Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203048.roa
File: AS203048.roa (raw, json)
Hash identifier: AVtGoWqkRdYRhMv5BTabiVELfivN7QIPZTP2pCfjoaw=
Subject key identifier: AA:48:91:C5:0F:48:7C:3D:5F:4E:FC:FF:16:5B:5D:65:76:76:48:33
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 20E0042413089978DCA6460C74A08DDACD55B73D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203048.roa
Signing time: Mon 25 May 2026 08:46:55 +0000
ROA not before: Mon 25 May 2026 08:41:55 +0000
ROA not after: Mon 24 May 2027 08:46:55 +0000
asID: 203048
IP address blocks: 82.25.199.0/24 maxlen: 24
82.26.124.0/24 maxlen: 24
82.27.105.0/24 maxlen: 24
82.38.20.0/22 maxlen: 24
82.47.41.0/24 maxlen: 24
82.47.53.0/24 maxlen: 24
82.47.58.0/24 maxlen: 24
82.47.97.0/24 maxlen: 24
82.47.98.0/24 maxlen: 24
82.47.102.0/24 maxlen: 24
82.47.115.0/24 maxlen: 24
82.47.136.0/24 maxlen: 24
82.47.145.0/24 maxlen: 24
82.47.149.0/24 maxlen: 24
82.47.169.0/24 maxlen: 24
82.47.170.0/24 maxlen: 24
82.47.171.0/24 maxlen: 24
82.47.209.0/24 maxlen: 24
84.75.197.0/24 maxlen: 24
178.83.71.0/24 maxlen: 24
178.83.133.0/24 maxlen: 24
178.83.186.0/24 maxlen: 24
178.83.203.0/24 maxlen: 24
178.83.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:e0:04:24:13:08:99:78:dc:a6:46:0c:74:a0:8d:da:cd:55:b7:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 25 08:41:55 2026 GMT
Not After : May 24 08:46:55 2027 GMT
Subject: CN=AA4891C50F487C3D5F4EFCFF165B5D6576764833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e4:6e:9a:c2:fe:5f:ca:95:d6:68:ab:03:5d:
ee:12:07:1c:79:e2:46:2a:7f:e0:2f:3b:1b:a3:73:
36:2c:6f:8b:aa:ce:55:bf:3b:00:10:c3:0c:11:da:
14:c6:f0:2d:f4:d0:b4:dc:e2:5b:46:32:8b:6d:82:
e4:40:62:e0:32:a3:7e:ae:f2:05:97:71:ca:0e:79:
c4:94:30:23:3d:84:6d:ff:67:4e:4a:22:59:44:36:
1e:89:57:d3:fb:92:44:37:19:37:e4:58:6e:0a:fd:
f9:c0:8e:9f:46:20:b0:4c:25:0d:9b:72:2e:27:af:
ec:7e:e7:9c:fc:a4:5d:78:e8:f8:0f:7c:12:d6:2d:
83:6f:36:21:b6:36:bf:e2:77:3c:19:32:52:18:87:
e2:06:d3:42:01:bd:7a:ad:89:50:96:13:ac:e7:7c:
73:5c:1c:94:1c:09:79:10:fd:b6:9a:9a:8d:1d:73:
8f:0a:df:95:22:4f:d1:15:d2:8a:bc:66:07:65:a4:
c4:77:af:d9:bb:4f:5a:c5:2a:0a:63:f3:dd:f8:eb:
f4:59:f9:a8:e7:33:b3:8e:41:81:aa:c8:0f:08:5d:
97:8f:4f:ae:1e:d7:be:f8:6f:f6:4a:ae:61:18:d4:
7c:7f:2a:2d:c6:c3:76:b2:15:7a:84:4f:54:06:a4:
e6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:48:91:C5:0F:48:7C:3D:5F:4E:FC:FF:16:5B:5D:65:76:76:48:33
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203048.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.199.0/24
82.26.124.0/24
82.27.105.0/24
82.38.20.0/22
