Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
File: AS395793.roa (raw, json)
Hash identifier: Cf4LSHNTzAtx3qKChUxrGBgZyQtwZnNZLIFqHqNXnEk=
Subject key identifier: 96:83:1E:28:4E:B2:6C:BD:89:B0:19:E8:D4:76:7B:47:6C:5E:DF:76
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 140C5F2CE8D4BB278F3F584F7BA2EBF3905C8625
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
Signing time: Sun 08 Jun 2025 04:43:53 +0000
ROA not before: Sun 08 Jun 2025 04:38:53 +0000
ROA not after: Sun 07 Jun 2026 04:43:53 +0000
asID: 395793
IP address blocks: 82.22.170.0/24 maxlen: 24
82.23.128.0/24 maxlen: 24
82.23.129.0/24 maxlen: 24
82.23.130.0/24 maxlen: 24
82.23.131.0/24 maxlen: 24
82.23.132.0/24 maxlen: 24
82.23.133.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.42.0/24 maxlen: 24
82.24.64.0/24 maxlen: 24
82.24.121.0/24 maxlen: 24
82.24.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:0c:5f:2c:e8:d4:bb:27:8f:3f:58:4f:7b:a2:eb:f3:90:5c:86:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 8 04:38:53 2025 GMT
Not After : Jun 7 04:43:53 2026 GMT
Subject: CN=96831E284EB26CBD89B019E8D4767B476C5EDF76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:59:84:e2:ee:68:e1:75:41:b4:66:3d:68:99:
2a:73:4d:7d:43:7d:b8:e1:d5:c8:d4:99:20:4a:f7:
7a:4b:ab:41:3a:a1:c6:6c:58:1b:a5:f4:3f:10:41:
dc:f3:e1:37:7a:83:28:86:86:28:34:9d:fe:42:14:
65:ed:f1:53:53:74:ec:26:02:9a:98:78:e3:86:1e:
49:4c:e2:41:94:c3:47:aa:53:e8:e2:76:e4:ab:84:
f6:3a:0d:bc:71:f8:65:cc:2b:19:7c:51:3e:bc:73:
75:a7:c8:e6:dc:5e:be:d2:59:60:ad:ed:98:14:42:
2a:a4:49:91:37:23:a0:4f:c3:57:f1:34:a2:89:6c:
37:25:31:e6:cf:6f:6e:f1:0f:ec:6a:17:98:10:90:
f6:96:d9:f2:fd:8c:33:63:b9:ff:2c:c4:ac:ec:d7:
fe:34:ad:f6:76:fa:7f:c0:6a:4a:15:f8:c2:f3:51:
b8:61:b4:f9:b0:50:67:81:d3:0e:18:5c:53:64:d8:
ed:5d:b5:4c:8d:ac:5f:fb:e2:80:d2:07:16:af:78:
64:20:e3:72:98:5b:9b:38:70:7c:c3:17:92:d5:6e:
a3:a3:3a:ac:02:dc:8a:7b:7b:c0:12:7c:29:66:2a:
ed:15:ee:06:ee:4e:87:68:fe:32:6c:91:64:5b:88:
98:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:83:1E:28:4E:B2:6C:BD:89:B0:19:E8:D4:76:7B:47:6C:5E:DF:76
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395793.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.170.0/24
82.23.128.0-82.23.133.255
82.23.147.0/24
82.24.42.0/24
82.24.64.0/24
82.24.121.0/24
82.24.146.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:bd:f7:ef:46:43:00:3d:12:bd:6a:48:c8:a6:8c:eb:48:26:
d9:4a:2b:ee:9c:93:1f:17:df:a0:a1:83:fa:cf:77:cc:68:8b:
a3:6f:21:80:03:3d:a6:38:c3:f5:a2:d0:9e:36:ec:47:f5:b9:
c1:a7:b2:37:ca:af:31:15:c5:b6:e6:ff:2e:b8:c8:63:6d:9e:
81:fe:08:b2:f4:af:b6:98:26:32:d1:08:e2:bc:c6:cc:b2:8f:
2d:3d:71:8a:39:9e:57:f5:12:55:64:01:38:fa:19:06:8c:de:
33:41:63:b5:e8:65:63:d3:e5:f0:86:b7:5a:26:55:34:77:8e:
77:db:e5:2c:f2:9e:49:f5:a2:88:c8:eb:e6:ce:f9:ea:7c:a6:
43:aa:6a:7f:fa:c7:06:a5:fb:9c:c1:73:ab:aa:4b:16:bb:9a:
47:3a:66:a7:ff:cd:45:ca:6e:0d:77:09:47:d4:42:96:11:7c:
e1:db:6b:d0:5e:28:32:46:f1:fa:3e:9e:d7:3d:62:c9:e3:06:
fd:a0:cd:b5:57:c5:fd:52:3f:0e:3f:ae:84:83:98:92:44:9b:
5c:1a:d9:a8:6f:fb:dc:d4:5a:d4:2b:d0:05:01:fa:40:31:cf:
c4:a9:1b:1b:7f:e6:a6:f6:69:c1:67:a0:1f:b6:4f:12:35:ec:
04:99:9b:55
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUFAxfLOjUuyePP1hPe6Lr85BchiUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDgwNDM4NTNaFw0yNjA2MDcwNDQzNTNaMDMxMTAvBgNV
BAMTKDk2ODMxRTI4NEVCMjZDQkQ4OUIwMTlFOEQ0NzY3QjQ3NkM1RURGNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7WYTi7mjhdUG0Zj1omSpzTX1D
fbjh1cjUmSBK93pLq0E6ocZsWBul9D8QQdzz4Td6gyiGhig0nf5CFGXt8VNTdOwm
ApqYeOOGHklM4kGUw0eqU+jiduSrhPY6Dbxx+GXMKxl8UT68c3WnyObcXr7SWWCt
7ZgUQiqkSZE3I6BPw1fxNKKJbDclMebPb27xD+xqF5gQkPaW2fL9jDNjuf8sxKzs
1/40rfZ2+n/AakoV+MLzUbhhtPmwUGeB0w4YXFNk2O1dtUyNrF/74oDSBxaveGQg
43KYW5s4cHzDF5LVbqOjOqwC3Ip7e8ASfClmKu0V7gbuTodo/jJskWRbiJgdAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUloMeKE6ybL2JsBno1HZ7R2xe33YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1NzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAUhaq
MAwDBAdSF4ADBAFSF4QDBABSF5MDBABSGCoDBABSGEADBABSGHkDBABSGJIwDQYJ
KoZIhvcNAQELBQADggEBAEq99+9GQwA9Er1qSMimjOtIJtlKK+6ckx8X36Chg/rP
d8xoi6NvIYADPaY4w/Wi0J427Ef1ucGnsjfKrzEVxbbm/y64yGNtnoH+CLL0r7aY
JjLRCOK8xsyyjy09cYo5nlf1ElVkATj6GQaM3jNBY7XoZWPT5fCGt1omVTR3jnfb
5Szynkn1oojI6+bO+ep8pkOqan/6xwal+5zBc6uqSxa7mkc6Zqf/zUXKbg13CUfU
QpYRfOHba9BeKDJG8fo+ntc9YsnjBv2gzbVXxf1SPw4/roSDmJJEm1wa2ahv+9zU
WtQr0AUB+kAxz8SpGxt/5qb2acFnoB+2TxI17ASZm1U=
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:55 2025 by rpki-client