Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49981.roa
File: AS49981.roa (raw, json)
Hash identifier: 26laDGgfz+xj8m/UaaL3w2ggjH8GRkgLqTZMfwR0f2c=
Subject key identifier: 43:03:75:26:5D:0B:6F:14:25:10:B5:87:F2:0E:BC:5B:DD:01:6B:3A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 04B44F491D2664BC09DBCFCDBE83B87CF8B1CE36
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49981.roa
Signing time: Fri 10 Apr 2026 09:09:14 +0000
ROA not before: Fri 10 Apr 2026 09:04:14 +0000
ROA not after: Fri 09 Apr 2027 09:09:14 +0000
asID: 49981
IP address blocks: 82.25.43.0/24 maxlen: 24
82.29.108.0/24 maxlen: 24
82.39.154.0/24 maxlen: 24
82.39.175.0/24 maxlen: 24
82.41.131.0/24 maxlen: 24
2a13:9500:ac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:b4:4f:49:1d:26:64:bc:09:db:cf:cd:be:83:b8:7c:f8:b1:ce:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 10 09:04:14 2026 GMT
Not After : Apr 9 09:09:14 2027 GMT
Subject: CN=430375265D0B6F142510B587F20EBC5BDD016B3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:25:a6:62:92:77:6f:31:57:c9:64:49:69:52:
c2:c8:da:9a:3c:cb:f2:1b:75:7e:c2:0e:54:5d:56:
d5:f1:c0:da:1e:31:3f:77:62:c0:2b:e4:67:00:96:
fe:f5:6a:72:66:30:89:e9:87:0d:e0:ef:7f:b3:b0:
a9:bd:17:48:e5:ab:39:02:07:ee:31:eb:12:74:c1:
fc:42:cd:1a:08:fa:f5:96:e4:c4:ed:50:04:f1:f9:
c3:5b:a3:5f:f2:e5:93:97:26:46:f5:8c:fd:fa:e8:
4d:e5:3f:24:e2:c7:20:11:36:9a:6b:a8:44:5f:d4:
a1:af:81:1b:fd:1e:e6:23:c3:c8:c2:a1:c4:1e:c1:
07:d6:c7:b6:06:41:02:bc:ac:8e:63:61:68:0b:a4:
12:37:88:5b:da:6d:7d:3f:a6:15:e0:fb:c7:e8:a7:
f7:d7:a2:59:a4:00:82:c7:4a:39:81:17:60:fd:0c:
49:e3:a4:68:da:94:77:20:1f:d7:c8:15:be:0f:f9:
f8:06:c9:ab:0f:68:b0:80:ef:e6:bb:ca:82:55:d5:
5c:69:7e:2e:da:03:ff:40:4c:f6:b8:49:6f:ac:23:
47:c8:ff:3e:c8:16:0c:f5:fc:a6:1a:11:23:46:80:
2d:fd:3a:93:90:cf:b9:58:cb:f5:17:20:cc:a0:15:
bb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:03:75:26:5D:0B:6F:14:25:10:B5:87:F2:0E:BC:5B:DD:01:6B:3A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49981.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.43.0/24
82.29.108.0/24
82.39.154.0/24
82.39.175.0/24
82.41.131.0/24
IPv6:
2a13:9500:ac::/48
Signature Algorithm: sha256WithRSAEncryption
70:ef:8c:5c:9b:55:a1:3b:bd:84:10:14:29:a5:09:fb:30:ac:
f6:fe:9f:63:e1:5f:b9:b8:1f:23:a6:e5:da:d1:73:b8:63:36:
ed:8d:65:c6:80:d5:45:33:01:e3:2e:84:69:43:69:74:1f:06:
c3:a1:46:0f:3b:74:8f:1c:b9:84:f5:c8:5e:af:4c:3c:a6:7a:
73:cf:42:d9:93:32:18:c2:5e:9c:71:d3:af:ef:9c:ee:70:1a:
20:05:97:17:01:f3:76:a6:3a:74:9a:85:46:d7:e2:2a:18:c6:
49:fd:0b:9e:9c:1b:e0:ae:8f:6f:fa:8f:e4:b2:5f:ec:46:50:
cd:a4:bf:57:3d:1e:d2:06:47:54:e4:10:14:41:13:4f:49:17:
10:4b:b5:36:da:5f:dc:9c:2b:15:56:6e:55:24:ec:54:67:36:
0e:55:f0:8b:5a:e4:9c:9f:ab:8d:4b:05:92:38:8a:31:ed:2c:
a9:c4:ce:55:8a:44:09:c5:b9:fe:12:13:7b:64:23:fb:66:3b:
c6:e2:c6:48:d4:09:4d:fe:fb:9b:2b:83:18:f3:ad:19:ba:c4:
dd:20:5a:80:38:0e:02:bf:42:33:92:5f:d6:2a:50:13:d1:60:
af:2c:0e:bb:4a:95:f4:78:be:96:14:30:1f:d4:d5:75:f3:10:
ae:95:e4:9b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUBLRPSR0mZLwJ28/NvoO4fPixzjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTAwOTA0MTRaFw0yNzA0MDkwOTA5MTRaMDMxMTAvBgNV
BAMTKDQzMDM3NTI2NUQwQjZGMTQyNTEwQjU4N0YyMEVCQzVCREQwMTZCM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2JaZikndvMVfJZElpUsLI2po8
y/IbdX7CDlRdVtXxwNoeMT93YsAr5GcAlv71anJmMInphw3g73+zsKm9F0jlqzkC
B+4x6xJ0wfxCzRoI+vWW5MTtUATx+cNbo1/y5ZOXJkb1jP366E3lPyTixyARNppr
qERf1KGvgRv9HuYjw8jCocQewQfWx7YGQQK8rI5jYWgLpBI3iFvabX0/phXg+8fo
p/fXolmkAILHSjmBF2D9DEnjpGjalHcgH9fIFb4P+fgGyasPaLCA7+a7yoJV1Vxp
fi7aA/9ATPa4SW+sI0fI/z7IFgz1/KYaESNGgC39OpOQz7lYy/UXIMygFbuvAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUQwN1Jl0LbxQlELWH8g68W90BazowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDk5ODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSAYIKwYBBQUHAQcBAf8EOTA3MCQEAgABMB4DBABSGSsD
BABSHWwDBABSJ5oDBABSJ68DBABSKYMwDwQCAAIwCQMHACoTlQAArDANBgkqhkiG
9w0BAQsFAAOCAQEAcO+MXJtVoTu9hBAUKaUJ+zCs9v6fY+FfubgfI6bl2tFzuGM2
7Y1lxoDVRTMB4y6EaUNpdB8Gw6FGDzt0jxy5hPXIXq9MPKZ6c89C2ZMyGMJenHHT
r++c7nAaIAWXFwHzdqY6dJqFRtfiKhjGSf0Lnpwb4K6Pb/qP5LJf7EZQzaS/Vz0e
0gZHVOQQFEETT0kXEEu1Ntpf3JwrFVZuVSTsVGc2DlXwi1rknJ+rjUsFkjiKMe0s
qcTOVYpECcW5/hITe2Qj+2Y7xuLGSNQJTf77myuDGPOtGbrE3SBagDgOAr9CM5Jf
1ipQE9FgrywOu0qV9Hi+lhQwH9TVdfMQrpXkmw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:08:17 2026 by rpki-client