82.47.41.0/24
82.47.53.0/24
82.47.58.0/24
82.47.97.0-82.47.98.255
82.47.102.0/24
82.47.115.0/24
82.47.136.0/24
82.47.145.0/24
82.47.149.0/24
82.47.169.0-82.47.171.255
82.47.209.0/24
84.75.197.0/24
178.83.71.0/24
178.83.133.0/24
178.83.186.0/24
178.83.203.0/24
178.83.225.0/24
Signature Algorithm: sha256WithRSAEncryption
63:ef:fe:4d:2a:6c:d8:29:ba:91:21:24:32:45:47:41:f4:1d:
6a:26:c2:41:97:95:bd:02:73:5f:69:4e:d7:af:4e:9a:7a:94:
de:6c:5a:66:0a:bd:ee:0f:13:e4:dd:63:ad:32:4b:84:91:ec:
bf:df:4a:57:e1:ad:ee:76:a0:b7:b8:ec:05:7c:f7:5f:89:4d:
d9:a0:bd:b8:22:bd:bf:87:5b:42:94:f6:fa:7c:21:7e:5e:1c:
4a:63:ba:4d:93:f4:64:23:50:9b:e3:0a:f3:50:32:f5:f0:81:
27:a6:b3:90:6d:81:c4:03:fe:d4:2d:1f:41:91:26:4c:60:a2:
a6:d7:1d:b6:39:0b:02:06:b6:21:1b:44:66:2c:d1:0d:54:2d:
eb:26:98:33:e9:05:c3:a2:73:58:53:52:2c:ec:e6:a4:f2:89:
84:4d:e3:e1:1e:a6:4a:ad:e9:6c:cf:ad:93:f3:be:29:ca:fb:
85:fc:75:ca:bc:11:06:cd:4d:a0:96:bd:11:e8:b9:5b:95:b3:
6a:f9:17:53:09:aa:ce:4e:a3:3b:71:1a:ef:da:bd:d8:6c:24:
64:24:ce:39:e8:20:a6:d7:33:59:cb:c1:dd:2b:e9:a8:7b:46:
4e:78:e9:9f:92:bb:91:c8:5f:c8:4f:b9:dd:a3:f5:cd:37:19:
7e:4a:86:c2
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIUIOAEJBMImXjcpkYMdKCN2s1Vtz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjUwODQxNTVaFw0yNzA1MjQwODQ2NTVaMDMxMTAvBgNV
BAMTKEFBNDg5MUM1MEY0ODdDM0Q1RjRFRkNGRjE2NUI1RDY1NzY3NjQ4MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU5G6awv5fypXWaKsDXe4SBxx5
4kYqf+AvOxujczYsb4uqzlW/OwAQwwwR2hTG8C300LTc4ltGMottguRAYuAyo36u
8gWXccoOecSUMCM9hG3/Z05KIllENh6JV9P7kkQ3GTfkWG4K/fnAjp9GILBMJQ2b
ci4nr+x+55z8pF146PgPfBLWLYNvNiG2Nr/idzwZMlIYh+IG00IBvXqtiVCWE6zn
fHNcHJQcCXkQ/baamo0dc48K35UiT9EV0oq8ZgdlpMR3r9m7T1rFKgpj89346/RZ
+ajnM7OOQYGqyA8IXZePT64e1774b/ZKrmEY1Hx/Ki3Gw3ayFXqET1QGpOZ1AgMB
AAGjggKXMIICkzAdBgNVHQ4EFgQUqkiRxQ9IfD1fTvz/FltdZXZ2SDMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzMDQ4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4D
BABSGccDBABSGnwDBABSG2kDBAJSJhQDBABSLykDBABSLzUDBABSLzowDAMEAFIv
YQMEAFIvYgMEAFIvZgMEAFIvcwMEAFIviAMEAFIvkQMEAFIvlTAMAwQAUi+pAwQC
Ui+oAwQAUi/RAwQAVEvFAwQAslNHAwQAslOFAwQAslO6AwQAslPLAwQAslPhMA0G
CSqGSIb3DQEBCwUAA4IBAQBj7/5NKmzYKbqRISQyRUdB9B1qJsJBl5W9AnNfaU7X
r06aepTebFpmCr3uDxPk3WOtMkuEkey/30pX4a3udqC3uOwFfPdfiU3ZoL24Ir2/
h1tClPb6fCF+XhxKY7pNk/RkI1Cb4wrzUDL18IEnprOQbYHEA/7ULR9BkSZMYKKm
1x22OQsCBrYhG0RmLNENVC3rJpgz6QXDonNYU1Is7Oak8omETePhHqZKrelsz62T
874pyvuF/HXKvBEGzU2glr0R6LlblbNq+RdTCarOTqM7cRrv2r3YbCRkJM456CCm
1zNZy8HdK+moe0ZOeOmfkruRyF/IT7ndo/XNNxl+SobC
-----END CERTIFICATE-----
Generated at Tue May 26 03:58:53 2026 by rpki-client