Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198420.roa
File: AS198420.roa (raw, json)
Hash identifier: CLeVdc9XMkFjun54Nvf3401lFCJhkid0m71vqLuRm7I=
Subject key identifier: 27:43:F1:53:D7:18:79:75:3C:F1:92:7E:11:58:FD:C6:2C:03:FA:7C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7A425AFEA031B1F0ED6172F3169B290CF58C034A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198420.roa
Signing time: Wed 03 Jun 2026 00:04:28 +0000
ROA not before: Tue 02 Jun 2026 23:59:28 +0000
ROA not after: Wed 02 Jun 2027 00:04:28 +0000
asID: 198420
IP address blocks: 82.29.43.0/24 maxlen: 24
82.41.120.0/24 maxlen: 24
82.47.181.0/24 maxlen: 24
84.75.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:42:5a:fe:a0:31:b1:f0:ed:61:72:f3:16:9b:29:0c:f5:8c:03:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 23:59:28 2026 GMT
Not After : Jun 2 00:04:28 2027 GMT
Subject: CN=2743F153D71879753CF1927E1158FDC62C03FA7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b3:43:92:f0:7e:6c:c4:dc:54:87:e2:5b:3b:
dd:06:3c:74:7f:cf:2a:bc:f1:b9:3a:b8:e3:2f:0a:
52:3e:38:6b:2e:6e:26:ed:01:b1:80:aa:ad:d7:8f:
9e:52:f7:96:c3:f6:ff:a3:1a:31:8b:d1:d0:07:71:
7b:3e:65:16:24:f1:25:39:49:b1:c9:9a:2c:1a:e1:
d2:0e:77:a5:8b:99:88:42:fe:a0:66:75:ee:a2:d4:
39:d6:0c:98:bd:04:c2:29:c1:56:28:68:43:11:e3:
a2:54:8d:04:cc:86:cf:a9:a2:44:a9:1b:5b:7f:85:
c9:56:08:4d:4e:18:2e:e0:cd:cd:0f:d9:27:35:40:
81:03:63:ad:27:18:71:f6:54:98:b3:28:9b:5a:c3:
5a:65:63:dc:4d:8b:71:c6:03:a5:2d:57:a1:41:aa:
97:f1:7e:32:f2:61:cc:ce:58:4c:d8:78:65:1f:28:
42:98:b2:2c:22:7e:97:2f:07:39:0b:d8:ad:2e:50:
56:26:14:35:69:6b:66:a6:1a:ba:60:1b:6b:53:69:
1a:a3:48:3e:f7:ae:0c:68:cf:38:b1:eb:a6:33:7e:
fd:f7:88:49:a8:81:ff:1d:2b:37:72:3d:b6:5a:64:
0c:cf:5f:f1:8f:f5:d0:66:18:96:84:8b:69:c2:de:
98:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:43:F1:53:D7:18:79:75:3C:F1:92:7E:11:58:FD:C6:2C:03:FA:7C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198420.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.43.0/24
82.41.120.0/24
82.47.181.0/24
84.75.161.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:05:d6:b3:95:8f:8d:fa:ab:97:d7:41:88:6b:7e:25:6f:d6:
1e:74:a9:b9:09:1b:7b:d2:f6:b8:a4:3e:6a:c6:f7:19:3c:95:
1a:ce:24:5f:fd:df:be:8a:a6:6b:ba:75:8f:a3:43:30:93:2f:
11:54:eb:d6:61:a8:5d:c1:1c:fb:c4:3f:64:e0:28:5d:fb:37:
3f:18:de:4b:17:0f:6a:47:43:c9:fa:f2:c9:2e:09:48:52:6b:
62:76:f6:3f:3a:ca:ba:56:f8:9f:76:a5:3f:bc:fc:c3:9e:12:
f4:05:ba:34:8c:25:c9:7f:ed:09:ef:67:42:ce:2c:60:f0:9f:
78:d3:6a:7e:9a:39:75:b5:77:36:60:7b:cd:9d:60:56:4b:57:
9b:01:ae:e0:26:7f:52:d1:03:e4:23:76:02:25:f6:32:dd:bf:
f4:b4:35:14:8a:da:7a:a1:12:1f:bd:ef:d0:40:20:ac:77:b3:
62:8b:00:b3:bd:2d:79:c4:24:a2:78:87:85:12:84:01:c5:91:
39:f1:49:2f:79:f1:d7:26:de:26:df:bd:2e:20:37:bd:d2:7d:
a2:45:94:33:6f:92:fb:b0:34:c4:b9:88:39:c0:2f:5e:9d:b3:
71:1f:f0:75:1d:37:d1:ef:25:eb:44:72:0c:9d:fd:63:88:70:
42:e7:e1:06
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUekJa/qAxsfDtYXLzFpspDPWMA0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIyMzU5MjhaFw0yNzA2MDIwMDA0MjhaMDMxMTAvBgNV
BAMTKDI3NDNGMTUzRDcxODc5NzUzQ0YxOTI3RTExNThGREM2MkMwM0ZBN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCms0OS8H5sxNxUh+JbO90GPHR/
zyq88bk6uOMvClI+OGsubibtAbGAqq3Xj55S95bD9v+jGjGL0dAHcXs+ZRYk8SU5
SbHJmiwa4dIOd6WLmYhC/qBmde6i1DnWDJi9BMIpwVYoaEMR46JUjQTMhs+pokSp
G1t/hclWCE1OGC7gzc0P2Sc1QIEDY60nGHH2VJizKJtaw1plY9xNi3HGA6UtV6FB
qpfxfjLyYczOWEzYeGUfKEKYsiwifpcvBzkL2K0uUFYmFDVpa2amGrpgG2tTaRqj
SD73rgxozzix66Yzfv33iEmogf8dKzdyPbZaZAzPX/GP9dBmGJaEi2nC3phnAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUJ0PxU9cYeXU88ZJ+EVj9xiwD+nwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk4NDIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUh0r
AwQAUil4AwQAUi+1AwQAVEuhMA0GCSqGSIb3DQEBCwUAA4IBAQBLBdazlY+N+quX
10GIa34lb9YedKm5CRt70va4pD5qxvcZPJUaziRf/d++iqZrunWPo0Mwky8RVOvW
YahdwRz7xD9k4Chd+zc/GN5LFw9qR0PJ+vLJLglIUmtidvY/Osq6VvifdqU/vPzD
nhL0Bbo0jCXJf+0J72dCzixg8J9402p+mjl1tXc2YHvNnWBWS1ebAa7gJn9S0QPk
I3YCJfYy3b/0tDUUitp6oRIfve/QQCCsd7NiiwCzvS15xCSieIeFEoQBxZE58Ukv
efHXJt4m370uIDe90n2iRZQzb5L7sDTEuYg5wC9enbNxH/B1HTfR7yXrRHIMnf1j
iHBC5+EG
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:53:42 2026 by rpki-client