Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS201422.roa
File: AS201422.roa (raw, json)
Hash identifier: KxiD+5ycB9rbodk7hCmUwizaU26guWKupxJ7z9Q/pAU=
Subject key identifier: F4:84:43:AF:49:0C:BC:06:18:DA:A7:C9:B3:E5:EB:F8:D1:04:F7:AE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6773F706C53743F4C8D5F85A453FD18E51326F02
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS201422.roa
Signing time: Mon 13 Apr 2026 09:44:41 +0000
ROA not before: Mon 13 Apr 2026 09:39:41 +0000
ROA not after: Mon 12 Apr 2027 09:44:41 +0000
asID: 201422
IP address blocks: 82.38.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:73:f7:06:c5:37:43:f4:c8:d5:f8:5a:45:3f:d1:8e:51:32:6f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 13 09:39:41 2026 GMT
Not After : Apr 12 09:44:41 2027 GMT
Subject: CN=F48443AF490CBC0618DAA7C9B3E5EBF8D104F7AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:27:0c:34:08:87:63:73:ef:a6:76:e0:c5:9f:
53:53:70:83:80:eb:e5:48:1f:04:75:02:52:01:39:
eb:21:16:3c:9d:09:6b:0e:4c:cf:7c:f5:e1:f5:94:
87:d5:f1:c3:92:b1:7c:c7:91:84:c4:1a:69:39:5d:
e4:b7:a7:0d:85:0e:ef:52:53:ea:02:71:bd:8b:df:
1b:82:ae:56:69:7b:b7:cc:c4:3c:de:c2:59:df:82:
5c:9f:14:ce:4f:fa:40:55:9f:99:cc:1b:0b:49:d0:
06:b7:76:15:0d:7d:83:19:5f:bb:5b:a2:53:f4:c1:
0d:fe:f5:dd:65:4c:02:63:7f:fe:53:52:ef:c5:ec:
8b:fb:91:89:bb:0d:a8:00:a8:da:39:57:42:2d:84:
ba:54:1e:45:ee:73:d1:72:a1:3d:e5:f5:97:09:06:
86:2d:8d:ef:9f:d5:37:f9:f8:df:50:3c:08:e6:ed:
8c:e2:d1:9e:aa:b9:e4:34:b9:ae:5f:08:18:56:ac:
b9:0c:44:b2:73:e5:e0:d1:7d:e8:53:e9:7f:d2:58:
6c:73:8f:6d:73:0e:6d:14:3e:78:1a:48:9c:c1:de:
bd:61:01:49:89:30:cd:18:8d:a7:fb:db:94:b1:58:
06:37:8b:df:2d:58:d7:6b:0c:3f:d2:34:cf:cf:73:
a1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:84:43:AF:49:0C:BC:06:18:DA:A7:C9:B3:E5:EB:F8:D1:04:F7:AE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS201422.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.137.0/24
Signature Algorithm: sha256WithRSAEncryption
46:66:25:a9:0a:9c:8f:bb:b7:53:ee:67:6c:05:31:d0:6a:b6:
2d:32:d8:58:75:ce:72:ef:18:c4:e5:63:69:e9:17:07:c3:29:
be:56:6e:eb:fc:1a:99:d2:b0:eb:2a:50:83:89:76:cf:10:23:
85:96:d9:4e:ad:26:e8:7a:99:87:4f:bf:16:b9:80:e0:60:01:
45:37:e9:86:d2:b2:61:d5:80:7e:77:76:e2:c8:6b:cc:54:9e:
97:d1:26:b2:4e:28:fb:5a:5b:e8:f8:e2:11:16:5d:8c:ed:61:
0c:2c:1c:78:86:e5:29:c0:6f:b6:3b:fc:cf:a6:64:e3:ec:41:
a0:f8:2a:fd:14:b4:cf:b1:23:cc:07:bb:24:86:63:3f:0f:8e:
80:4c:cb:a0:1f:8f:92:c4:56:cd:ea:42:c6:07:6c:4e:da:79:
cf:83:2c:51:66:91:0a:87:33:b8:aa:ab:c9:41:fd:aa:2d:b6:
53:2a:47:de:5c:58:8e:56:b6:00:ba:99:e6:88:f9:0b:7b:d6:
a7:85:b7:9c:48:3c:a8:ea:c5:2e:ae:e6:98:23:50:fd:fa:b1:
1a:e6:34:7a:b5:df:d5:b1:bd:0e:83:16:2a:91:c3:9c:76:62:
15:70:3c:12:6c:6c:07:a4:aa:f7:7b:51:21:be:fb:24:2e:56:
12:4f:de:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZ3P3BsU3Q/TI1fhaRT/RjlEybwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTMwOTM5NDFaFw0yNzA0MTIwOTQ0NDFaMDMxMTAvBgNV
BAMTKEY0ODQ0M0FGNDkwQ0JDMDYxOERBQTdDOUIzRTVFQkY4RDEwNEY3QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDJww0CIdjc++mduDFn1NTcIOA
6+VIHwR1AlIBOeshFjydCWsOTM989eH1lIfV8cOSsXzHkYTEGmk5XeS3pw2FDu9S
U+oCcb2L3xuCrlZpe7fMxDzewlnfglyfFM5P+kBVn5nMGwtJ0Aa3dhUNfYMZX7tb
olP0wQ3+9d1lTAJjf/5TUu/F7Iv7kYm7DagAqNo5V0IthLpUHkXuc9FyoT3l9ZcJ
BoYtje+f1Tf5+N9QPAjm7Yzi0Z6queQ0ua5fCBhWrLkMRLJz5eDRfehT6X/SWGxz
j21zDm0UPngaSJzB3r1hAUmJMM0Yjaf725SxWAY3i98tWNdrDD/SNM/Pc6FDAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU9IRDr0kMvAYY2qfJs+Xr+NEE964wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAxNDIyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUiaJ
MA0GCSqGSIb3DQEBCwUAA4IBAQBGZiWpCpyPu7dT7mdsBTHQarYtMthYdc5y7xjE
5WNp6RcHwym+Vm7r/BqZ0rDrKlCDiXbPECOFltlOrSboepmHT78WuYDgYAFFN+mG
0rJh1YB+d3biyGvMVJ6X0SayTij7Wlvo+OIRFl2M7WEMLBx4huUpwG+2O/zPpmTj
7EGg+Cr9FLTPsSPMB7skhmM/D46ATMugH4+SxFbN6kLGB2xO2nnPgyxRZpEKhzO4
qqvJQf2qLbZTKkfeXFiOVrYAupnmiPkLe9anhbecSDyo6sUuruaYI1D9+rEa5jR6
td/Vsb0OgxYqkcOcdmIVcDwSbGwHpKr3e1EhvvskLlYST95x
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:00:14 2026 by rpki-client