Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS401818.roa
File: AS401818.roa (raw, json)
Hash identifier: U9y3ORjJ1sRS/T1yN4JkYsfEmb24JFiGU0L67G7ajd4=
Subject key identifier: 20:0D:13:9C:58:1D:20:52:C8:37:E6:6F:8E:1E:69:94:87:8C:8C:4E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 19255356FBAACEA98D2679069A8964253AC4E004
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS401818.roa
Signing time: Thu 26 Feb 2026 06:21:27 +0000
ROA not before: Thu 26 Feb 2026 06:16:27 +0000
ROA not after: Thu 25 Feb 2027 06:21:27 +0000
asID: 401818
IP address blocks: 2a13:9500:e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:25:53:56:fb:aa:ce:a9:8d:26:79:06:9a:89:64:25:3a:c4:e0:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 26 06:16:27 2026 GMT
Not After : Feb 25 06:21:27 2027 GMT
Subject: CN=200D139C581D2052C837E66F8E1E6994878C8C4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:21:59:11:be:95:93:65:f9:e8:f7:82:30:67:
af:d2:7a:46:73:6a:f8:b1:01:0a:ee:2c:44:d2:03:
42:c8:f4:b5:0d:64:92:5a:c7:1a:f9:4e:55:7f:4d:
b8:62:2e:86:6f:fb:15:db:6b:6b:76:0b:df:c7:3f:
df:1e:53:11:b4:1f:e2:17:4e:ea:f6:2e:2e:97:d4:
6a:ea:1b:ba:a1:0d:f2:76:c1:44:b8:3e:5b:6f:be:
9b:77:6a:02:7f:a0:06:56:90:15:48:1c:fe:1b:fb:
be:b1:e7:26:7d:2e:fa:8c:f7:5d:4e:35:19:35:f3:
6d:3f:c6:23:f5:d1:8d:cd:ab:40:a6:b1:7e:80:60:
2d:c2:90:57:ba:9e:3a:fb:21:c5:65:73:99:28:8d:
1b:77:ee:0b:d4:f7:10:a9:54:a6:a6:cc:62:49:a5:
f9:ca:ec:63:fa:f2:45:b8:c5:2a:76:72:45:e1:2c:
cd:24:07:ec:93:3b:ca:50:18:74:e0:64:42:dd:d8:
fe:bb:3f:d3:7e:dc:40:b4:79:5d:e1:fb:32:f9:fb:
89:10:07:49:5c:57:eb:91:d3:9f:38:b9:bb:fc:ec:
17:2f:d7:29:5a:52:af:e9:50:ac:a6:85:47:f5:e5:
db:92:66:c2:df:45:7b:f9:ee:02:00:58:3f:f2:92:
82:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0D:13:9C:58:1D:20:52:C8:37:E6:6F:8E:1E:69:94:87:8C:8C:4E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS401818.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:e0::/48
Signature Algorithm: sha256WithRSAEncryption
50:9a:76:30:c6:d3:89:9c:b9:aa:8e:38:fe:eb:59:4b:8a:ad:
b1:9d:04:a3:2c:e5:0b:96:e2:ff:d7:06:21:24:b8:7e:3b:f7:
51:ec:6b:20:0a:64:f2:9f:e3:54:19:d9:d4:bc:e5:35:7f:74:
f1:5d:31:73:b9:d9:6a:c5:35:e7:af:b6:b1:97:f5:a4:5f:d5:
88:77:a5:46:36:60:ab:81:09:17:b5:93:ee:84:69:e4:14:fb:
72:5f:91:a9:ce:ba:ae:51:fe:8d:54:c7:40:c7:0f:7c:a0:e7:
a3:37:97:1d:c6:ef:0d:0c:ad:f5:15:cd:ea:99:18:f1:00:15:
a5:55:d1:6a:46:17:ef:59:96:2b:97:75:ad:1d:3a:ab:f6:93:
a1:f3:cd:12:ef:8e:0a:c3:a1:88:9c:6e:bc:88:d7:72:61:54:
0a:43:dc:0b:78:e9:e5:35:ec:91:b2:55:2d:1c:4a:1d:3b:4d:
a2:aa:41:1d:e3:fc:4b:e5:20:82:f5:45:3a:3d:50:23:e6:88:
3a:86:00:07:fc:e2:e7:45:95:07:1d:64:26:4e:7b:80:9d:6e:
4e:ae:f4:61:03:a2:63:1c:3d:92:e6:4a:9d:34:61:d2:70:03:
df:59:c4:a8:a3:56:53:20:e0:0a:de:7c:7e:95:b4:4c:15:41:
3a:25:1a:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUGSVTVvuqzqmNJnkGmolkJTrE4AQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMjYwNjE2MjdaFw0yNzAyMjUwNjIxMjdaMDMxMTAvBgNV
BAMTKDIwMEQxMzlDNTgxRDIwNTJDODM3RTY2RjhFMUU2OTk0ODc4QzhDNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiIVkRvpWTZfno94IwZ6/SekZz
avixAQruLETSA0LI9LUNZJJaxxr5TlV/TbhiLoZv+xXba2t2C9/HP98eUxG0H+IX
Tur2Li6X1GrqG7qhDfJ2wUS4Pltvvpt3agJ/oAZWkBVIHP4b+76x5yZ9LvqM911O
NRk1820/xiP10Y3Nq0CmsX6AYC3CkFe6njr7IcVlc5kojRt37gvU9xCpVKamzGJJ
pfnK7GP68kW4xSp2ckXhLM0kB+yTO8pQGHTgZELd2P67P9N+3EC0eV3h+zL5+4kQ
B0lcV+uR0584ubv87Bcv1ylaUq/pUKymhUf15duSZsLfRXv57gIAWD/ykoLjAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUIA0TnFgdIFLIN+Zvjh5plIeMjE4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAxODE4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AADgMA0GCSqGSIb3DQEBCwUAA4IBAQBQmnYwxtOJnLmqjjj+61lLiq2xnQSjLOUL
luL/1wYhJLh+O/dR7GsgCmTyn+NUGdnUvOU1f3TxXTFzudlqxTXnr7axl/WkX9WI
d6VGNmCrgQkXtZPuhGnkFPtyX5GpzrquUf6NVMdAxw98oOejN5cdxu8NDK31Fc3q
mRjxABWlVdFqRhfvWZYrl3WtHTqr9pOh880S744Kw6GInG68iNdyYVQKQ9wLeOnl
NeyRslUtHEodO02iqkEd4/xL5SCC9UU6PVAj5og6hgAH/OLnRZUHHWQmTnuAnW5O
rvRhA6JjHD2S5kqdNGHScAPfWcSoo1ZTIOAK3nx+lbRMFUE6JRqD
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:13:10 2026 by rpki-client