Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49791.roa
File: AS49791.roa (raw, json)
Hash identifier: YXH/8OQWxd4LvgIJoBQv/cowsiQwYa53RJE951b7SaQ=
Subject key identifier: 32:8D:61:F5:B6:EA:3D:8A:98:EA:ED:75:A1:4B:BC:D4:65:A8:A1:0F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 34AE5D795621F1D40205BCCB882817D1E88E24F0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49791.roa
Signing time: Wed 08 Apr 2026 15:51:18 +0000
ROA not before: Wed 08 Apr 2026 15:46:18 +0000
ROA not after: Wed 07 Apr 2027 15:51:18 +0000
asID: 49791
IP address blocks: 82.22.40.0/23 maxlen: 23
82.41.30.0/23 maxlen: 23
84.75.220.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:ae:5d:79:56:21:f1:d4:02:05:bc:cb:88:28:17:d1:e8:8e:24:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 8 15:46:18 2026 GMT
Not After : Apr 7 15:51:18 2027 GMT
Subject: CN=328D61F5B6EA3D8A98EAED75A14BBCD465A8A10F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b4:b4:4f:06:a6:da:7f:5f:e2:9d:9d:3c:3d:
5a:b5:f2:64:e9:ea:89:1d:3c:2f:6d:75:6f:07:7a:
a0:88:1b:56:8e:25:e4:27:76:ec:5e:8d:50:c0:47:
2f:bc:c7:59:ac:fd:ae:5e:e1:c2:d5:87:f5:f5:4c:
4e:70:c0:d9:cb:5d:45:dd:e7:14:e5:2d:0f:28:17:
87:c9:fd:f4:c2:62:af:64:4c:3b:6e:d7:2d:da:94:
34:17:b4:53:ac:3f:d5:95:4e:5d:7b:d1:07:b4:14:
3e:31:cf:32:78:79:53:c5:cd:da:bd:57:7b:6a:c2:
33:94:f6:d1:c8:a3:20:83:f6:f2:d1:44:1e:42:9c:
93:85:0c:97:f9:ea:d2:48:be:1a:8b:70:89:07:ee:
74:09:fc:96:45:8b:fb:3a:2e:f4:a8:68:73:a6:e3:
05:3e:e3:e0:dc:81:01:5b:4f:24:53:31:63:82:30:
f2:4e:0f:9f:65:fa:be:43:98:3b:ec:e0:f9:bc:5c:
c0:3f:c6:ad:8b:66:43:76:dc:11:a3:8d:fe:d9:95:
1f:74:e5:e6:03:c8:db:9c:c9:0d:f9:90:ee:28:86:
94:dc:eb:2f:dc:3f:a9:7b:9b:ec:26:c7:f5:0d:f5:
fd:61:b0:ac:f9:41:33:6d:34:87:95:f8:8a:dd:1f:
94:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8D:61:F5:B6:EA:3D:8A:98:EA:ED:75:A1:4B:BC:D4:65:A8:A1:0F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49791.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.40.0/23
82.41.30.0/23
84.75.220.0/23
Signature Algorithm: sha256WithRSAEncryption
65:d8:64:79:d5:3d:09:7e:2b:a4:74:d7:cb:a1:da:30:b2:c0:
61:41:e1:a1:a2:0b:76:85:7f:12:c4:04:e4:1c:dc:61:12:92:
cc:cc:cc:1f:5f:60:17:f9:65:fa:81:c2:63:05:59:f3:94:37:
fe:f5:04:35:a8:e7:90:30:0c:aa:10:80:c5:ed:96:47:2e:55:
0b:ee:d1:22:76:7c:d6:d0:3d:08:db:df:7f:d4:6b:1c:8e:09:
f7:67:4e:37:90:cc:4c:ad:46:32:11:2c:7a:f0:23:3e:cb:ca:
b6:6e:c9:52:5a:a7:d9:16:17:27:b5:9c:44:cc:9c:57:2c:42:
ac:77:d7:b7:c8:c8:11:95:a9:85:c8:59:91:cc:9a:81:19:dc:
30:93:63:b6:a9:50:fc:b1:15:33:61:e7:40:2b:f8:ba:3c:eb:
9b:25:e4:f5:27:6c:80:76:64:b0:09:17:fc:86:f9:d1:6b:5d:
ed:17:c9:bd:bf:31:1f:4c:ac:08:71:b9:15:c9:69:99:82:2d:
e1:88:49:19:da:cd:10:4d:8f:9f:90:a4:0a:c2:86:dc:16:45:
c7:5d:a8:8c:57:47:5f:c2:17:37:3f:a7:d4:1f:69:09:18:5a:
ef:d0:45:20:29:c4:68:fd:31:b6:06:81:c2:1d:1f:a5:ff:4c:
71:6e:aa:0e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUNK5deVYh8dQCBbzLiCgX0eiOJPAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDgxNTQ2MThaFw0yNzA0MDcxNTUxMThaMDMxMTAvBgNV
BAMTKDMyOEQ2MUY1QjZFQTNEOEE5OEVBRUQ3NUExNEJCQ0Q0NjVBOEExMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCptLRPBqbaf1/inZ08PVq18mTp
6okdPC9tdW8HeqCIG1aOJeQnduxejVDARy+8x1ms/a5e4cLVh/X1TE5wwNnLXUXd
5xTlLQ8oF4fJ/fTCYq9kTDtu1y3alDQXtFOsP9WVTl170Qe0FD4xzzJ4eVPFzdq9
V3tqwjOU9tHIoyCD9vLRRB5CnJOFDJf56tJIvhqLcIkH7nQJ/JZFi/s6LvSoaHOm
4wU+4+DcgQFbTyRTMWOCMPJOD59l+r5DmDvs4Pm8XMA/xq2LZkN23BGjjf7ZlR90
5eYDyNucyQ35kO4ohpTc6y/cP6l7m+wmx/UN9f1hsKz5QTNtNIeV+IrdH5StAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUMo1h9bbqPYqY6u11oUu81GWooQ8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDk3OTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAFSFigD
BAFSKR4DBAFUS9wwDQYJKoZIhvcNAQELBQADggEBAGXYZHnVPQl+K6R018uh2jCy
wGFB4aGiC3aFfxLEBOQc3GESkszMzB9fYBf5ZfqBwmMFWfOUN/71BDWo55AwDKoQ
gMXtlkcuVQvu0SJ2fNbQPQjb33/UaxyOCfdnTjeQzEytRjIRLHrwIz7LyrZuyVJa
p9kWFye1nETMnFcsQqx317fIyBGVqYXIWZHMmoEZ3DCTY7apUPyxFTNh50Ar+Lo8
65sl5PUnbIB2ZLAJF/yG+dFrXe0Xyb2/MR9MrAhxuRXJaZmCLeGISRnazRBNj5+Q
pArChtwWRcddqIxXR1/CFzc/p9QfaQkYWu/QRSApxGj9MbYGgcIdH6X/THFuqg4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:25:34 2026 by rpki-client