Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400909.roa
File: AS400909.roa (raw, json)
Hash identifier: 6Tu+f/8ClY3/7TDpWticSUS2ljrC4AIUAyA19XgdBGU=
Subject key identifier: E8:F1:28:3E:0A:6F:13:75:F8:63:2B:35:D4:85:A1:49:71:BF:37:33
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 03DB831D1AC8272EFBD471F17158CE139C863DB1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400909.roa
Signing time: Sun 08 Jun 2025 06:18:26 +0000
ROA not before: Sun 08 Jun 2025 06:13:26 +0000
ROA not after: Sun 07 Jun 2026 06:18:26 +0000
asID: 400909
IP address blocks: 82.24.174.0/24 maxlen: 24
82.29.6.0/24 maxlen: 24
82.29.110.0/23 maxlen: 23
82.29.118.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:db:83:1d:1a:c8:27:2e:fb:d4:71:f1:71:58:ce:13:9c:86:3d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 8 06:13:26 2025 GMT
Not After : Jun 7 06:18:26 2026 GMT
Subject: CN=E8F1283E0A6F1375F8632B35D485A14971BF3733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cd:a9:1f:3c:ad:25:a9:fa:e1:41:5e:fa:10:
9b:2b:a3:0f:f1:01:f8:c9:ab:23:b0:8f:6f:99:4b:
3f:c3:59:54:dd:06:1d:3c:90:f8:e6:f7:11:b5:7d:
ef:43:6d:8e:29:3e:49:da:92:73:57:ee:a9:aa:b1:
4b:3d:bc:73:d0:d2:b9:45:66:2d:91:09:34:b5:e1:
a6:c4:b1:d6:be:5a:b7:1c:3a:ba:20:05:8e:b9:7a:
48:17:e6:f4:f1:bf:84:a7:76:cb:a1:da:9f:a8:41:
55:59:9b:20:af:de:ea:e9:73:78:4b:30:62:b4:ad:
f7:01:c5:5d:8f:09:06:20:0c:fd:cb:6c:d0:17:9a:
3e:f6:36:ec:51:dd:18:7c:ac:ef:61:35:15:2d:6f:
d8:17:6d:89:ab:10:a7:e0:a9:5b:e7:f7:e5:94:97:
82:11:61:04:e3:d4:b1:9e:cd:ff:1a:92:5a:3b:17:
6c:2c:0e:11:81:1f:c2:b2:1d:2a:dc:8a:b9:60:20:
d1:13:40:26:cb:d1:91:8a:83:a8:62:85:68:46:df:
59:e8:9d:7a:2e:c4:3f:99:d5:11:91:01:73:79:04:
ec:0f:4a:1b:48:cd:68:f5:f6:12:3f:2a:32:e3:60:
c5:2b:dc:20:fb:33:b5:0a:fc:15:db:5b:ce:f5:cb:
57:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F1:28:3E:0A:6F:13:75:F8:63:2B:35:D4:85:A1:49:71:BF:37:33
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400909.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.174.0/24
82.29.6.0/24
82.29.110.0/23
82.29.118.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:7a:2c:d7:9e:68:4d:3e:b9:c9:21:42:ba:d4:6b:43:53:3d:
54:a7:cc:f9:f4:b9:56:56:c9:4e:f4:bb:6c:35:0c:0f:d6:97:
ac:da:1b:c6:59:57:f7:5b:80:ba:28:38:59:5f:ab:ef:9d:cf:
63:5e:73:48:28:5d:dd:3e:c2:55:89:d5:76:b0:ac:1b:43:27:
82:9e:71:2a:f8:85:63:cb:7c:11:23:b4:3d:3c:bd:d5:b1:df:
5c:43:6e:97:7a:89:4b:61:05:b9:89:e3:c0:88:d7:4a:00:ed:
35:aa:e7:23:85:87:28:36:4b:ad:54:fa:a3:79:7d:d7:fe:dc:
00:bb:3c:02:ea:85:0c:ed:66:29:f9:b0:c6:f6:bd:d9:4d:9d:
17:0e:61:8f:36:d1:4e:25:ac:7d:a7:83:b8:92:a6:82:25:2a:
3b:46:56:87:c3:7f:a2:8a:f2:bc:bc:ff:fe:58:56:66:42:4c:
18:0d:92:bb:d3:72:8c:58:f6:d0:73:83:d1:1c:eb:c0:d3:7e:
b5:49:69:31:f6:08:6a:55:84:1b:d9:06:2b:1f:b0:48:be:91:
71:6c:d2:92:2f:c8:87:b1:e1:b8:0f:2b:82:8e:5c:75:6b:79:
66:6b:43:3b:2d:13:60:f2:4f:91:74:84:89:24:8d:31:17:b7:
53:1a:67:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUA9uDHRrIJy771HHxcVjOE5yGPbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDgwNjEzMjZaFw0yNjA2MDcwNjE4MjZaMDMxMTAvBgNV
BAMTKEU4RjEyODNFMEE2RjEzNzVGODYzMkIzNUQ0ODVBMTQ5NzFCRjM3MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLzakfPK0lqfrhQV76EJsrow/x
AfjJqyOwj2+ZSz/DWVTdBh08kPjm9xG1fe9DbY4pPknaknNX7qmqsUs9vHPQ0rlF
Zi2RCTS14abEsda+WrccOrogBY65ekgX5vTxv4Sndsuh2p+oQVVZmyCv3urpc3hL
MGK0rfcBxV2PCQYgDP3LbNAXmj72NuxR3Rh8rO9hNRUtb9gXbYmrEKfgqVvn9+WU
l4IRYQTj1LGezf8aklo7F2wsDhGBH8KyHSrcirlgINETQCbL0ZGKg6hihWhG31no
nXouxD+Z1RGRAXN5BOwPShtIzWj19hI/KjLjYMUr3CD7M7UK/BXbW871y1fJAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU6PEoPgpvE3X4Yys11IWhSXG/NzMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAwOTA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhiu
AwQAUh0GAwQBUh1uAwQBUh12MA0GCSqGSIb3DQEBCwUAA4IBAQBceizXnmhNPrnJ
IUK61GtDUz1Up8z59LlWVslO9LtsNQwP1pes2hvGWVf3W4C6KDhZX6vvnc9jXnNI
KF3dPsJVidV2sKwbQyeCnnEq+IVjy3wRI7Q9PL3Vsd9cQ26XeolLYQW5iePAiNdK
AO01qucjhYcoNkutVPqjeX3X/twAuzwC6oUM7WYp+bDG9r3ZTZ0XDmGPNtFOJax9
p4O4kqaCJSo7RlaHw3+iivK8vP/+WFZmQkwYDZK703KMWPbQc4PRHOvA0361SWkx
9ghqVYQb2QYrH7BIvpFxbNKSL8iHseG4DyuCjlx1a3lma0M7LRNg8k+RdISJJI0x
F7dTGmdR
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:06 2025 by rpki-client