Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203020.roa
File: AS203020.roa (raw, json)
Hash identifier: gE2wliVgGnq+HfT0TnEcFueVlNdnmKZ3mrAnJhJumms=
Subject key identifier: DF:81:B0:34:7D:2C:05:73:AA:49:37:9F:E7:04:35:3F:27:6F:E2:EE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 78EF3B244A292FB06E74A97025F9FDEF0CD7580C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203020.roa
Signing time: Fri 07 Mar 2025 11:27:27 +0000
ROA not before: Fri 07 Mar 2025 11:22:27 +0000
ROA not after: Fri 06 Mar 2026 11:27:27 +0000
asID: 203020
IP address blocks: 82.21.241.0/24 maxlen: 24
82.22.241.0/24 maxlen: 24
82.23.231.0/24 maxlen: 24
82.24.241.0/24 maxlen: 24
82.24.242.0/24 maxlen: 24
82.25.241.0/24 maxlen: 24
82.25.242.0/24 maxlen: 24
82.26.241.0/24 maxlen: 24
82.26.242.0/24 maxlen: 24
82.27.241.0/24 maxlen: 24
82.27.242.0/24 maxlen: 24
82.29.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 11:08:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:ef:3b:24:4a:29:2f:b0:6e:74:a9:70:25:f9:fd:ef:0c:d7:58:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 7 11:22:27 2025 GMT
Not After : Mar 6 11:27:27 2026 GMT
Subject: CN=DF81B0347D2C0573AA49379FE704353F276FE2EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:09:3f:d8:18:ee:29:77:8e:69:85:ac:0d:
95:a5:19:a5:97:de:b6:b0:81:5a:a2:62:2c:56:29:
e2:c6:92:01:f5:1c:27:42:86:68:4b:36:d5:f6:10:
ca:db:b8:08:c6:88:66:86:5b:3c:12:ca:42:e4:5a:
31:0c:dc:d2:a5:31:1e:33:12:6b:61:b1:c1:67:e7:
22:7f:a1:73:0c:c5:d7:2d:c4:a3:59:27:1b:94:ae:
b9:05:87:bc:c4:ec:24:6e:a5:09:ba:de:b9:51:58:
27:27:0e:15:5f:60:c3:56:dc:5b:27:b0:c1:bd:4c:
ed:1d:27:c8:03:21:d6:34:95:d5:22:aa:ce:9e:43:
4f:a7:f3:54:76:b0:bd:5d:4f:ee:91:9a:ed:47:eb:
51:43:37:f9:91:31:b4:e3:57:aa:99:bb:4c:11:5c:
3b:63:71:19:2b:1e:1a:99:6e:8f:4f:b6:00:b7:49:
84:2f:2a:4d:03:06:01:f5:82:71:9a:27:82:d4:39:
cc:54:2e:d7:88:ca:f2:1d:fc:95:00:c0:45:47:44:
15:9f:82:ca:e0:68:d8:ec:dd:a6:e9:65:f3:00:8b:
f4:f9:1b:85:5f:21:23:cd:06:1a:f9:50:b9:0a:67:
81:66:b2:8c:5b:60:d7:31:d9:30:d5:c9:c6:22:1d:
89:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:81:B0:34:7D:2C:05:73:AA:49:37:9F:E7:04:35:3F:27:6F:E2:EE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203020.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.241.0/24
82.22.241.0/24
82.23.231.0/24
82.24.241.0-82.24.242.255
