Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS147003.roa
File: AS147003.roa (raw, json)
Hash identifier: Ist7Ezu32RMbAymRlJkZy19RJRF2pCskRVl1ne5Dgjc=
Subject key identifier: 8B:EC:3A:2F:65:FF:66:E5:16:47:4C:16:3B:9B:11:A0:5A:BF:96:C3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 126B8F5BDEAB6A28791041ED6EEFBA92D3E72D8C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS147003.roa
Signing time: Sun 12 Apr 2026 13:10:04 +0000
ROA not before: Sun 12 Apr 2026 13:05:04 +0000
ROA not after: Sun 11 Apr 2027 13:10:04 +0000
asID: 147003
IP address blocks: 82.38.108.0/23 maxlen: 24
82.41.138.0/23 maxlen: 24
84.75.180.0/23 maxlen: 24
178.83.220.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:6b:8f:5b:de:ab:6a:28:79:10:41:ed:6e:ef:ba:92:d3:e7:2d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 12 13:05:04 2026 GMT
Not After : Apr 11 13:10:04 2027 GMT
Subject: CN=8BEC3A2F65FF66E516474C163B9B11A05ABF96C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:57:a0:66:ce:07:6c:fa:f4:29:2f:79:a0:f7:
a9:bb:a6:46:d9:ac:6f:0f:f0:bd:64:4c:e5:37:13:
7a:c9:62:1e:b7:c4:57:4c:bc:00:82:43:7f:d1:70:
bc:ce:c2:53:b7:95:59:ab:1d:79:2d:78:bf:cc:7c:
f7:50:eb:93:b2:0b:50:42:14:03:08:fb:f5:4b:00:
09:08:4a:3b:14:2c:a4:3f:41:fa:18:57:e0:85:c8:
9f:13:b3:24:14:aa:88:a2:e8:39:c8:15:ee:33:ff:
1b:50:16:be:97:53:32:2b:df:ad:4d:ab:c7:03:6a:
0e:bf:98:11:2d:38:e8:e1:36:87:70:7f:a1:f5:19:
fd:54:ed:d2:39:54:8e:31:78:ec:0c:b7:95:73:0a:
63:a9:a6:6a:b0:25:49:40:e4:e3:21:65:55:85:46:
a8:97:41:ff:90:65:81:3f:4e:91:eb:b2:25:da:59:
39:cb:48:63:cf:56:8c:53:6b:ee:79:11:44:23:8b:
ab:9f:5b:b9:ba:dc:48:ab:e3:2c:ea:8d:e1:95:c1:
22:8d:df:62:49:e2:70:e4:b0:38:27:86:2c:64:1f:
bd:aa:77:73:17:ea:a7:be:90:2b:8b:06:a9:2f:23:
6f:b6:2a:7a:47:da:8d:12:70:90:66:f7:be:18:2e:
de:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:EC:3A:2F:65:FF:66:E5:16:47:4C:16:3B:9B:11:A0:5A:BF:96:C3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS147003.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.108.0/23
82.41.138.0/23
84.75.180.0/23
178.83.220.0/23
Signature Algorithm: sha256WithRSAEncryption
03:51:81:45:23:5f:86:55:17:05:00:f7:bf:b3:3f:cf:68:5a:
cd:8b:d1:48:3d:72:61:02:af:aa:79:54:d6:78:2a:8a:1c:33:
38:6b:7c:ac:57:82:7b:25:ba:f2:12:b6:18:28:51:c2:76:e5:
0e:99:46:61:30:8b:b1:15:06:e0:f6:69:e8:a8:d3:86:4f:db:
c9:f2:e7:29:df:a8:0d:a1:f7:48:c4:1f:dd:1a:25:3f:2d:8b:
1c:93:87:ca:d0:7b:8a:14:30:84:f5:a3:27:5e:9c:86:89:34:
10:18:aa:65:6f:69:1c:05:10:62:0e:03:c5:b3:93:b7:cb:81:
64:75:46:78:5a:98:b5:85:82:35:56:e2:72:0a:e5:6e:0c:82:
ad:7d:91:a0:94:88:08:a8:ec:3f:55:50:f2:1b:85:a2:f0:8d:
0b:4b:16:ca:e4:2a:12:ae:bd:65:a7:f0:18:01:d5:fe:64:a0:
de:13:e6:8a:3a:1a:f8:d2:d4:7e:d0:1d:c7:2f:30:9c:24:5d:
56:5c:8d:7e:f8:cc:76:d4:41:1d:7e:46:8e:f9:46:e5:e9:5b:
4f:e0:fe:04:f5:d2:63:19:cf:3c:34:c0:11:28:fa:ef:8e:db:
6b:70:53:77:b4:85:b0:19:44:18:96:07:e1:b2:15:58:ac:71:
92:9c:2e:e6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUEmuPW96raih5EEHtbu+6ktPnLYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTIxMzA1MDRaFw0yNzA0MTExMzEwMDRaMDMxMTAvBgNV
BAMTKDhCRUMzQTJGNjVGRjY2RTUxNjQ3NEMxNjNCOUIxMUEwNUFCRjk2QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeV6Bmzgds+vQpL3mg96m7pkbZ
rG8P8L1kTOU3E3rJYh63xFdMvACCQ3/RcLzOwlO3lVmrHXkteL/MfPdQ65OyC1BC
FAMI+/VLAAkISjsULKQ/QfoYV+CFyJ8TsyQUqoii6DnIFe4z/xtQFr6XUzIr361N
q8cDag6/mBEtOOjhNodwf6H1Gf1U7dI5VI4xeOwMt5VzCmOppmqwJUlA5OMhZVWF
RqiXQf+QZYE/TpHrsiXaWTnLSGPPVoxTa+55EUQji6ufW7m63Eir4yzqjeGVwSKN
32JJ4nDksDgnhixkH72qd3MX6qe+kCuLBqkvI2+2KnpH2o0ScJBm974YLt75AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUi+w6L2X/ZuUWR0wWO5sRoFq/lsMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQ3MDAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUiZs
AwQBUimKAwQBVEu0AwQBslPcMA0GCSqGSIb3DQEBCwUAA4IBAQADUYFFI1+GVRcF
APe/sz/PaFrNi9FIPXJhAq+qeVTWeCqKHDM4a3ysV4J7JbryErYYKFHCduUOmUZh
MIuxFQbg9mnoqNOGT9vJ8ucp36gNofdIxB/dGiU/LYsck4fK0HuKFDCE9aMnXpyG
iTQQGKplb2kcBRBiDgPFs5O3y4FkdUZ4Wpi1hYI1VuJyCuVuDIKtfZGglIgIqOw/
VVDyG4Wi8I0LSxbK5CoSrr1lp/AYAdX+ZKDeE+aKOhr40tR+0B3HLzCcJF1WXI1+
+Mx21EEdfkaO+Ubl6VtP4P4E9dJjGc88NMARKPrvjttrcFN3tIWwGUQYlgfhshVY
rHGSnC7m
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:00:12 2026 by rpki-client