Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS56322.roa
File: AS56322.roa (raw, json)
Hash identifier: M00ra3bpjpFTx6cCnuEBmuB2kqZfxJb+WZq+MH8i0Ik=
Subject key identifier: 76:BE:8F:93:78:9F:92:D6:F8:F2:D8:B9:AC:4A:EC:43:AC:EF:81:C6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 43595230205351E2C4CA168054E6AA3866322893
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS56322.roa
Signing time: Wed 18 Feb 2026 13:55:38 +0000
ROA not before: Wed 18 Feb 2026 13:50:38 +0000
ROA not after: Wed 17 Feb 2027 13:55:38 +0000
asID: 56322
IP address blocks: 82.21.225.0/24 maxlen: 24
82.21.226.0/24 maxlen: 24
82.22.225.0/24 maxlen: 24
82.23.199.0/24 maxlen: 24
82.23.215.0/24 maxlen: 24
82.23.218.0/24 maxlen: 24
82.24.227.0/24 maxlen: 24
82.25.223.0/24 maxlen: 24
82.25.236.0/24 maxlen: 24
82.26.231.0/24 maxlen: 24
82.29.209.0/24 maxlen: 24
82.29.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:59:52:30:20:53:51:e2:c4:ca:16:80:54:e6:aa:38:66:32:28:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 18 13:50:38 2026 GMT
Not After : Feb 17 13:55:38 2027 GMT
Subject: CN=76BE8F93789F92D6F8F2D8B9AC4AEC43ACEF81C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e0:d7:bf:db:0f:ef:4e:c2:6a:76:c7:6e:bf:
cb:7d:ed:fd:18:c9:a2:f9:ed:67:35:f1:f9:1a:4d:
ff:17:bb:ef:07:9a:df:37:24:ae:9d:7d:92:b0:5d:
bd:ad:98:74:c8:4b:73:fe:7a:b6:51:74:e6:b5:38:
1a:6b:99:ef:04:83:18:62:90:dd:36:b0:c0:4d:15:
9b:8f:6b:3b:66:2e:15:e1:83:d2:7c:f0:bc:1d:33:
e9:0c:86:3b:82:06:c8:a4:25:f8:2f:8a:ad:90:bd:
c0:86:93:3f:ca:26:8e:4e:3c:ae:50:3a:b0:df:e0:
b8:8c:7d:3f:35:11:29:c1:bd:af:4e:c2:0b:d2:2d:
66:65:0b:6d:47:a7:6e:90:cf:23:e6:9e:e8:b1:2e:
ec:53:9b:0b:c0:d6:4a:99:a1:6d:32:da:b8:c4:db:
c2:8f:75:93:ce:36:b7:b7:ba:1d:db:ea:49:3a:9e:
25:f6:23:50:91:33:28:dc:e2:96:15:ef:fb:b6:b9:
4a:6b:72:64:fd:76:a5:d2:27:9f:c2:74:d0:d4:85:
3a:33:2c:28:8a:3b:9e:a3:d3:51:e0:30:2e:47:95:
50:2e:d3:51:5f:aa:8f:e1:b3:2f:db:f3:e2:bd:3d:
fb:71:ee:4f:bf:83:10:b5:e5:a9:a4:0d:2e:20:14:
5f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BE:8F:93:78:9F:92:D6:F8:F2:D8:B9:AC:4A:EC:43:AC:EF:81:C6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS56322.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.225.0-82.21.226.255
82.22.225.0/24
82.23.199.0/24
82.23.215.0/24
82.23.218.0/24
82.24.227.0/24
