Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: APByvC4hRdmhi7t8d3pARU5rPq2edORcuUorCkDcXu4=
Subject key identifier: 01:55:3F:F6:08:3F:6F:94:75:92:F7:8B:85:9D:CF:4A:FA:E3:E7:E2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 508B8B0E76D941216AD677E5C68C475F40F6FDC9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
Signing time: Wed 11 Feb 2026 11:41:00 +0000
ROA not before: Wed 11 Feb 2026 11:36:00 +0000
ROA not after: Wed 10 Feb 2027 11:41:00 +0000
asID: 396356
IP address blocks: 82.21.96.0/22 maxlen: 22
82.21.242.0/24 maxlen: 24
82.24.68.0/22 maxlen: 22
82.24.144.0/24 maxlen: 24
82.26.243.0/24 maxlen: 24
82.27.100.0/24 maxlen: 24
82.27.243.0/24 maxlen: 24
82.39.64.0/23 maxlen: 23
82.39.81.0/24 maxlen: 24
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
2a13:9500:33::/48 maxlen: 48
2a13:9500:82::/48 maxlen: 48
2a13:9500:83::/48 maxlen: 48
2a13:9500:84::/48 maxlen: 48
2a13:9500:85::/48 maxlen: 48
2a13:9500:86::/48 maxlen: 48
2a13:9500:87::/48 maxlen: 48
2a13:9500:88::/48 maxlen: 48
2a13:9500:89::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:8b:8b:0e:76:d9:41:21:6a:d6:77:e5:c6:8c:47:5f:40:f6:fd:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 11 11:36:00 2026 GMT
Not After : Feb 10 11:41:00 2027 GMT
Subject: CN=01553FF6083F6F947592F78B859DCF4AFAE3E7E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0f:04:7c:0a:3d:f6:a3:57:06:a4:d4:96:48:
8a:a7:41:b7:ff:65:d7:42:cb:e0:c2:6e:51:18:4f:
a3:89:61:88:a9:16:2f:bd:04:30:42:ce:7c:e5:0a:
37:11:e6:5b:93:de:5f:bf:90:4a:5e:6d:b0:74:ce:
90:46:df:3f:f7:a2:78:ba:cb:16:5a:74:b8:56:dd:
87:c5:5e:f2:d2:89:b5:92:af:ac:1e:8a:36:89:56:
97:1e:56:bf:31:28:bc:6e:55:b5:bc:db:11:de:26:
b7:f9:32:96:8b:0f:68:de:c6:b9:20:b5:8e:19:a5:
11:f5:50:6a:e4:be:35:e1:47:b8:d5:be:b0:3d:15:
83:f3:61:3a:74:fa:1a:a9:b6:01:a7:ff:1e:22:59:
10:76:b2:70:d8:79:ce:77:32:1c:dd:27:4c:9b:15:
c0:fa:7e:43:3f:66:39:0e:5b:be:73:14:9f:fd:a2:
f4:da:60:71:5e:ce:69:c3:1e:7b:14:b7:e2:5d:a7:
8c:42:8c:b1:54:c3:93:9b:ac:22:e4:91:7e:b0:e6:
9e:1e:fc:1d:35:b7:98:fd:58:7f:e5:32:97:2d:b4:
b2:02:97:b8:a0:d6:7f:68:fd:d9:ab:ef:a4:02:9f:
c4:d7:f7:20:07:dd:93:43:cc:89:1e:f9:2a:26:8e:
e0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:55:3F:F6:08:3F:6F:94:75:92:F7:8B:85:9D:CF:4A:FA:E3:E7:E2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.96.0/22
82.21.242.0/24
82.24.68.0/22
82.24.144.0/24
