Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: NVyO7cNBCJ6WydfUKj2+YpQrEVUHwVaIPvkBW2AuoMo=
Subject key identifier: A2:00:74:4C:C2:CB:A1:FC:4F:33:07:83:EB:F6:1E:AC:EC:66:4D:10
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0418D1DEEEA9541AF9B46FCC1F8C12F10634DC8C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
Signing time: Tue 07 Apr 2026 08:54:58 +0000
ROA not before: Tue 07 Apr 2026 08:49:58 +0000
ROA not after: Tue 06 Apr 2027 08:54:58 +0000
asID: 396356
IP address blocks: 82.21.96.0/22 maxlen: 22
82.21.242.0/24 maxlen: 24
82.24.68.0/22 maxlen: 22
82.24.144.0/24 maxlen: 24
82.26.243.0/24 maxlen: 24
82.27.100.0/24 maxlen: 24
82.27.243.0/24 maxlen: 24
82.39.64.0/23 maxlen: 23
82.39.81.0/24 maxlen: 24
82.47.244.0/22 maxlen: 22
84.75.140.0/22 maxlen: 22
84.75.168.0/22 maxlen: 22
84.75.176.0/22 maxlen: 22
84.75.184.0/22 maxlen: 22
84.75.188.0/22 maxlen: 22
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
2a13:9500:33::/48 maxlen: 48
2a13:9500:82::/48 maxlen: 48
2a13:9500:83::/48 maxlen: 48
2a13:9500:84::/48 maxlen: 48
2a13:9500:85::/48 maxlen: 48
2a13:9500:86::/48 maxlen: 48
2a13:9500:87::/48 maxlen: 48
2a13:9500:88::/48 maxlen: 48
2a13:9500:89::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:18:d1:de:ee:a9:54:1a:f9:b4:6f:cc:1f:8c:12:f1:06:34:dc:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 7 08:49:58 2026 GMT
Not After : Apr 6 08:54:58 2027 GMT
Subject: CN=A200744CC2CBA1FC4F330783EBF61EACEC664D10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:da:77:e0:f7:27:48:d6:7f:99:be:19:3c:
6d:b7:7a:c0:08:9f:82:29:f2:0c:f7:e7:1f:34:75:
ae:36:4e:a8:d6:02:ca:92:79:8b:06:f3:81:3f:f0:
9b:3d:7f:09:9e:fd:01:5d:f8:ca:9d:2d:e5:37:cb:
7b:07:a5:5e:23:00:e1:bc:b2:8b:92:b2:e8:51:63:
cd:f6:67:7d:b5:a0:2c:61:39:3a:3e:c4:e1:4f:93:
e2:cd:9f:66:3d:c0:70:4e:a4:33:db:59:48:20:a3:
f2:c3:70:5f:cd:da:fe:47:fd:4f:e5:33:4e:84:4f:
ca:68:a0:a6:bd:1a:25:65:28:23:1f:c2:31:fa:ea:
aa:39:27:90:08:b3:ad:a1:bb:82:21:c9:b6:a8:10:
a2:0c:7b:f4:fa:35:cb:cf:a7:ea:d2:0d:32:aa:28:
8d:f0:cd:e7:d6:3a:5a:95:67:a2:65:f9:1f:4b:57:
2d:08:b1:28:c5:1d:bb:3e:49:de:66:fb:a9:12:96:
42:2d:7d:31:f2:da:fe:38:c2:32:0a:e3:89:bd:ef:
c6:5b:60:0a:de:b2:c0:9d:9d:fb:7a:a8:57:b3:5e:
6a:dc:d7:3e:c1:6c:6f:f7:1a:53:74:2b:b6:c9:bb:
38:16:60:29:2b:b8:64:f7:17:d3:7c:9b:92:08:b6:
aa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:00:74:4C:C2:CB:A1:FC:4F:33:07:83:EB:F6:1E:AC:EC:66:4D:10
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.96.0/22
82.21.242.0/24
