Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS154410.roa
File: AS154410.roa (raw, json)
Hash identifier: 6nvIY050NArAATl8tVf8V9nPqC1Df5NYJBooyJTCkRc=
Subject key identifier: 3B:E7:BE:39:D9:B2:74:F1:42:2A:A3:5B:27:86:EA:3E:7B:9E:B9:CF
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3BD8F5A41E8A47FEC9627DC0C45C81E9685A70DA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS154410.roa
Signing time: Wed 10 Jun 2026 22:48:32 +0000
ROA not before: Wed 10 Jun 2026 22:43:32 +0000
ROA not after: Wed 09 Jun 2027 22:48:32 +0000
asID: 154410
IP address blocks: 82.21.29.0/24 maxlen: 24
82.21.30.0/24 maxlen: 24
82.21.31.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
84.75.169.0/24 maxlen: 24
84.75.170.0/24 maxlen: 24
178.83.178.0/24 maxlen: 24
2a13:9500:12e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:d8:f5:a4:1e:8a:47:fe:c9:62:7d:c0:c4:5c:81:e9:68:5a:70:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 10 22:43:32 2026 GMT
Not After : Jun 9 22:48:32 2027 GMT
Subject: CN=3BE7BE39D9B274F1422AA35B2786EA3E7B9EB9CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:49:9c:1b:4f:07:08:9d:ef:00:c8:40:38:f4:
b5:d3:85:f9:96:97:00:20:27:eb:b3:91:36:6f:ec:
f4:54:a2:9c:71:c9:66:65:05:d1:17:2c:46:16:80:
91:a6:7f:24:77:d7:d4:14:a0:30:35:6a:5c:ea:a7:
47:db:bf:e8:0e:2c:6d:55:6b:61:8d:7b:a7:38:3c:
73:8d:5f:e6:ee:37:09:3d:d5:2a:71:c0:ac:e9:f6:
ae:fe:7c:f4:32:86:5a:19:c0:36:00:a6:a6:c0:05:
b1:02:08:4c:0b:4b:a7:4c:3f:71:46:76:5f:34:23:
d4:df:3e:88:2b:1b:06:2b:2c:d5:6d:94:ac:8d:d7:
36:61:c1:7b:84:62:5f:02:b2:b2:f7:94:27:f0:bf:
c0:5e:55:42:d6:b8:5c:6d:aa:11:e2:8d:15:a7:cf:
4b:63:c4:11:10:c3:47:6b:0e:0d:b8:6f:fa:da:ed:
ab:30:39:80:90:51:f9:27:3c:e0:80:cd:d4:0b:42:
fa:e3:2e:2e:c3:89:ef:23:c8:ab:a7:2e:30:dc:b7:
0e:f4:09:99:74:d5:b7:6f:b3:71:fb:73:f1:2b:1d:
21:be:2c:0e:d4:58:03:a0:e6:52:fd:49:9b:8a:20:
64:f2:15:34:c3:cc:18:7e:07:57:d1:2a:4d:5f:4a:
16:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E7:BE:39:D9:B2:74:F1:42:2A:A3:5B:27:86:EA:3E:7B:9E:B9:CF
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS154410.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.29.0-82.21.31.255
82.24.175.0/24
84.75.169.0-84.75.170.255
178.83.178.0/24
IPv6:
2a13:9500:12e::/48
Signature Algorithm: sha256WithRSAEncryption
66:32:f6:c0:1b:5e:4f:1e:d5:70:09:dc:09:b0:1a:7c:8e:e8:
6e:c7:70:5a:bb:59:83:7e:2d:96:6b:9a:58:b2:46:2a:b0:d0:
e8:41:4c:33:b9:72:95:9e:bd:45:19:eb:6a:8c:0a:d8:7a:b8:
af:c7:85:2e:19:9b:9e:39:ca:47:e9:17:1e:fc:bb:d1:9c:99:
34:d8:57:5c:4d:be:ad:af:78:50:2f:2b:0e:65:0b:f0:57:f6:
eb:48:89:b6:44:00:0e:84:ce:d4:17:08:75:09:10:5c:fc:fb:
2f:20:e9:dd:0d:91:fc:2d:b7:03:6e:3b:c4:05:cf:7c:c4:c6:
d4:71:55:f6:36:15:fa:94:2b:61:aa:6c:54:a8:d6:db:46:c9:
02:6a:dc:0d:d8:e4:11:62:01:bf:89:26:76:0b:c9:1b:62:a0:
25:b8:e1:a8:fe:3b:eb:6c:45:3e:96:32:8d:61:a2:ac:b6:51:
f8:fc:d1:66:9d:82:76:2f:3e:44:c6:dc:ef:90:d0:ac:89:83:
4a:e3:31:8c:9e:b8:41:98:e9:29:65:fb:ca:a9:de:5e:ce:c8:
e5:1c:dc:8e:55:4e:ec:ee:0a:b2:16:cc:df:47:75:3e:15:1a:
a5:0a:47:97:19:9b:74:8a:73:f9:3d:06:ae:62:57:19:5b:f4:
b8:7e:c7:7c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUO9j1pB6KR/7JYn3AxFyB6WhacNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MTAyMjQzMzJaFw0yNzA2MDkyMjQ4MzJaMDMxMTAvBgNV
BAMTKDNCRTdCRTM5RDlCMjc0RjE0MjJBQTM1QjI3ODZFQTNFN0I5RUI5Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsSZwbTwcIne8AyEA49LXThfmW
lwAgJ+uzkTZv7PRUopxxyWZlBdEXLEYWgJGmfyR319QUoDA1alzqp0fbv+gOLG1V
a2GNe6c4PHONX+buNwk91SpxwKzp9q7+fPQyhloZwDYApqbABbECCEwLS6dMP3FG
dl80I9TfPogrGwYrLNVtlKyN1zZhwXuEYl8CsrL3lCfwv8BeVULWuFxtqhHijRWn
z0tjxBEQw0drDg24b/ra7aswOYCQUfknPOCAzdQLQvrjLi7Die8jyKunLjDctw70
CZl01bdvs3H7c/ErHSG+LA7UWAOg5lL9SZuKIGTyFTTDzBh+B1fRKk1fShYtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUO+e+OdmydPFCKqNbJ4bqPnueuc8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTU0NDEwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAuBAIAATAoMAwDBABS
FR0DBAVSFQADBABSGK8wDAMEAFRLqQMEAFRLqgMEALJTsjAPBAIAAjAJAwcAKhOV
AAEuMA0GCSqGSIb3DQEBCwUAA4IBAQBmMvbAG15PHtVwCdwJsBp8juhux3Bau1mD
fi2Wa5pYskYqsNDoQUwzuXKVnr1FGetqjArYerivx4UuGZueOcpH6Rce/LvRnJk0
2FdcTb6tr3hQLysOZQvwV/brSIm2RAAOhM7UFwh1CRBc/PsvIOndDZH8LbcDbjvE
Bc98xMbUcVX2NhX6lCthqmxUqNbbRskCatwN2OQRYgG/iSZ2C8kbYqAluOGo/jvr
bEU+ljKNYaKstlH4/NFmnYJ2Lz5ExtzvkNCsiYNK4zGMnrhBmOkpZfvKqd5ezsjl
HNyOVU7s7gqyFszfR3U+FRqlCkeXGZt0inP5PQauYlcZW/S4fsd8
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:42:25 2026 by rpki-client