82.26.243.0/24
82.27.100.0/24
82.27.243.0/24
82.39.64.0/23
82.39.81.0/24
IPv6:
2a13:9500:1c::/46
2a13:9500:33::/48
2a13:9500:82::-2a13:9500:89:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1c:65:6c:c3:67:00:c2:60:4b:5c:6e:ff:1b:97:85:72:e6:92:
e0:fb:11:da:e7:74:c4:8e:55:88:87:88:6d:dd:2c:aa:6f:60:
98:f6:3e:39:f9:cc:0b:55:b5:4f:6e:05:0b:e0:38:97:28:57:
05:17:d9:ad:5d:e7:04:0e:c2:04:fc:5e:15:de:7b:db:61:c2:
bb:75:f7:3f:db:75:6e:68:55:06:59:b4:5f:d3:59:66:72:d3:
76:ce:2c:b6:d8:c1:b2:95:16:95:19:e5:7a:12:3e:70:6e:13:
96:fa:58:33:4e:46:27:01:a0:f8:1c:9e:50:69:be:86:6b:82:
88:d2:f0:cb:b4:71:75:68:49:80:b5:83:8b:d2:a4:46:f4:61:
6d:a2:f1:0b:6c:3f:13:29:cc:92:51:8b:2e:c1:c5:4d:9b:e8:
86:0f:a1:35:7f:31:e7:9f:60:ae:2d:57:f1:56:18:5e:01:f8:
89:10:d0:ac:82:c5:e2:b0:86:04:ce:62:6c:08:42:1a:ab:e4:
7b:12:9f:0f:a4:7a:17:7b:58:3b:cf:a8:1a:c1:64:56:d3:c5:
bc:54:30:b7:92:c3:ba:8e:ba:76:37:50:00:22:2a:6b:9a:dd:
aa:41:5c:1f:61:29:1e:e0:7d:de:62:a4:5c:de:af:9c:66:93:
cb:25:27:10
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUIuLDnbZQSFq1nflxoxHX0D2/ckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMTExMTM2MDBaFw0yNzAyMTAxMTQxMDBaMDMxMTAvBgNV
BAMTKDAxNTUzRkY2MDgzRjZGOTQ3NTkyRjc4Qjg1OURDRjRBRkFFM0U3RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyDwR8Cj32o1cGpNSWSIqnQbf/
ZddCy+DCblEYT6OJYYipFi+9BDBCznzlCjcR5luT3l+/kEpebbB0zpBG3z/3oni6
yxZadLhW3YfFXvLSibWSr6weijaJVpceVr8xKLxuVbW82xHeJrf5MpaLD2jexrkg
tY4ZpRH1UGrkvjXhR7jVvrA9FYPzYTp0+hqptgGn/x4iWRB2snDYec53MhzdJ0yb
FcD6fkM/ZjkOW75zFJ/9ovTaYHFezmnDHnsUt+Jdp4xCjLFUw5ObrCLkkX6w5p4e
/B01t5j9WH/lMpcttLICl7ig1n9o/dmr76QCn8TX9yAH3ZNDzIke+SomjuClAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUAVU/9gg/b5R1kveLhZ3PSvrj5+IwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDA8BAIAATA2AwQCUhVg
AwQAUhXyAwQCUhhEAwQAUhiQAwQAUhrzAwQAUhtkAwQAUhvzAwQBUidAAwQAUidR
MCwEAgACMCYDBwIqE5UAABwDBwAqE5UAADMwEgMHASoTlQAAggMHASoTlQAAiDAN
BgkqhkiG9w0BAQsFAAOCAQEAHGVsw2cAwmBLXG7/G5eFcuaS4PsR2ud0xI5ViIeI
bd0sqm9gmPY+OfnMC1W1T24FC+A4lyhXBRfZrV3nBA7CBPxeFd5722HCu3X3P9t1
bmhVBlm0X9NZZnLTds4sttjBspUWlRnlehI+cG4TlvpYM05GJwGg+ByeUGm+hmuC
iNLwy7RxdWhJgLWDi9KkRvRhbaLxC2w/EynMklGLLsHFTZvohg+hNX8x559gri1X
8VYYXgH4iRDQrILF4rCGBM5ibAhCGqvkexKfD6R6F3tYO8+oGsFkVtPFvFQwt5LD
uo66djdQACIqa5rdqkFcH2EpHuB93mKkXN6vnGaTyyUnEA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:58:37 2026 by rpki-client