Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3257.roa
File: AS3257.roa (raw, json)
Hash identifier: b57WRmaalryBorUGusUlE2ZAu6LHJmUrov6h9X7pXX8=
Subject key identifier: 0F:51:32:55:92:03:2E:E5:1D:3C:C1:5C:79:68:7B:BE:26:24:4C:EB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 745F67DD8A309AF19F3CAE509DBD897B3AB9EBC3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3257.roa
Signing time: Thu 09 Apr 2026 13:59:49 +0000
ROA not before: Thu 09 Apr 2026 13:54:49 +0000
ROA not after: Thu 08 Apr 2027 13:59:49 +0000
asID: 3257
IP address blocks: 82.26.205.0/24 maxlen: 24
82.26.207.0/24 maxlen: 24
84.75.160.0/24 maxlen: 24
178.83.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:5f:67:dd:8a:30:9a:f1:9f:3c:ae:50:9d:bd:89:7b:3a:b9:eb:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 9 13:54:49 2026 GMT
Not After : Apr 8 13:59:49 2027 GMT
Subject: CN=0F51325592032EE51D3CC15C79687BBE26244CEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:ea:96:01:cc:53:26:22:be:95:3f:cf:67:d8:
79:27:da:e4:1d:5c:ce:eb:61:11:a1:89:76:d2:62:
79:09:c4:65:60:71:1e:35:3f:1a:b5:af:15:91:03:
15:d3:91:bf:a5:4e:5f:a1:4e:d6:4d:68:e1:5c:f0:
08:00:ec:c9:b5:b3:42:56:a4:b9:34:09:26:92:07:
31:32:08:f8:df:a8:24:38:32:f0:dd:e4:3b:d7:8b:
52:7c:4c:a7:2a:7b:99:e8:1f:f1:94:dc:a3:24:de:
13:7d:1f:06:0e:12:a1:3b:d7:94:46:94:56:d8:2d:
ac:c3:9d:f0:79:15:e2:6c:2d:fe:ae:a5:7d:37:8c:
35:17:a8:b7:0e:1c:c4:68:2f:2c:b8:ea:5d:33:80:
31:5d:82:26:03:d8:75:73:7c:62:8b:8d:0b:5e:1b:
0d:b4:23:15:5d:47:43:e1:30:51:46:5c:f1:2c:31:
a7:bd:7d:34:fc:29:2a:e7:59:76:1f:59:a8:36:d6:
57:77:9f:f1:15:18:a9:14:dc:c5:e5:f0:7d:d0:07:
4c:ad:19:4f:fc:1b:ec:df:1f:f0:37:40:ee:b2:74:
66:d6:fa:9f:fa:30:a8:38:eb:9f:f0:75:ec:db:75:
c5:01:35:08:df:f5:04:8a:b8:94:03:bc:ae:c8:9b:
7c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:51:32:55:92:03:2E:E5:1D:3C:C1:5C:79:68:7B:BE:26:24:4C:EB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.205.0/24
82.26.207.0/24
84.75.160.0/24
178.83.6.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:49:7d:f0:94:23:5e:22:68:80:f0:9c:82:f8:ec:19:cf:e0:
db:1d:b8:45:7a:7b:9f:40:dc:f7:97:31:e4:78:21:84:f7:51:
c9:b5:13:a4:09:1e:ae:11:a3:24:c9:d5:eb:5b:b8:9f:2a:76:
8c:88:4e:f2:08:8e:81:9c:ef:bb:54:28:be:50:40:57:1b:8c:
d6:43:fc:ca:e1:47:eb:c5:b6:72:23:e1:af:44:ed:51:30:79:
3e:83:32:c7:b0:30:fe:be:6f:68:d4:d9:32:37:e3:20:2e:df:
b3:45:e9:16:32:30:fe:a2:bc:e1:42:7c:10:42:e1:e4:0a:9a:
7b:b6:13:68:fc:5c:e8:b5:9e:40:35:8d:6f:d8:d6:e8:9d:d2:
1c:5a:92:78:e0:91:b7:e5:fd:fa:66:90:d2:68:30:20:df:58:
76:db:78:e5:95:57:0d:72:ef:42:3f:50:e1:56:1e:bc:6e:b0:
70:af:97:3e:6f:98:b9:71:c5:7c:88:ba:84:72:ea:da:6a:9c:
e2:01:81:94:39:56:f0:ce:24:18:a6:ca:b4:53:8c:20:b7:dc:
0c:e6:a0:f1:78:f1:f4:14:c3:77:77:20:b8:8f:28:ec:8e:ad:
1a:74:4c:70:75:e0:62:7d:bf:ab:dd:cd:e7:9a:64:63:d6:51:
0f:b1:e3:7f
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUdF9n3YowmvGfPK5Qnb2Jezq568MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDkxMzU0NDlaFw0yNzA0MDgxMzU5NDlaMDMxMTAvBgNV
BAMTKDBGNTEzMjU1OTIwMzJFRTUxRDNDQzE1Qzc5Njg3QkJFMjYyNDRDRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD76pYBzFMmIr6VP89n2Hkn2uQd
XM7rYRGhiXbSYnkJxGVgcR41Pxq1rxWRAxXTkb+lTl+hTtZNaOFc8AgA7Mm1s0JW
pLk0CSaSBzEyCPjfqCQ4MvDd5DvXi1J8TKcqe5noH/GU3KMk3hN9HwYOEqE715RG
lFbYLazDnfB5FeJsLf6upX03jDUXqLcOHMRoLyy46l0zgDFdgiYD2HVzfGKLjQte
Gw20IxVdR0PhMFFGXPEsMae9fTT8KSrnWXYfWag21ld3n/EVGKkU3MXl8H3QB0yt
GU/8G+zfH/A3QO6ydGbW+p/6MKg465/wdezbdcUBNQjf9QSKuJQDvK7Im3wBAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQUD1EyVZIDLuUdPMFceWh7viYkTOswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFIazQME
AFIazwMEAFRLoAMEALJTBjANBgkqhkiG9w0BAQsFAAOCAQEACkl98JQjXiJogPCc
gvjsGc/g2x24RXp7n0Dc95cx5HghhPdRybUTpAkerhGjJMnV61u4nyp2jIhO8giO
gZzvu1QovlBAVxuM1kP8yuFH68W2ciPhr0TtUTB5PoMyx7Aw/r5vaNTZMjfjIC7f
s0XpFjIw/qK84UJ8EELh5Aqae7YTaPxc6LWeQDWNb9jW6J3SHFqSeOCRt+X9+maQ
0mgwIN9Ydtt45ZVXDXLvQj9Q4VYevG6wcK+XPm+YuXHFfIi6hHLq2mqc4gGBlDlW
8M4kGKbKtFOMILfcDOag8Xjx9BTDd3cguI8o7I6tGnRMcHXgYn2/q93N55pkY9ZR
D7Hjfw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:07:03 2026 by rpki-client