Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS8220.roa
File: AS8220.roa (raw, json)
Hash identifier: BcvX1uT9QPvAD8WylT31bVZrsq7aOyCTHql3WPDJXPw=
Subject key identifier: E5:2D:AB:32:3F:4C:EF:98:B3:9F:63:01:E9:73:D8:39:2F:09:97:61
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 788CDA40ABA17144E2C603A0A9528C38B09C4CBC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS8220.roa
Signing time: Wed 05 Feb 2025 22:15:17 +0000
ROA not before: Wed 05 Feb 2025 22:10:17 +0000
ROA not after: Wed 04 Feb 2026 22:15:17 +0000
asID: 8220
IP address blocks: 82.24.188.0/24 maxlen: 24
82.25.137.0/24 maxlen: 24
82.25.141.0/24 maxlen: 24
82.25.144.0/24 maxlen: 24
82.25.184.0/24 maxlen: 24
82.27.9.0/24 maxlen: 24
82.27.99.0/24 maxlen: 24
82.27.104.0/24 maxlen: 24
82.27.120.0/24 maxlen: 24
82.27.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:8c:da:40:ab:a1:71:44:e2:c6:03:a0:a9:52:8c:38:b0:9c:4c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 5 22:10:17 2025 GMT
Not After : Feb 4 22:15:17 2026 GMT
Subject: CN=E52DAB323F4CEF98B39F6301E973D8392F099761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b4:cc:7a:6f:22:44:34:e7:8c:23:66:37:89:
cf:3c:29:21:52:7b:b4:de:3d:b6:89:c9:d4:fc:aa:
98:0a:60:60:c8:ac:0b:3c:12:6d:b0:87:4a:a7:15:
f8:7f:97:7d:50:9b:1a:1b:37:0e:01:0c:c8:15:6e:
99:94:59:9b:8c:56:25:c4:31:1a:46:35:c0:86:27:
92:c7:3a:49:70:50:91:e3:ef:d0:1d:92:e0:1b:6f:
42:8c:f9:c1:35:c6:a7:53:f2:35:a4:1f:ca:4e:dc:
4f:62:a1:6f:87:31:33:0a:a7:ff:20:e2:13:9e:98:
24:99:1c:94:13:19:ef:3a:97:1e:1f:25:fa:4f:ca:
f8:6c:7d:ef:33:93:44:44:74:f1:d4:88:11:3b:79:
9b:12:d5:04:22:8d:52:5d:70:25:18:3e:79:a6:ff:
1b:d9:5b:5f:01:ae:df:49:c7:35:8f:f7:23:68:c8:
8e:01:e5:4f:da:0a:38:eb:b6:b1:a3:51:b2:ca:c4:
39:5b:56:ec:ee:32:4c:83:a5:24:93:78:ba:bc:df:
cb:08:18:dd:b2:13:44:0f:56:c7:cb:1e:82:26:53:
4d:8e:4b:d3:c3:80:af:78:53:9c:d7:42:81:2c:15:
03:ea:e5:4b:01:d3:49:ff:00:58:a4:ec:bb:18:cb:
60:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:2D:AB:32:3F:4C:EF:98:B3:9F:63:01:E9:73:D8:39:2F:09:97:61
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS8220.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.188.0/24
82.25.137.0/24
82.25.141.0/24
82.25.144.0/24
82.25.184.0/24
82.27.9.0/24
82.27.99.0/24
82.27.104.0/24
82.27.120.0/24
82.27.206.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:47:b0:6d:2b:66:9c:71:42:58:f4:84:e0:fa:fd:a9:77:87:
ac:75:8a:c1:17:be:ea:6e:0e:c8:aa:c2:56:1a:ee:be:5b:59:
89:5a:32:f4:ee:b5:c7:48:c3:2b:18:24:f0:43:36:df:5a:6d:
20:29:27:a8:72:3a:70:d1:d3:ec:bf:46:8c:6e:89:9f:78:b2:
58:0a:40:6c:1a:8c:40:f4:e3:d8:ef:b4:19:21:e3:3d:10:7f:
46:4e:89:fb:16:16:10:8f:70:05:75:b2:2b:2a:97:60:44:08:
fb:d6:68:a0:5a:ae:1a:23:7f:cc:1a:66:bf:ee:47:0f:4f:bc:
f4:a4:2d:04:72:a4:cb:f8:b4:55:51:10:9b:56:4b:37:82:e8:
ed:f9:40:7d:d9:6d:c6:73:68:b4:3e:e5:86:3c:e3:92:05:83:
ff:f0:e9:c7:67:e7:87:ec:6a:3e:d3:80:f9:12:d1:5b:66:ea:
13:48:c1:ec:5d:d2:ce:23:b5:a6:4f:88:c5:46:e2:c2:cd:18:
7f:1d:6a:06:94:b0:0e:8b:79:be:f3:55:78:ca:3c:c4:7c:33:
ec:a2:97:0e:79:d7:ef:67:ee:bf:ca:c1:35:cc:57:21:ad:2c:
f1:c0:74:7d:b5:3c:05:a4:61:68:71:8f:73:09:de:67:0b:03:
50:3e:09:46
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUeIzaQKuhcUTixgOgqVKMOLCcTLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDUyMjEwMTdaFw0yNjAyMDQyMjE1MTdaMDMxMTAvBgNV
BAMTKEU1MkRBQjMyM0Y0Q0VGOThCMzlGNjMwMUU5NzNEODM5MkYwOTk3NjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3tMx6byJENOeMI2Y3ic88KSFS
e7TePbaJydT8qpgKYGDIrAs8Em2wh0qnFfh/l31QmxobNw4BDMgVbpmUWZuMViXE
MRpGNcCGJ5LHOklwUJHj79AdkuAbb0KM+cE1xqdT8jWkH8pO3E9ioW+HMTMKp/8g
4hOemCSZHJQTGe86lx4fJfpPyvhsfe8zk0REdPHUiBE7eZsS1QQijVJdcCUYPnmm
/xvZW18Brt9JxzWP9yNoyI4B5U/aCjjrtrGjUbLKxDlbVuzuMkyDpSSTeLq838sI
GN2yE0QPVsfLHoImU02OS9PDgK94U5zXQoEsFQPq5UsB00n/AFik7LsYy2BZAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU5S2rMj9M75izn2MB6XPYOS8Jl2EwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODIyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAFIYvAME
AFIZiQMEAFIZjQMEAFIZkAMEAFIZuAMEAFIbCQMEAFIbYwMEAFIbaAMEAFIbeAME
AFIbzjANBgkqhkiG9w0BAQsFAAOCAQEAf0ewbStmnHFCWPSE4Pr9qXeHrHWKwRe+
6m4OyKrCVhruvltZiVoy9O61x0jDKxgk8EM231ptICknqHI6cNHT7L9GjG6Jn3iy
WApAbBqMQPTj2O+0GSHjPRB/Rk6J+xYWEI9wBXWyKyqXYEQI+9ZooFquGiN/zBpm
v+5HD0+89KQtBHKky/i0VVEQm1ZLN4Lo7flAfdltxnNotD7lhjzjkgWD//Dpx2fn
h+xqPtOA+RLRW2bqE0jB7F3SziO1pk+IxUbiws0Yfx1qBpSwDot5vvNVeMo8xHwz
7KKXDnnX72fuv8rBNcxXIa0s8cB0fbU8BaRhaHGPcwneZwsDUD4JRg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:28:42 2025 by rpki-client