Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49981.roa
File: AS49981.roa (raw, json)
Hash identifier: Si6yhyoB/0J6kVq87bLbDSu8ip4zdFhULq6LdFW/UK8=
Subject key identifier: 38:DD:86:2B:25:92:16:97:26:C1:ED:A5:05:24:B2:6F:7D:2D:2A:E8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7D611CE4CD14F7A0EF21E4604390DE77AB5CE4AB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49981.roa
Signing time: Mon 23 Feb 2026 16:38:15 +0000
ROA not before: Mon 23 Feb 2026 16:33:15 +0000
ROA not after: Mon 22 Feb 2027 16:38:15 +0000
asID: 49981
IP address blocks: 82.25.43.0/24 maxlen: 24
82.29.108.0/24 maxlen: 24
82.39.154.0/24 maxlen: 24
82.39.175.0/24 maxlen: 24
2a13:9500:ac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:61:1c:e4:cd:14:f7:a0:ef:21:e4:60:43:90:de:77:ab:5c:e4:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 23 16:33:15 2026 GMT
Not After : Feb 22 16:38:15 2027 GMT
Subject: CN=38DD862B2592169726C1EDA50524B26F7D2D2AE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:19:af:d0:d7:a1:50:8c:45:8b:09:66:21:75:
be:07:01:35:56:57:bc:a3:55:6a:90:84:c5:36:fd:
71:8f:30:64:ec:cf:3c:69:cc:b8:80:cb:4d:08:f7:
6b:8a:03:5c:08:5d:81:07:a3:4a:10:9f:a8:27:e9:
f9:a9:32:0c:0a:9f:ef:d5:aa:1c:da:88:61:d7:41:
71:bd:06:16:a1:64:89:f2:1f:c6:07:5b:be:95:67:
54:d0:16:50:00:6c:00:6c:89:92:51:15:03:12:10:
f7:c9:be:ef:df:18:96:89:83:64:91:d4:49:2d:56:
90:1e:7d:60:ff:ee:47:ea:82:81:e0:8b:e6:ef:99:
93:73:67:f3:5f:52:93:ea:53:8a:04:f3:fc:34:2a:
14:76:b4:83:67:27:e8:0a:54:82:84:22:df:d4:38:
31:06:16:67:b6:d9:7f:68:74:3d:e3:89:81:53:78:
c0:45:01:20:ff:2e:15:31:4c:c3:1a:62:68:f7:22:
fd:76:d3:e8:15:d3:e2:a3:34:52:cb:92:2d:c2:30:
b0:09:6f:4d:57:a2:87:df:0a:a9:9c:a0:b0:5b:17:
e0:f8:7c:2f:bc:a2:4e:53:b4:4e:30:bf:8b:37:b6:
0b:df:e3:9f:9c:53:3c:f9:17:4d:d8:ea:aa:97:4f:
44:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DD:86:2B:25:92:16:97:26:C1:ED:A5:05:24:B2:6F:7D:2D:2A:E8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49981.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.43.0/24
82.29.108.0/24
82.39.154.0/24
82.39.175.0/24
IPv6:
2a13:9500:ac::/48
Signature Algorithm: sha256WithRSAEncryption
5b:7a:c8:5b:59:1b:be:af:1a:15:4e:79:65:2f:4a:09:99:77:
b9:86:92:f5:84:db:79:03:66:b0:31:6c:9e:f9:d1:0c:71:f7:
06:06:78:12:e9:3c:f9:67:d2:20:ea:fd:d0:67:ab:ba:cc:11:
8f:0b:79:33:c8:84:e1:41:13:a2:7f:e8:b4:ad:b1:92:be:d5:
f9:a4:d8:c8:fb:cc:df:2b:13:dc:64:73:30:6e:ba:dc:30:29:
c4:91:21:9f:9d:a8:56:bd:a9:b2:6e:10:94:0e:c7:ef:bc:1c:
74:12:38:45:5a:08:a1:8a:76:79:32:e2:cb:13:26:80:a1:fe:
0e:4e:4b:df:c8:05:fc:61:9d:07:00:d7:88:f9:24:aa:99:02:
70:0b:bf:a5:1e:3a:f0:9b:58:44:a3:84:46:38:20:b4:58:15:
17:02:7e:fd:1b:6c:87:6b:97:dc:61:30:1a:f8:74:e0:5b:7b:
30:82:8b:03:69:8b:19:a4:06:2f:69:c4:7a:0d:dc:31:6f:3b:
f8:6b:14:59:10:92:06:f7:08:93:dc:23:65:5f:9d:a9:80:46:
74:93:19:0c:5b:48:bb:1f:8d:d0:70:8d:fe:a7:ba:a0:19:f2:
27:e5:cf:4a:4f:14:36:59:ee:db:d5:44:ed:ee:48:06:74:fb:
90:0f:dd:e0
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUfWEc5M0U96DvIeRgQ5Ded6tc5KswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMjMxNjMzMTVaFw0yNzAyMjIxNjM4MTVaMDMxMTAvBgNV
BAMTKDM4REQ4NjJCMjU5MjE2OTcyNkMxRURBNTA1MjRCMjZGN0QyRDJBRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYGa/Q16FQjEWLCWYhdb4HATVW
V7yjVWqQhMU2/XGPMGTszzxpzLiAy00I92uKA1wIXYEHo0oQn6gn6fmpMgwKn+/V
qhzaiGHXQXG9BhahZInyH8YHW76VZ1TQFlAAbABsiZJRFQMSEPfJvu/fGJaJg2SR
1EktVpAefWD/7kfqgoHgi+bvmZNzZ/NfUpPqU4oE8/w0KhR2tINnJ+gKVIKEIt/U
ODEGFme22X9odD3jiYFTeMBFASD/LhUxTMMaYmj3Iv120+gV0+KjNFLLki3CMLAJ
b01XooffCqmcoLBbF+D4fC+8ok5TtE4wv4s3tgvf45+cUzz5F03Y6qqXT0QTAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUON2GKyWSFpcmwe2lBSSyb30tKugwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDk5ODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMB4EAgABMBgDBABSGSsD
BABSHWwDBABSJ5oDBABSJ68wDwQCAAIwCQMHACoTlQAArDANBgkqhkiG9w0BAQsF
AAOCAQEAW3rIW1kbvq8aFU55ZS9KCZl3uYaS9YTbeQNmsDFsnvnRDHH3BgZ4Euk8
+WfSIOr90GeruswRjwt5M8iE4UETon/otK2xkr7V+aTYyPvM3ysT3GRzMG663DAp
xJEhn52oVr2psm4QlA7H77wcdBI4RVoIoYp2eTLiyxMmgKH+Dk5L38gF/GGdBwDX
iPkkqpkCcAu/pR468JtYRKOERjggtFgVFwJ+/Rtsh2uX3GEwGvh04Ft7MIKLA2mL
GaQGL2nEeg3cMW87+GsUWRCSBvcIk9wjZV+dqYBGdJMZDFtIux+N0HCN/qe6oBny
J+XPSk8UNlnu29VE7e5IBnT7kA/d4A==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:13:20 2026 by rpki-client