7G58CywgW
2NCIBsE2eJPHps7Gu44/OZoL4MT/Abd2fdYh0LwYeJUL5u2VVyNP0bD6rwfpoT5g
qGtnmU80+WHhEs5rFh2nQ6to4ZOuOb9BRbvhcCiq5V/+E7BNnkSyAB0bdUrVAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUdsqPY6eCr+wbUzEEjX+gue12RC0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAFIaWQME
AFIabQMEAFIacgMEAFIahgMEAFIapQMEAFIapwMEAFIarAMEAFIbEAMEAFIbEwME
AVIdiDANBgkqhkiG9w0BAQsFAAOCAQEAKPhjPDeAaqrBcJE5ap9HYp4Z4DHU760I
xNoxjEv/Nc8Ik+PL9QvKQzYSy/rH6GFIuMVACDIA1mcYRReKfeigEUxTTbDGGyXk
zbHfQnDzEghzo3uEzgiI1CsuZIuCtd6U+McUYGMNfL/A2dc6cGRV7GE8o1OCz7F6
PDeKISZo4L/+GzIKxR2GscFT+txyz3FRv8Nv0xy4JhCZHzY2mQtneARX8+nO1b8f
N+hxiZp0brC/j5PIdPOsIokYinCTQePGh/Mle7xEHczvpskEvsbQlCSqX7Et19y2
Nxero3PBu2x5i+oIO9pmbNOISU9IxVQc9D9yyUdc65r9JhmBg819TA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:42:41 2026 by rpki-client