82.24.68.0/22
82.24.144.0/24
82.26.243.0/24
82.27.100.0/24
82.27.243.0/24
82.39.64.0/23
82.39.81.0/24
82.47.244.0/22
84.75.140.0/22
84.75.168.0/22
84.75.176.0/22
84.75.184.0/21
IPv6:
2a13:9500:1c::/46
2a13:9500:33::/48
2a13:9500:82::-2a13:9500:89:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
35:15:9f:ec:5c:a5:aa:70:df:c6:54:a7:a8:b8:3c:24:be:69:
f1:e9:ff:fe:66:8c:88:59:76:7a:67:87:13:f5:36:b1:60:26:
16:3d:d0:d7:23:cd:c7:ba:e5:b3:f1:99:f3:fa:73:13:2f:5c:
86:90:65:bf:3e:8d:cb:79:29:ff:1c:1d:11:33:3f:52:49:9c:
77:65:b1:a7:dd:b6:77:ee:ad:65:40:46:70:8e:5b:7c:4a:c4:
95:1b:51:e3:7c:82:73:01:21:47:b0:a9:ef:b9:bb:0d:73:0e:
16:78:f0:13:65:5f:07:ad:84:33:a8:99:e1:01:75:ed:1d:30:
71:70:04:28:42:05:0a:24:d0:2f:36:15:ea:37:41:e7:76:66:
2d:81:1e:54:27:19:cc:68:20:4b:1b:4d:f6:8f:17:d5:aa:c4:
31:7f:d3:4e:62:6f:9c:92:4e:9e:15:e6:cd:d1:24:65:fd:22:
64:e3:ff:2c:56:ca:79:30:52:f1:e2:87:f7:a9:49:be:0c:46:
fb:4b:9e:e9:98:01:ba:64:1a:6e:93:48:b9:db:84:52:9a:a8:
e0:3e:ae:9b:26:3e:c6:7a:38:8d:a2:95:17:27:b2:26:d6:bb:
39:5f:bd:fb:fc:1f:78:23:71:4d:3a:fc:31:3a:1d:66:ad:37:
7c:32:77:ba
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIUBBjR3u6pVBr5tG/MH4wS8QY03IwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDcwODQ5NThaFw0yNzA0MDYwODU0NThaMDMxMTAvBgNV
BAMTKEEyMDA3NDRDQzJDQkExRkM0RjMzMDc4M0VCRjYxRUFDRUM2NjREMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1/tp34PcnSNZ/mb4ZPG23esAI
n4Ip8gz35x80da42TqjWAsqSeYsG84E/8Js9fwme/QFd+MqdLeU3y3sHpV4jAOG8
souSsuhRY832Z321oCxhOTo+xOFPk+LNn2Y9wHBOpDPbWUggo/LDcF/N2v5H/U/l
M06ET8pooKa9GiVlKCMfwjH66qo5J5AIs62hu4IhybaoEKIMe/T6NcvPp+rSDTKq
KI3wzefWOlqVZ6Jl+R9LVy0IsSjFHbs+Sd5m+6kSlkItfTHy2v44wjIK44m978Zb
YAressCdnft6qFezXmrc1z7BbG/3GlN0K7bJuzgWYCkruGT3F9N8m5IItqpzAgMB
AAGjggKJMIIChTAdBgNVHQ4EFgQUogB0TMLLofxPMweD6/YerOxmTRAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijBaBAIAATBUAwQC
UhVgAwQAUhXyAwQCUhhEAwQAUhiQAwQAUhrzAwQAUhtkAwQAUhvzAwQBUidAAwQA
UidRAwQCUi/0AwQCVEuMAwQCVEuoAwQCVEuwAwQDVEu4MCwEAgACMCYDBwIqE5UA
ABwDBwAqE5UAADMwEgMHASoTlQAAggMHASoTlQAAiDANBgkqhkiG9w0BAQsFAAOC
AQEANRWf7FylqnDfxlSnqLg8JL5p8en//maMiFl2emeHE/U2sWAmFj3Q1yPNx7rl
s/GZ8/pzEy9chpBlvz6Ny3kp/xwdETM/Ukmcd2Wxp922d+6tZUBGcI5bfErElRtR
43yCcwEhR7Cp77m7DXMOFnjwE2VfB62EM6iZ4QF17R0wcXAEKEIFCiTQLzYV6jdB
53ZmLYEeVCcZzGggSxtN9o8X1arEMX/TTmJvnJJOnhXmzdEkZf0iZOP/LFbKeTBS
8eKH96lJvgxG+0ue6ZgBumQabpNIuduEUpqo4D6umyY+xno4jaKVFyeyJta7OV+9
+/wfeCNxTTr8MTodZq03fDJ3ug==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:59:09 2026 by rpki-client