Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203020.roa
File: AS203020.roa (raw, json)
Hash identifier: N2bwB6h8LjBGfWrV8itABE69NidNgM5omkMPDWjqlBM=
Subject key identifier: C8:76:44:40:65:06:4D:E9:04:AE:3A:A6:17:BB:F9:43:3F:DA:6C:2F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0157840F41B9679E83D5EA2660339FA5107EBF00
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203020.roa
Signing time: Mon 18 May 2026 13:47:14 +0000
ROA not before: Mon 18 May 2026 13:42:14 +0000
ROA not after: Mon 17 May 2027 13:47:14 +0000
asID: 203020
IP address blocks: 82.21.241.0/24 maxlen: 24
82.24.242.0/24 maxlen: 24
82.25.242.0/24 maxlen: 24
82.26.242.0/24 maxlen: 24
82.27.242.0/24 maxlen: 24
82.29.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:57:84:0f:41:b9:67:9e:83:d5:ea:26:60:33:9f:a5:10:7e:bf:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 18 13:42:14 2026 GMT
Not After : May 17 13:47:14 2027 GMT
Subject: CN=C876444065064DE904AE3AA617BBF9433FDA6C2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:09:a3:7d:c2:67:79:99:b6:6f:b3:f6:ab:d6:
ea:ab:6e:d4:44:09:2e:71:da:95:b8:18:ac:21:f0:
96:45:d2:0b:a6:98:05:fc:a2:9c:75:40:87:5a:a9:
bd:d6:a3:46:29:93:f8:83:eb:91:d0:ce:12:e6:e5:
9b:54:91:ca:96:17:ba:2c:2f:6c:ab:1e:ee:c1:a6:
44:da:d9:3a:69:a5:5f:a6:17:0a:01:7e:1d:6a:9c:
92:41:5f:50:c3:79:59:e3:18:11:39:40:46:03:75:
5a:f0:a6:c9:57:c0:70:d9:40:72:12:35:0e:f2:e7:
14:6c:4a:bb:58:5f:4a:dd:ec:99:04:f0:f5:96:71:
8c:a1:11:00:8c:e0:bc:50:18:c5:7b:d3:a6:a5:96:
73:f9:8f:9f:45:77:37:69:aa:09:66:68:08:ad:df:
a2:5b:4a:8d:19:74:97:d3:e1:5b:50:21:a5:d9:70:
dc:0e:c0:8b:97:78:5a:73:59:3c:38:6e:ad:eb:ac:
14:46:fb:38:68:2b:ba:30:86:53:f3:8e:44:f4:6f:
bb:f3:29:47:d2:e0:72:f6:9d:a4:f4:a6:82:a8:b5:
4a:59:9b:cd:c9:5f:66:5e:8b:1b:43:07:a0:9e:7f:
8f:48:a9:92:50:b8:ed:1b:66:23:10:3a:2e:61:15:
78:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:76:44:40:65:06:4D:E9:04:AE:3A:A6:17:BB:F9:43:3F:DA:6C:2F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203020.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.241.0/24
82.24.242.0/24
82.25.242.0/24
82.26.242.0/24
82.27.242.0/24
82.29.241.0/24
Signature Algorithm: sha256WithRSAEncryption
44:20:d4:26:5f:f0:6d:43:7e:a2:b7:79:8d:6d:fd:a6:54:bb:
cb:e9:4e:2c:7b:da:42:61:ea:30:51:04:61:12:65:fa:af:e8:
a8:fd:ae:ad:8d:6f:7c:2b:7a:98:5b:ee:2f:db:2b:16:21:e1:
5f:ba:b0:8e:2e:68:77:2f:e6:2a:e7:ca:82:11:13:7d:86:00:
00:66:3c:07:0b:50:2c:4d:ae:ca:2b:55:34:22:21:7e:00:bc:
23:62:43:f7:6b:55:09:9e:5b:36:e7:ca:52:5f:24:dc:6d:33:
8f:5f:4c:99:84:4a:e6:39:8e:5b:c6:02:fc:9a:ea:01:a5:e8:
3d:c3:12:be:61:dd:99:7f:c4:0d:f6:f8:e7:f6:d0:ea:1c:1c:
54:47:f7:4a:59:7e:cd:28:16:50:d1:17:d7:94:13:90:19:14:
a2:3b:c9:76:1b:54:b0:bc:45:aa:5c:39:7c:1e:8b:ae:bd:fa:
07:4d:9e:dc:be:a2:ac:9e:fa:b0:01:26:c0:e3:a3:f7:68:0c:
be:f4:46:b3:5e:44:47:de:d4:57:72:85:40:bc:ed:eb:02:2b:
00:16:c1:c6:79:be:1f:af:c3:e2:e0:ec:f4:40:37:42:12:43:
17:f5:0b:df:4c:43:5f:66:77:ef:02:1d:4e:01:84:8f:79:2e:
c5:78:14:50
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUAVeED0G5Z56D1eomYDOfpRB+vwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTgxMzQyMTRaFw0yNzA1MTcxMzQ3MTRaMDMxMTAvBgNV
BAMTKEM4NzY0NDQwNjUwNjRERTkwNEFFM0FBNjE3QkJGOTQzM0ZEQTZDMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsCaN9wmd5mbZvs/ar1uqrbtRE
CS5x2pW4GKwh8JZF0gummAX8opx1QIdaqb3Wo0Ypk/iD65HQzhLm5ZtUkcqWF7os
L2yrHu7BpkTa2TpppV+mFwoBfh1qnJJBX1DDeVnjGBE5QEYDdVrwpslXwHDZQHIS
NQ7y5xRsSrtYX0rd7JkE8PWWcYyhEQCM4LxQGMV706allnP5j59FdzdpqglmaAit
36JbSo0ZdJfT4VtQIaXZcNwOwIuXeFpzWTw4bq3rrBRG+zhoK7owhlPzjkT0b7vz
KUfS4HL2naT0poKotUpZm83JX2ZeixtDB6Cef49IqZJQuO0bZiMQOi5hFXhDAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUyHZEQGUGTekErjqmF7v5Qz/abC8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzMDIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUhXx
AwQAUhjyAwQAUhnyAwQAUhryAwQAUhvyAwQAUh3xMA0GCSqGSIb3DQEBCwUAA4IB
AQBEINQmX/BtQ36it3mNbf2mVLvL6U4se9pCYeowUQRhEmX6r+io/a6tjW98K3qY
W+4v2ysWIeFfurCOLmh3L+Yq58qCERN9hgAAZjwHC1AsTa7KK1U0IiF+ALwjYkP3
a1UJnls258pSXyTcbTOPX0yZhErmOY5bxgL8muoBpeg9wxK+Yd2Zf8QN9vjn9tDq
HBxUR/dKWX7NKBZQ0RfXlBOQGRSiO8l2G1SwvEWqXDl8HouuvfoHTZ7cvqKsnvqw
ASbA46P3aAy+9EazXkRH3tRXcoVAvO3rAisAFsHGeb4fr8Pi4Oz0QDdCEkMX9Qvf
TENfZnfvAh1OAYSPeS7FeBRQ
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:11:20 2026 by rpki-client