Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: hy03rwmw6FXuOFrE30tMKpHdWO/UuKnUFbIZYLylmVs=
Subject key identifier: B8:35:FE:69:04:5D:42:8D:41:D2:CF:99:8B:25:1D:A8:97:47:C5:5F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 17412A10F3C24C777609F51F3BD6A9B34A2F489F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
Signing time: Thu 05 Jun 2025 10:46:21 +0000
ROA not before: Thu 05 Jun 2025 10:41:21 +0000
ROA not after: Thu 04 Jun 2026 10:46:21 +0000
asID: 396356
IP address blocks: 82.21.96.0/22 maxlen: 22
82.24.68.0/22 maxlen: 22
2a13:9500:1c::/48 maxlen: 48
2a13:9500:1d::/48 maxlen: 48
2a13:9500:1e::/48 maxlen: 48
2a13:9500:1f::/48 maxlen: 48
2a13:9500:33::/48 maxlen: 48
2a13:9500:82::/48 maxlen: 48
2a13:9500:83::/48 maxlen: 48
2a13:9500:84::/48 maxlen: 48
2a13:9500:85::/48 maxlen: 48
2a13:9500:86::/48 maxlen: 48
2a13:9500:87::/48 maxlen: 48
2a13:9500:88::/48 maxlen: 48
2a13:9500:89::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:41:2a:10:f3:c2:4c:77:76:09:f5:1f:3b:d6:a9:b3:4a:2f:48:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 5 10:41:21 2025 GMT
Not After : Jun 4 10:46:21 2026 GMT
Subject: CN=B835FE69045D428D41D2CF998B251DA89747C55F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:71:08:30:42:97:54:ec:5b:15:48:10:be:f0:
74:88:0b:3d:4a:5e:f7:ae:26:29:82:30:16:f4:c6:
36:50:e8:56:5c:18:fc:f1:ed:56:33:92:ae:95:7b:
86:a8:11:66:16:00:56:cd:b9:a9:8c:fd:ff:fa:45:
e2:03:61:eb:bc:6f:38:41:62:5d:62:3d:61:f9:25:
58:aa:f3:94:35:a2:a2:e1:97:d6:d7:ae:2c:fc:54:
1f:f0:f6:19:b7:59:28:ec:66:5b:5a:53:bb:de:b1:
38:25:5e:29:02:96:31:2e:7a:41:3e:f9:65:7a:fb:
59:b3:72:e7:5a:26:3d:05:b0:0b:d6:f5:78:1b:ea:
c2:84:58:07:8d:f7:c4:e8:f4:f0:79:86:60:b8:d3:
0b:d9:ee:fb:aa:ae:ca:a5:a1:33:10:42:ab:f5:af:
74:c6:15:1a:61:e0:e5:d2:65:fe:29:e9:10:f1:4d:
33:c3:e9:8e:bb:a0:47:6c:f2:d8:cd:7f:4c:dc:8c:
d4:d0:34:9a:21:5a:b5:00:d2:27:15:d7:e3:30:90:
11:c2:85:79:e6:c6:55:58:3a:51:fe:ca:3d:26:d1:
3f:30:97:42:2b:6b:1c:09:d9:ae:c7:a2:0f:ad:0b:
9b:db:d4:6a:1e:94:51:4d:ca:2f:65:e0:c1:c1:d7:
2c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:35:FE:69:04:5D:42:8D:41:D2:CF:99:8B:25:1D:A8:97:47:C5:5F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.96.0/22
82.24.68.0/22
IPv6:
2a13:9500:1c::/46
2a13:9500:33::/48
2a13:9500:82::-2a13:9500:89:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:c2:2a:ed:41:23:3b:37:86:46:73:8c:68:39:17:65:ad:78:
e5:63:9e:b2:5b:5a:5c:e8:f1:d6:5f:b9:35:26:6b:08:29:00:
37:5d:5f:fd:9e:ec:2f:2e:17:75:34:3e:92:fb:e8:ee:fb:7d:
d1:50:21:cf:b0:f2:71:28:98:9e:05:2b:46:10:ad:cf:68:25:
69:ad:32:88:8b:78:58:46:00:45:8f:6a:8c:81:97:8d:78:47:
e0:e1:81:3c:32:6e:32:d7:a5:d4:c3:1a:3b:e4:f9:20:1e:a8:
18:4e:66:62:5b:76:70:52:5b:bd:45:9e:32:44:26:40:f6:66:
e9:3c:86:05:93:80:e0:1b:a6:60:3f:bc:2a:7b:f0:eb:e6:f3:
95:25:5a:3f:00:09:75:20:2e:be:86:7d:3b:56:51:a1:b7:44:
ec:f6:18:0a:eb:5e:ef:56:14:b3:cc:69:d9:1c:8d:0a:a8:02:
28:dc:cb:69:e7:bb:3d:e4:34:03:a8:66:07:b5:e9:14:21:bf:
d0:89:f9:36:a3:3f:7d:ed:29:fe:8e:92:98:3a:bc:77:af:c4:
18:61:f8:67:1c:6a:bb:32:dc:61:ed:97:5f:81:87:32:a3:d2:
1d:21:f7:bd:87:9c:86:1e:63:0d:cd:7b:b9:1f:65:f7:37:d5:
d9:2f:b5:ea
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUF0EqEPPCTHd2CfUfO9aps0ovSJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDUxMDQxMjFaFw0yNjA2MDQxMDQ2MjFaMDMxMTAvBgNV
BAMTKEI4MzVGRTY5MDQ1RDQyOEQ0MUQyQ0Y5OThCMjUxREE4OTc0N0M1NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCucQgwQpdU7FsVSBC+8HSICz1K
XveuJimCMBb0xjZQ6FZcGPzx7VYzkq6Ve4aoEWYWAFbNuamM/f/6ReIDYeu8bzhB
Yl1iPWH5JViq85Q1oqLhl9bXriz8VB/w9hm3WSjsZltaU7vesTglXikCljEuekE+
+WV6+1mzcudaJj0FsAvW9Xgb6sKEWAeN98To9PB5hmC40wvZ7vuqrsqloTMQQqv1
r3TGFRph4OXSZf4p6RDxTTPD6Y67oEds8tjNf0zcjNTQNJohWrUA0icV1+MwkBHC
hXnmxlVYOlH+yj0m0T8wl0IraxwJ2a7Hog+tC5vb1GoelFFNyi9l4MHB1yxTAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUuDX+aQRdQo1B0s+ZiyUdqJdHxV8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjASBAIAATAMAwQCUhVg
AwQCUhhEMCwEAgACMCYDBwIqE5UAABwDBwAqE5UAADMwEgMHASoTlQAAggMHASoT
lQAAiDANBgkqhkiG9w0BAQsFAAOCAQEAdMIq7UEjOzeGRnOMaDkXZa145WOeslta
XOjx1l+5NSZrCCkAN11f/Z7sLy4XdTQ+kvvo7vt90VAhz7DycSiYngUrRhCtz2gl
aa0yiIt4WEYARY9qjIGXjXhH4OGBPDJuMtel1MMaO+T5IB6oGE5mYlt2cFJbvUWe
MkQmQPZm6TyGBZOA4BumYD+8Knvw6+bzlSVaPwAJdSAuvoZ9O1ZRobdE7PYYCute
71YUs8xp2RyNCqgCKNzLaee7PeQ0A6hmB7XpFCG/0In5NqM/fe0p/o6SmDq8d6/E
GGH4ZxxquzLcYe2XX4GHMqPSHSH3vYechh5jDc17uR9l9zfV2S+16g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:58 2025 by rpki-client