Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS24940.roa
File: AS24940.roa (raw, json)
Hash identifier: UvPcwnXdsQUEnkhQAWDvdu4RKjLLYwN0nu6EreOj/8s=
Subject key identifier: 3F:ED:53:BD:8A:AA:6F:E9:F7:5C:F7:5F:FA:0D:1E:94:F7:CA:BD:C9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7FD43A1D5367379990199F70C182B16449DBEC5B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS24940.roa
Signing time: Fri 17 Apr 2026 12:58:39 +0000
ROA not before: Fri 17 Apr 2026 12:53:39 +0000
ROA not after: Fri 16 Apr 2027 12:58:39 +0000
asID: 24940
IP address blocks: 82.39.175.0/24 maxlen: 24
2a13:9500:12c::/48 maxlen: 48
2a13:9500:151::/48 maxlen: 48
2a13:9500:165::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:d4:3a:1d:53:67:37:99:90:19:9f:70:c1:82:b1:64:49:db:ec:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 17 12:53:39 2026 GMT
Not After : Apr 16 12:58:39 2027 GMT
Subject: CN=3FED53BD8AAA6FE9F75CF75FFA0D1E94F7CABDC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:20:54:31:65:59:73:7c:bc:63:58:b6:32:cd:
2c:be:40:e2:d9:aa:8a:62:54:d8:a5:81:ab:7d:aa:
26:80:c7:d1:5f:55:42:17:83:fe:91:89:95:12:db:
de:cd:26:04:86:a0:71:39:a3:ef:c8:a5:1e:93:2d:
ff:69:d4:f2:53:6f:e0:c6:6c:55:37:d9:d1:62:2a:
e1:0e:ca:4c:28:23:84:d3:d5:e7:b9:94:4d:44:3f:
c6:fd:2f:37:de:21:1f:3c:01:e2:76:19:f8:9c:cc:
cb:2e:ee:4f:72:07:2b:af:50:71:50:d3:28:ad:34:
ec:04:9e:72:29:f3:7a:29:01:aa:99:24:e7:39:87:
85:ee:a0:48:3c:36:6f:0d:90:b5:91:b7:ea:ec:46:
5d:74:df:ea:0a:c3:0a:96:95:75:9d:a8:4f:f1:82:
08:72:2d:06:70:9a:84:0f:3a:30:a6:1c:52:27:be:
f7:32:8d:57:15:f7:3b:76:ad:e9:b9:a3:9f:c7:1b:
9e:4f:dc:04:34:77:07:8a:bd:33:6f:30:f9:54:48:
78:b4:3f:04:7e:30:56:c2:a1:aa:a9:0d:72:8a:d7:
ed:dd:e2:13:9e:c6:e0:3b:0f:75:35:6d:1c:6b:7e:
43:1d:da:02:3e:d0:fc:3c:af:ba:80:5d:14:e6:0d:
24:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:ED:53:BD:8A:AA:6F:E9:F7:5C:F7:5F:FA:0D:1E:94:F7:CA:BD:C9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS24940.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.39.175.0/24
IPv6:
2a13:9500:12c::/48
2a13:9500:151::/48
2a13:9500:165::/48
Signature Algorithm: sha256WithRSAEncryption
0e:80:27:b7:17:03:75:f3:ab:0f:34:7d:52:a8:35:b0:ca:0b:
b3:f2:6c:a6:f9:18:3a:66:e7:a6:20:f3:a5:e2:df:ca:f0:cc:
d1:8c:f6:66:08:fb:e4:73:93:ab:cb:58:a0:7b:93:ce:e8:3f:
e9:21:86:e1:ee:65:98:7b:37:70:37:79:4f:bd:79:fc:23:d5:
9d:9c:33:07:25:bb:4e:b0:13:cd:06:b2:34:7e:c6:f3:32:4b:
11:bb:59:02:28:50:e4:86:78:22:f8:2e:e3:af:c4:47:8c:9f:
47:ca:24:10:25:81:9f:51:0c:a4:40:55:7a:8a:cc:24:75:41:
dc:58:fa:bf:51:10:7a:08:ac:63:7d:d1:7c:19:50:f6:18:37:
ba:0d:02:68:85:7f:42:f2:c7:63:c2:cd:6d:a5:9c:96:9f:0f:
1b:a6:a1:39:44:2d:f5:6d:95:5b:94:85:2b:c0:58:19:18:1c:
8c:5a:48:f1:04:5e:d6:28:77:c0:5f:03:a1:ab:ce:3b:21:02:
1c:48:d5:5c:2c:95:0b:43:57:48:c1:0b:f9:2d:c8:63:aa:a9:
6c:49:7a:a9:21:6e:37:43:c6:6e:43:43:97:03:2a:41:d9:5b:
f4:1e:e0:5d:b2:c7:46:43:65:2f:84:48:d5:fc:61:6f:7f:db:
48:7a:ba:87
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUf9Q6HVNnN5mQGZ9wwYKxZEnb7FswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTcxMjUzMzlaFw0yNzA0MTYxMjU4MzlaMDMxMTAvBgNV
BAMTKDNGRUQ1M0JEOEFBQTZGRTlGNzVDRjc1RkZBMEQxRTk0RjdDQUJEQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNIFQxZVlzfLxjWLYyzSy+QOLZ
qopiVNilgat9qiaAx9FfVUIXg/6RiZUS297NJgSGoHE5o+/IpR6TLf9p1PJTb+DG
bFU32dFiKuEOykwoI4TT1ee5lE1EP8b9LzfeIR88AeJ2GficzMsu7k9yByuvUHFQ
0yitNOwEnnIp83opAaqZJOc5h4XuoEg8Nm8NkLWRt+rsRl103+oKwwqWlXWdqE/x
gghyLQZwmoQPOjCmHFInvvcyjVcV9zt2rem5o5/HG55P3AQ0dweKvTNvMPlUSHi0
PwR+MFbCoaqpDXKK1+3d4hOexuA7D3U1bRxrfkMd2gI+0Pw8r7qAXRTmDSTJAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUP+1TvYqqb+n3XPdf+g0elPfKvckwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjQ5NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMAwEAgABMAYDBABSJ68w
IQQCAAIwGwMHACoTlQABLAMHACoTlQABUQMHACoTlQABZTANBgkqhkiG9w0BAQsF
AAOCAQEADoAntxcDdfOrDzR9Uqg1sMoLs/JspvkYOmbnpiDzpeLfyvDM0Yz2Zgj7
5HOTq8tYoHuTzug/6SGG4e5lmHs3cDd5T715/CPVnZwzByW7TrATzQayNH7G8zJL
EbtZAihQ5IZ4Ivgu46/ER4yfR8okECWBn1EMpEBVeorMJHVB3Fj6v1EQegisY33R
fBlQ9hg3ug0CaIV/QvLHY8LNbaWclp8PG6ahOUQt9W2VW5SFK8BYGRgcjFpI8QRe
1ih3wF8DoavOOyECHEjVXCyVC0NXSMEL+S3IY6qpbEl6qSFuN0PGbkNDlwMqQdlb
9B7gXbLHRkNlL4RI1fxhb3/bSHq6hw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:47:07 2026 by rpki-client