Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203048.roa
File: AS203048.roa (raw, json)
Hash identifier: kjO2jwNQlQDaCxsQKTru9+sismeNxTEaAfEwbP2bi3U=
Subject key identifier: 83:B7:42:92:ED:4E:B6:BC:E0:2A:19:FC:03:FA:03:C6:91:C8:9E:76
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 21E5D4D97FD889F4457FEBF350FFA19E970FD164
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203048.roa
Signing time: Wed 08 Apr 2026 13:47:21 +0000
ROA not before: Wed 08 Apr 2026 13:42:21 +0000
ROA not after: Wed 07 Apr 2027 13:47:21 +0000
asID: 203048
IP address blocks: 82.23.172.0/24 maxlen: 24
82.26.132.0/24 maxlen: 24
82.38.20.0/22 maxlen: 24
84.75.161.0/24 maxlen: 24
84.75.164.0/24 maxlen: 24
84.75.165.0/24 maxlen: 24
84.75.183.0/24 maxlen: 24
178.83.133.0/24 maxlen: 24
178.83.213.0/24 maxlen: 24
178.83.227.0/24 maxlen: 24
178.83.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 Apr 2026 17:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:e5:d4:d9:7f:d8:89:f4:45:7f:eb:f3:50:ff:a1:9e:97:0f:d1:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 8 13:42:21 2026 GMT
Not After : Apr 7 13:47:21 2027 GMT
Subject: CN=83B74292ED4EB6BCE02A19FC03FA03C691C89E76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8a:1d:5e:74:b2:0d:46:bf:b7:16:bb:4d:1e:
8f:ac:27:dd:44:91:c4:69:07:d9:80:11:1f:c5:e6:
77:73:3c:85:4c:9d:9a:9a:e4:c0:a0:70:42:5d:25:
30:bf:2a:0a:41:fc:e9:dd:6e:1a:04:5f:6f:dc:21:
07:b9:1a:a2:fd:d7:cd:b8:6d:b9:ed:73:3a:c4:58:
c3:75:7d:10:92:4e:e9:18:fb:0b:b6:01:52:d4:27:
be:8f:99:a8:d9:2a:0b:86:18:fc:bd:c1:6f:48:9f:
82:d1:b4:67:f3:c1:0e:22:d8:c2:43:26:d6:89:1d:
b8:85:d7:60:c4:38:2f:8a:51:70:0e:c9:1d:d5:46:
4e:50:4a:92:db:43:df:61:5c:cf:c4:d5:13:0c:13:
4a:7d:24:7c:2f:c0:a6:05:48:02:8f:20:7e:f8:4c:
0a:29:e0:2d:34:31:4d:fd:65:11:38:0e:28:7b:a4:
a6:c7:74:84:05:79:c5:23:d7:08:73:b4:d8:9a:ed:
48:01:03:62:56:90:3f:05:65:76:eb:08:60:df:96:
21:e7:38:a9:23:2f:c6:77:16:c1:df:79:0d:55:cf:
ae:8a:6f:6d:51:51:78:71:6f:b7:cc:1b:43:40:4c:
67:75:24:bd:ca:27:56:4d:c3:d7:4a:8b:23:01:51:
02:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B7:42:92:ED:4E:B6:BC:E0:2A:19:FC:03:FA:03:C6:91:C8:9E:76
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203048.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.172.0/24
82.26.132.0/24
82.38.20.0/22
84.75.161.0/24
84.75.164.0/23
84.75.183.0/24
178.83.133.0/24
178.83.213.0/24
178.83.227.0/24
178.83.230.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:c5:64:c6:f4:b0:63:b9:cd:61:4e:2d:18:0c:3c:1b:59:d7:
01:a0:38:1c:f6:11:72:47:06:86:51:f5:a0:4e:31:bb:5d:1e:
ce:5e:e2:60:d9:87:ff:e1:1b:29:bf:73:d0:92:49:4d:57:20:
40:ed:6a:f3:7a:d2:b4:ec:c6:04:33:d3:9e:42:01:d4:1b:7e:
ff:ad:51:39:e3:5c:dc:43:60:d3:bd:b5:2d:ea:92:02:d7:e3:
5d:1b:a9:66:d7:85:c1:04:ce:74:96:8b:df:5d:97:69:47:8e:
35:f5:95:c8:85:75:cd:99:b2:d0:fc:2b:90:8e:0b:1f:43:f9:
7f:a5:76:6f:e8:12:e9:27:1e:d0:5a:59:ab:e5:6a:62:70:c4:
bb:29:bd:e8:6a:38:ca:08:f5:55:7c:b8:e4:1b:e0:df:b6:28:
0f:aa:3a:4a:07:dd:c1:48:93:10:95:02:fd:5b:89:03:c2:2a:
82:1a:8e:0b:56:c1:86:36:ab:b6:f8:86:69:b6:df:2f:3c:f0:
bb:80:64:f8:ef:b6:4c:d8:9d:80:ed:44:15:43:8e:19:d8:3b:
80:03:d9:2b:42:d9:1b:a1:2a:ba:b9:0a:0e:97:1c:b7:fb:d0:
c3:99:d6:51:3a:e9:86:73:03:ef:f0:46:29:75:92:13:29:b5:
20:f8:91:18
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUIeXU2X/YifRFf+vzUP+hnpcP0WQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDgxMzQyMjFaFw0yNzA0MDcxMzQ3MjFaMDMxMTAvBgNV
BAMTKDgzQjc0MjkyRUQ0RUI2QkNFMDJBMTlGQzAzRkEwM0M2OTFDODlFNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrih1edLINRr+3FrtNHo+sJ91E
kcRpB9mAER/F5ndzPIVMnZqa5MCgcEJdJTC/KgpB/OndbhoEX2/cIQe5GqL91824
bbntczrEWMN1fRCSTukY+wu2AVLUJ76PmajZKguGGPy9wW9In4LRtGfzwQ4i2MJD
JtaJHbiF12DEOC+KUXAOyR3VRk5QSpLbQ99hXM/E1RMME0p9JHwvwKYFSAKPIH74
TAop4C00MU39ZRE4Dih7pKbHdIQFecUj1whztNia7UgBA2JWkD8FZXbrCGDfliHn
OKkjL8Z3FsHfeQ1Vz66Kb21RUXhxb7fMG0NATGd1JL3KJ1ZNw9dKiyMBUQJdAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUg7dCku1OtrzgKhn8A/oDxpHInnYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzMDQ4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUhes
AwQAUhqEAwQCUiYUAwQAVEuhAwQBVEukAwQAVEu3AwQAslOFAwQAslPVAwQAslPj
AwQAslPmMA0GCSqGSIb3DQEBCwUAA4IBAQAfxWTG9LBjuc1hTi0YDDwbWdcBoDgc
9hFyRwaGUfWgTjG7XR7OXuJg2Yf/4Rspv3PQkklNVyBA7WrzetK07MYEM9OeQgHU
G37/rVE541zcQ2DTvbUt6pIC1+NdG6lm14XBBM50lovfXZdpR4419ZXIhXXNmbLQ
/CuQjgsfQ/l/pXZv6BLpJx7QWlmr5WpicMS7Kb3oajjKCPVVfLjkG+DftigPqjpK
B93BSJMQlQL9W4kDwiqCGo4LVsGGNqu2+IZptt8vPPC7gGT477ZM2J2A7UQVQ44Z
2DuAA9krQtkboSq6uQoOlxy3+9DDmdZROumGcwPv8EYpdZITKbUg+JEY
-----END CERTIFICATE-----
Generated at Sat Apr 11 01:28:32 2026 by rpki-client