Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS270439.roa
File: AS270439.roa (raw, json)
Hash identifier: 9XC2Jsp2hup2l34UqgvEfnb1/55ruzwvnE6C+dszkCg=
Subject key identifier: 86:1C:EB:A7:5D:37:14:D7:E1:5F:87:A8:35:72:23:62:3C:78:F3:E4
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4B9E3BE3BC60B260FF690CE35A93C4A9B82BDB76
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS270439.roa
Signing time: Fri 10 Apr 2026 14:29:01 +0000
ROA not before: Fri 10 Apr 2026 14:24:01 +0000
ROA not after: Fri 09 Apr 2027 14:29:01 +0000
asID: 270439
IP address blocks: 84.75.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:9e:3b:e3:bc:60:b2:60:ff:69:0c:e3:5a:93:c4:a9:b8:2b:db:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 10 14:24:01 2026 GMT
Not After : Apr 9 14:29:01 2027 GMT
Subject: CN=861CEBA75D3714D7E15F87A8357223623C78F3E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e6:60:78:e3:fd:1b:62:1a:49:44:d5:de:b9:
08:3a:9a:42:87:a5:96:6d:30:8a:9b:39:d1:c0:f3:
3d:8e:4d:7a:d7:bd:5d:7b:95:c4:d5:63:97:98:fd:
cf:4e:db:2c:0a:c1:db:d0:3c:99:67:7d:be:39:47:
21:c6:0a:ae:14:9d:18:9b:8a:ff:19:9c:fa:39:68:
dc:4a:4a:42:e5:5d:d5:93:48:dc:7f:e6:b2:d6:40:
0f:e8:2d:09:e9:e9:54:df:c1:3a:b0:52:4f:90:43:
37:72:39:bd:de:2b:18:96:02:eb:49:72:1a:29:e2:
11:43:11:d8:71:d7:bb:3d:c6:3e:a0:68:f8:b4:48:
16:d1:2b:c5:15:10:e0:41:0b:ef:bd:02:04:43:16:
b4:6e:eb:ae:77:85:9e:b2:48:d3:5f:83:17:dc:3a:
f1:52:63:60:a6:99:b5:39:ef:9e:03:0f:1d:04:4c:
76:5d:50:64:ae:98:cd:20:a2:d0:83:0a:4b:61:0a:
b8:3c:f9:aa:43:7b:7b:2b:6b:86:b4:90:6d:79:9b:
91:bd:9d:3a:02:fa:88:52:7b:6a:e5:1e:a8:16:9f:
73:87:42:96:d1:8f:da:4d:a1:42:45:12:08:e3:33:
c0:10:fd:ba:84:97:86:e5:a4:aa:31:b5:c6:01:42:
f4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1C:EB:A7:5D:37:14:D7:E1:5F:87:A8:35:72:23:62:3C:78:F3:E4
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS270439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.75.219.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:0e:67:81:07:78:43:47:59:3b:47:51:03:b1:39:48:37:93:
50:f2:5f:71:e3:0d:13:11:af:d8:5e:71:9d:5b:bc:3d:54:f4:
4c:dd:6a:a6:7c:c8:72:7b:23:22:73:2e:91:49:f5:71:74:f4:
0e:3c:3b:16:ba:3e:0b:06:1c:a2:d8:81:3c:ac:3a:d5:1f:3a:
f6:88:0c:67:4e:d8:ad:1c:2c:cb:9a:b3:0d:c1:b4:0b:9b:dc:
20:0d:b3:1c:3a:af:92:44:ea:bb:4b:2c:9b:18:8b:37:c3:23:
83:4e:7c:9f:57:f3:20:e3:95:62:c2:d8:c2:d1:75:1f:f8:b6:
0c:91:ce:b8:69:1d:96:fc:6d:b6:a5:f5:de:f1:75:a1:d6:23:
77:e1:40:d6:01:a3:d9:21:0b:3c:61:18:89:3b:70:0b:00:9d:
34:4d:5d:fe:1d:aa:d2:7a:da:8e:10:2e:b6:b6:6c:f8:7d:7f:
cf:d0:20:09:85:cf:11:7d:12:ce:2a:cc:0c:b5:90:c5:3d:19:
cf:1f:d0:54:d0:83:4f:6a:a3:fe:d2:68:b7:fd:cd:68:35:18:
52:eb:28:c3:be:1b:6b:5b:1a:be:a3:79:03:46:5f:2b:60:db:
f6:c5:37:18:70:86:78:81:03:74:1d:3f:a8:4a:43:04:e7:09:
5d:f4:0c:95
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUS54747xgsmD/aQzjWpPEqbgr23YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTAxNDI0MDFaFw0yNzA0MDkxNDI5MDFaMDMxMTAvBgNV
BAMTKDg2MUNFQkE3NUQzNzE0RDdFMTVGODdBODM1NzIyMzYyM0M3OEYzRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW5mB44/0bYhpJRNXeuQg6mkKH
pZZtMIqbOdHA8z2OTXrXvV17lcTVY5eY/c9O2ywKwdvQPJlnfb45RyHGCq4UnRib
iv8ZnPo5aNxKSkLlXdWTSNx/5rLWQA/oLQnp6VTfwTqwUk+QQzdyOb3eKxiWAutJ
chop4hFDEdhx17s9xj6gaPi0SBbRK8UVEOBBC++9AgRDFrRu6653hZ6ySNNfgxfc
OvFSY2CmmbU5754DDx0ETHZdUGSumM0gotCDCkthCrg8+apDe3sra4a0kG15m5G9
nToC+ohSe2rlHqgWn3OHQpbRj9pNoUJFEgjjM8AQ/bqEl4blpKoxtcYBQvRXAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUhhzrp103FNfhX4eoNXIjYjx48+QwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjcwNDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVEvb
MA0GCSqGSIb3DQEBCwUAA4IBAQBMDmeBB3hDR1k7R1EDsTlIN5NQ8l9x4w0TEa/Y
XnGdW7w9VPRM3WqmfMhyeyMicy6RSfVxdPQOPDsWuj4LBhyi2IE8rDrVHzr2iAxn
TtitHCzLmrMNwbQLm9wgDbMcOq+SROq7SyybGIs3wyODTnyfV/Mg45ViwtjC0XUf
+LYMkc64aR2W/G22pfXe8XWh1iN34UDWAaPZIQs8YRiJO3ALAJ00TV3+HarSetqO
EC62tmz4fX/P0CAJhc8RfRLOKswMtZDFPRnPH9BU0INPaqP+0mi3/c1oNRhS6yjD
vhtrWxq+o3kDRl8rYNv2xTcYcIZ4gQN0HT+oSkME5wld9AyV
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:00:01 2026 by rpki-client