82.25.223.0/24
82.25.236.0/24
82.26.231.0/24
82.29.209.0/24
82.29.236.0/24
Signature Algorithm: sha256WithRSAEncryption
58:8a:48:f8:af:84:4d:b4:c8:47:c8:c2:07:11:ed:63:00:2b:
cb:16:07:a4:70:76:b3:90:ff:fb:77:5c:f7:ed:68:82:4b:e0:
91:7e:ea:c4:05:dd:70:07:60:91:a4:cc:03:86:d5:dc:dc:5f:
6f:01:cb:fb:4b:16:6e:ed:c5:3a:69:60:ba:fa:d6:35:08:00:
7b:67:29:10:2a:9f:c4:c2:2b:e3:d5:f3:6b:c7:91:4c:00:b0:
ec:76:e1:ad:87:67:6a:42:38:e7:99:ee:26:8f:53:39:fe:3f:
4f:b5:5b:9e:25:c4:8e:d4:65:4f:f3:01:44:e6:60:0b:ba:b4:
ff:e8:10:84:c1:ea:ff:6a:2c:56:a4:f9:32:fb:a3:3c:24:16:
25:e2:0d:45:b6:01:84:03:23:89:61:87:a4:0b:8b:03:aa:88:
d0:59:07:0b:83:ac:7e:e8:4f:8b:e3:b7:9b:17:41:ec:08:5c:
e3:67:b4:8f:b5:25:82:87:1a:c4:38:1a:68:8c:6e:1c:bb:84:
0e:b0:c4:bc:d5:9e:b8:73:4a:e1:cc:e1:b8:32:0e:5e:51:5a:
de:2b:bd:02:57:f0:89:71:4b:19:ee:6d:3f:af:81:6f:c6:72:
c0:f9:74:9b:ee:e8:c1:15:6d:68:56:34:97:15:95:88:79:84:
26:0a:91:44
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUQ1lSMCBTUeLEyhaAVOaqOGYyKJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMTgxMzUwMzhaFw0yNzAyMTcxMzU1MzhaMDMxMTAvBgNV
BAMTKDc2QkU4RjkzNzg5RjkyRDZGOEYyRDhCOUFDNEFFQzQzQUNFRjgxQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA4Ne/2w/vTsJqdsduv8t97f0Y
yaL57Wc18fkaTf8Xu+8Hmt83JK6dfZKwXb2tmHTIS3P+erZRdOa1OBprme8Egxhi
kN02sMBNFZuPaztmLhXhg9J88LwdM+kMhjuCBsikJfgviq2QvcCGkz/KJo5OPK5Q
OrDf4LiMfT81ESnBva9OwgvSLWZlC21Hp26QzyPmnuixLuxTmwvA1kqZoW0y2rjE
28KPdZPONre3uh3b6kk6niX2I1CRMyjc4pYV7/u2uUprcmT9dqXSJ5/CdNDUhToz
LCiKO56j01HgMC5HlVAu01Ffqo/hsy/b8+K9Pftx7k+/gxC15amkDS4gFF+hAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUdr6Pk3ifktb48ti5rErsQ6zvgcYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTYzMjIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgABMEowDAMEAFIV
4QMEAFIV4gMEAFIW4QMEAFIXxwMEAFIX1wMEAFIX2gMEAFIY4wMEAFIZ3wMEAFIZ
7AMEAFIa5wMEAFId0QMEAFId7DANBgkqhkiG9w0BAQsFAAOCAQEAWIpI+K+ETbTI
R8jCBxHtYwAryxYHpHB2s5D/+3dc9+1ogkvgkX7qxAXdcAdgkaTMA4bV3NxfbwHL
+0sWbu3FOmlguvrWNQgAe2cpECqfxMIr49Xza8eRTACw7HbhrYdnakI455nuJo9T
Of4/T7VbniXEjtRlT/MBROZgC7q0/+gQhMHq/2osVqT5MvujPCQWJeINRbYBhAMj
iWGHpAuLA6qI0FkHC4OsfuhPi+O3mxdB7Ahc42e0j7UlgocaxDgaaIxuHLuEDrDE
vNWeuHNK4czhuDIOXlFa3iu9AlfwiXFLGe5tP6+Bb8ZywPl0m+7owRVtaFY0lxWV
iHmEJgqRRA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:13:34 2026 by rpki-client