82.25.241.0-82.25.242.255
82.26.241.0-82.26.242.255
82.27.241.0-82.27.242.255
82.29.241.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c7:95:7e:b0:40:17:c4:52:51:6e:66:b0:02:6c:b3:d4:89:
9c:61:4a:5a:e8:20:c5:c0:13:e6:ef:bd:cb:7b:dd:50:6e:39:
7e:e7:44:e4:de:94:41:24:1b:f4:d8:2f:02:3b:4d:8b:57:6d:
8e:0a:40:45:8d:cf:37:65:92:51:a8:fe:eb:12:9b:f1:50:bb:
11:07:6d:83:9e:e9:83:79:c9:f0:2f:95:87:2c:f8:7f:c3:9b:
66:29:7d:66:c8:1b:7f:35:ec:41:6c:4d:bd:a4:f9:0b:7b:c1:
98:f2:f2:e3:db:db:aa:ab:92:53:a1:5b:48:e8:05:2d:e6:c9:
ed:f6:6b:88:36:b7:de:44:41:c1:68:9f:22:ef:de:01:0a:a9:
e6:36:96:d1:3d:a8:df:f5:70:f2:db:12:3a:ce:66:cb:61:86:
7f:fe:34:b5:1b:75:61:6c:ca:a8:30:0e:ec:f6:fc:66:9e:37:
a8:d9:8f:37:1e:b1:c1:17:d3:b8:6a:72:f4:37:5f:8c:6d:a9:
2f:86:e2:ee:d3:d1:54:f6:12:c6:5c:e3:c8:4f:16:ba:a4:f8:
36:40:5a:24:51:ff:a0:f9:4b:e9:75:11:c7:eb:b7:da:67:00:
2f:df:69:07:53:d5:00:2d:d5:51:bd:9a:33:bb:c3:fe:3d:20:
5e:b9:7a:c8
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIUeO87JEopL7BudKlwJfn97wzXWAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMDcxMTIyMjdaFw0yNjAzMDYxMTI3MjdaMDMxMTAvBgNV
BAMTKERGODFCMDM0N0QyQzA1NzNBQTQ5Mzc5RkU3MDQzNTNGMjc2RkUyRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCypAk/2BjuKXeOaYWsDZWlGaWX
3rawgVqiYixWKeLGkgH1HCdChmhLNtX2EMrbuAjGiGaGWzwSykLkWjEM3NKlMR4z
EmthscFn5yJ/oXMMxdctxKNZJxuUrrkFh7zE7CRupQm63rlRWCcnDhVfYMNW3Fsn
sMG9TO0dJ8gDIdY0ldUiqs6eQ0+n81R2sL1dT+6Rmu1H61FDN/mRMbTjV6qZu0wR
XDtjcRkrHhqZbo9PtgC3SYQvKk0DBgH1gnGaJ4LUOcxULteIyvId/JUAwEVHRBWf
gsrgaNjs3abpZfMAi/T5G4VfISPNBhr5ULkKZ4FmsoxbYNcx2TDVycYiHYk9AgMB
AAGjggJUMIICUDAdBgNVHQ4EFgQU34GwNH0sBXOqSTef5wQ1Pydv4u4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzMDIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUhXx
AwQAUhbxAwQAUhfnMAwDBABSGPEDBABSGPIwDAMEAFIZ8QMEAFIZ8jAMAwQAUhrx
AwQAUhryMAwDBABSG/EDBABSG/IDBABSHfEwDQYJKoZIhvcNAQELBQADggEBAJPH
lX6wQBfEUlFuZrACbLPUiZxhSlroIMXAE+bvvct73VBuOX7nROTelEEkG/TYLwI7
TYtXbY4KQEWNzzdlklGo/usSm/FQuxEHbYOe6YN5yfAvlYcs+H/Dm2YpfWbIG381
7EFsTb2k+Qt7wZjy8uPb26qrklOhW0joBS3mye32a4g2t95EQcFonyLv3gEKqeY2
ltE9qN/1cPLbEjrOZsthhn/+NLUbdWFsyqgwDuz2/GaeN6jZjzcescEX07hqcvQ3
X4xtqS+G4u7T0VT2EsZc48hPFrqk+DZAWiRR/6D5S+l1Ecfrt9pnAC/faQdT1QAt
1VG9mjO7w/49IF65esg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:42:11 2025 by rpki-client