Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49791.roa
File: AS49791.roa (raw, json)
Hash identifier: 7kQ4pSIj6n+9w1vZskrc3aWYwjMyYysWGM0G2UClde0=
Subject key identifier: 24:D1:71:F7:2C:8F:59:D6:4D:7D:0F:76:04:8C:17:79:8C:A2:AF:F6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3BAE58C2B7BA45A9212D7A28AB057882A7869661
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49791.roa
Signing time: Tue 28 Oct 2025 13:46:53 +0000
ROA not before: Tue 28 Oct 2025 13:41:53 +0000
ROA not after: Tue 27 Oct 2026 13:46:53 +0000
asID: 49791
IP address blocks: 82.22.40.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:ae:58:c2:b7:ba:45:a9:21:2d:7a:28:ab:05:78:82:a7:86:96:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 28 13:41:53 2025 GMT
Not After : Oct 27 13:46:53 2026 GMT
Subject: CN=24D171F72C8F59D64D7D0F76048C17798CA2AFF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:51:be:90:9b:d9:c2:54:83:96:76:44:b6:2a:
18:4f:12:e7:5b:83:ae:9e:5c:23:ae:7d:a5:1f:b4:
4f:ab:8f:d7:de:10:27:4a:7d:6a:39:c4:17:9a:39:
55:90:37:44:9c:47:e3:94:76:38:96:c9:11:bb:dc:
5e:5f:05:20:f2:98:5b:33:b9:95:84:29:9c:4b:68:
42:f0:a8:6e:f2:d3:fc:2d:86:41:41:1e:07:44:48:
8c:f1:00:6e:fb:61:8c:14:79:0c:a4:5a:f8:6b:8e:
f9:26:a3:50:21:e1:c4:c5:8f:6a:64:fd:ab:c3:63:
f9:65:3f:61:ea:3d:91:16:a3:47:54:12:e1:3b:dc:
26:00:49:ba:ee:00:00:76:fb:01:13:b7:8c:48:51:
81:3d:36:57:52:0a:d4:0c:19:5b:16:8d:09:7c:db:
65:b1:37:55:72:a5:6f:8d:58:0c:03:37:94:a6:a4:
e7:fc:21:16:be:45:ac:fa:95:1d:a4:77:9f:d1:51:
41:55:74:d2:04:81:af:ab:80:35:90:f8:ca:1e:6f:
c3:82:46:53:90:dc:21:14:02:ff:ef:f3:96:aa:72:
0c:65:03:79:f1:02:3d:37:ac:3b:f7:51:85:96:8c:
b2:d6:94:87:9e:6f:12:89:24:1f:63:07:67:bd:35:
9f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D1:71:F7:2C:8F:59:D6:4D:7D:0F:76:04:8C:17:79:8C:A2:AF:F6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49791.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.40.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:5f:05:6f:14:56:2f:d8:ae:0c:54:3f:d9:db:32:3c:1b:fb:
dd:e1:15:b2:20:c1:c5:10:68:d7:db:2e:cb:af:0a:6d:a0:c5:
a0:a6:44:e2:57:30:25:c8:b8:8c:3a:c8:df:68:da:40:22:5d:
6e:d2:ab:33:e9:70:b3:82:c9:85:56:1e:f5:df:55:75:66:ff:
64:e8:16:14:70:02:d6:75:fb:36:60:75:77:90:51:b9:ea:9d:
57:d6:8d:86:a1:11:a2:ce:79:e5:68:23:39:df:2b:a1:14:d7:
6b:53:cd:ae:81:20:de:2f:ed:2e:8c:ce:ce:45:10:36:fd:fc:
da:67:5b:ca:28:ed:89:49:97:15:f7:36:b0:50:9a:9c:53:ba:
c1:30:b9:12:1b:a2:6e:20:6c:36:23:c6:f5:ee:a1:6b:6b:52:
59:ca:b9:71:a4:d4:87:bd:bb:2c:25:06:2f:2a:af:50:4a:af:
80:25:f7:8d:5d:0d:fb:77:25:ca:b2:28:e4:39:f5:8e:03:06:
25:25:17:df:36:a0:1a:c6:a9:3b:87:5e:ac:c0:98:77:e0:02:
d6:9f:e8:6e:63:54:03:ba:27:ae:dd:4c:e6:0f:34:3d:5f:1b:
ee:4f:cb:28:9c:b0:f5:96:04:53:cb:c1:1e:15:e2:a3:b6:04:
88:bc:c8:5f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUO65Ywre6RakhLXooqwV4gqeGlmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMjgxMzQxNTNaFw0yNjEwMjcxMzQ2NTNaMDMxMTAvBgNV
BAMTKDI0RDE3MUY3MkM4RjU5RDY0RDdEMEY3NjA0OEMxNzc5OENBMkFGRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHUb6Qm9nCVIOWdkS2KhhPEudb
g66eXCOufaUftE+rj9feECdKfWo5xBeaOVWQN0ScR+OUdjiWyRG73F5fBSDymFsz
uZWEKZxLaELwqG7y0/wthkFBHgdESIzxAG77YYwUeQykWvhrjvkmo1Ah4cTFj2pk
/avDY/llP2HqPZEWo0dUEuE73CYASbruAAB2+wETt4xIUYE9NldSCtQMGVsWjQl8
22WxN1VypW+NWAwDN5SmpOf8IRa+Raz6lR2kd5/RUUFVdNIEga+rgDWQ+Moeb8OC
RlOQ3CEUAv/v85aqcgxlA3nxAj03rDv3UYWWjLLWlIeebxKJJB9jB2e9NZ/bAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUJNFx9yyPWdZNfQ92BIwXeYyir/YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDk3OTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFSFigw
DQYJKoZIhvcNAQELBQADggEBAF9fBW8UVi/YrgxUP9nbMjwb+93hFbIgwcUQaNfb
LsuvCm2gxaCmROJXMCXIuIw6yN9o2kAiXW7SqzPpcLOCyYVWHvXfVXVm/2ToFhRw
AtZ1+zZgdXeQUbnqnVfWjYahEaLOeeVoIznfK6EU12tTza6BIN4v7S6Mzs5FEDb9
/NpnW8oo7YlJlxX3NrBQmpxTusEwuRIbom4gbDYjxvXuoWtrUlnKuXGk1Ie9uywl
Bi8qr1BKr4Al941dDft3JcqyKOQ59Y4DBiUlF982oBrGqTuHXqzAmHfgAtaf6G5j
VAO6J67dTOYPND1fG+5PyyicsPWWBFPLwR4V4qO2BIi8yF8=
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:21:25 2025 by rpki-client