Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
File: AS393942.roa (raw, json)
Hash identifier: OiPMt8O98ko950vwqa6AHxeZd5tfu63BMeEC9OzsD0Y=
Subject key identifier: 46:40:FF:5E:CA:08:55:58:B4:F7:6B:DF:19:DB:87:37:71:D0:81:67
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 62BF555AB3F31380FCBEA495AF8BA3FD1B8CF662
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
Signing time: Fri 01 Aug 2025 08:05:06 +0000
ROA not before: Fri 01 Aug 2025 08:00:06 +0000
ROA not after: Fri 31 Jul 2026 08:05:06 +0000
asID: 393942
IP address blocks: 82.29.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:bf:55:5a:b3:f3:13:80:fc:be:a4:95:af:8b:a3:fd:1b:8c:f6:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 1 08:00:06 2025 GMT
Not After : Jul 31 08:05:06 2026 GMT
Subject: CN=4640FF5ECA085558B4F76BDF19DB873771D08167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e1:59:39:65:60:91:9f:d6:93:c1:7e:6d:23:
f1:d0:2f:9b:da:34:61:06:f1:13:0d:7b:77:ed:88:
75:20:be:a5:c8:c6:6c:a6:78:74:54:b4:6c:c9:38:
a9:d0:65:bf:f0:8e:99:5f:74:ce:41:69:d0:b5:ce:
ee:d6:6d:0c:49:18:65:e3:91:a1:c6:5a:b9:d2:e5:
c7:9b:8b:31:4f:c3:b4:d5:03:66:b8:4c:4f:eb:8f:
8b:f0:b9:36:a5:43:88:41:64:69:9c:f3:3c:92:ef:
f5:49:f3:28:3f:09:a5:62:25:02:5b:e4:ff:e4:81:
55:c9:e7:c7:48:9f:08:1d:d5:bc:31:33:33:8b:a8:
5c:46:c5:bd:72:bc:b1:ee:b5:a7:89:6f:4f:1f:14:
7b:18:18:be:bc:aa:dd:a4:2a:00:e8:e7:ce:6d:4c:
20:9b:df:96:46:52:9a:c3:af:08:64:6a:51:c3:7b:
47:c2:b2:1d:96:c5:e6:d7:52:23:29:e4:ae:2e:6e:
86:9d:27:da:61:87:2a:f9:1f:30:29:f9:d2:d3:18:
4e:89:44:f7:68:e1:27:2b:de:18:d3:ca:6d:0c:fe:
ad:68:a9:a4:71:29:ae:d9:cf:15:ca:e7:c4:b8:4d:
e0:93:14:35:3c:8d:62:f9:a7:0f:69:cf:d9:7f:89:
a8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:40:FF:5E:CA:08:55:58:B4:F7:6B:DF:19:DB:87:37:71:D0:81:67
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS393942.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.95.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:bb:07:3e:aa:10:ee:37:e1:bf:8a:1c:fb:12:71:76:be:4d:
ba:14:df:23:8a:7b:89:2d:ce:5e:72:19:59:52:f2:49:56:06:
83:be:1c:9f:74:41:c3:ed:e7:d6:f4:12:e2:15:72:dc:cc:e6:
b3:07:cf:5b:ce:1c:c7:12:7e:98:d0:18:6d:07:ef:a8:fd:40:
a8:24:a2:c8:e6:56:74:7b:4e:a1:ab:95:8a:a3:56:8e:32:eb:
a2:e3:94:7d:b3:2b:11:9e:81:51:f0:13:fa:10:d1:70:6e:9f:
3f:f6:1f:51:aa:c6:84:e2:3c:a1:cb:6e:5c:8a:05:7d:65:90:
20:8f:17:77:72:ca:ef:f8:90:e4:39:16:57:50:0a:8a:a3:71:
09:7f:8c:26:04:09:cb:79:eb:a7:f7:6f:ee:e6:a2:c5:e3:5d:
33:03:34:45:17:d2:5a:d3:4f:d4:31:ae:22:fd:ba:52:e2:00:
f3:51:79:d7:51:8b:3e:aa:e2:ad:54:ba:51:cf:7a:77:39:8d:
20:15:3e:67:3b:7b:c1:ff:3a:7f:79:9f:91:46:ff:10:69:65:
68:67:8b:fa:c9:dc:f7:9c:19:2d:ee:98:c8:4d:49:e6:6b:20:
2b:fa:08:c4:5e:15:96:eb:93:ab:01:aa:5f:aa:96:01:49:07:
61:b0:76:a0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUYr9VWrPzE4D8vqSVr4uj/RuM9mIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDEwODAwMDZaFw0yNjA3MzEwODA1MDZaMDMxMTAvBgNV
BAMTKDQ2NDBGRjVFQ0EwODU1NThCNEY3NkJERjE5REI4NzM3NzFEMDgxNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK4Vk5ZWCRn9aTwX5tI/HQL5va
NGEG8RMNe3ftiHUgvqXIxmymeHRUtGzJOKnQZb/wjplfdM5BadC1zu7WbQxJGGXj
kaHGWrnS5cebizFPw7TVA2a4TE/rj4vwuTalQ4hBZGmc8zyS7/VJ8yg/CaViJQJb
5P/kgVXJ58dInwgd1bwxMzOLqFxGxb1yvLHutaeJb08fFHsYGL68qt2kKgDo585t
TCCb35ZGUprDrwhkalHDe0fCsh2WxebXUiMp5K4uboadJ9phhyr5HzAp+dLTGE6J
RPdo4Scr3hjTym0M/q1oqaRxKa7ZzxXK58S4TeCTFDU8jWL5pw9pz9l/iajnAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQURkD/XsoIVVi092vfGduHN3HQgWcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzkzOTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUh1f
MA0GCSqGSIb3DQEBCwUAA4IBAQBOuwc+qhDuN+G/ihz7EnF2vk26FN8jinuJLc5e
chlZUvJJVgaDvhyfdEHD7efW9BLiFXLczOazB89bzhzHEn6Y0BhtB++o/UCoJKLI
5lZ0e06hq5WKo1aOMuui45R9sysRnoFR8BP6ENFwbp8/9h9RqsaE4jyhy25cigV9
ZZAgjxd3csrv+JDkORZXUAqKo3EJf4wmBAnLeeun92/u5qLF410zAzRFF9Ja00/U
Ma4i/bpS4gDzUXnXUYs+quKtVLpRz3p3OY0gFT5nO3vB/zp/eZ+RRv8QaWVoZ4v6
ydz3nBkt7pjITUnmayAr+gjEXhWW65OrAapfqpYBSQdhsHag
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:20 2025 by rpki-client