Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203964.roa
File: AS203964.roa (raw, json)
Hash identifier: 0F4nLQ+UK2R62mUTdb+kxRH3VQjUXJ6ii7Al8VwnpdE=
Subject key identifier: E2:30:E2:14:77:F9:20:B4:93:54:DD:96:21:F9:D9:33:23:BE:6C:A9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 059571D80EA3040C584BE9588BC91D9E3DCE9CAE
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203964.roa
Signing time: Thu 03 Apr 2025 08:24:24 +0000
ROA not before: Thu 03 Apr 2025 08:19:24 +0000
ROA not after: Thu 02 Apr 2026 08:24:24 +0000
asID: 203964
IP address blocks: 82.21.209.0/24 maxlen: 24
82.21.211.0/24 maxlen: 24
82.21.221.0/24 maxlen: 24
82.22.209.0/24 maxlen: 24
82.22.226.0/24 maxlen: 24
82.23.211.0/24 maxlen: 24
82.23.221.0/24 maxlen: 24
82.24.215.0/24 maxlen: 24
82.24.217.0/24 maxlen: 24
82.24.232.0/24 maxlen: 24
82.25.226.0/24 maxlen: 24
82.25.231.0/24 maxlen: 24
82.26.213.0/24 maxlen: 24
82.27.219.0/24 maxlen: 24
82.29.212.0/24 maxlen: 24
82.29.219.0/24 maxlen: 24
82.29.222.0/24 maxlen: 24
82.29.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:95:71:d8:0e:a3:04:0c:58:4b:e9:58:8b:c9:1d:9e:3d:ce:9c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 3 08:19:24 2025 GMT
Not After : Apr 2 08:24:24 2026 GMT
Subject: CN=E230E21477F920B49354DD9621F9D93323BE6CA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d4:3c:3d:09:cf:dd:f1:6e:58:79:b8:89:bd:
bd:35:4d:90:3d:5c:df:ab:51:bb:00:eb:9b:8b:42:
1b:89:5c:c0:62:75:b7:1f:ea:25:11:07:07:01:4c:
8e:f6:b2:1a:c2:ce:2e:3f:55:1f:f4:10:6a:b6:3e:
59:1d:ac:70:7c:a3:83:e6:f7:b6:53:df:29:ce:26:
91:f9:d5:b8:25:2a:c8:7b:80:d1:0b:ae:b9:4c:2a:
61:5a:4a:a0:4b:fb:b2:23:bf:c6:af:c2:08:f0:c9:
18:dd:35:7f:46:b0:1d:a8:82:10:b9:39:1b:b8:85:
74:b6:a5:0e:95:fd:6b:50:a8:c2:30:c2:11:9e:ff:
92:44:04:6c:d3:84:df:93:29:05:b6:0f:ce:19:2e:
de:ad:38:79:34:5a:3c:79:80:91:ff:2b:8d:1e:54:
07:0c:d3:cb:1e:cd:2c:19:e5:af:c3:24:e8:4d:f1:
9b:32:a3:cb:90:7d:be:0f:c5:c4:57:0b:2a:1c:77:
7f:a7:fd:3f:f1:c7:7e:9b:80:1c:c3:e4:d9:91:4f:
2a:bd:73:50:b7:7e:d0:2a:61:8a:38:73:f7:79:97:
d3:2f:5d:a4:46:e8:fe:7b:59:a2:81:a0:58:a1:36:
2f:bc:20:7f:7c:5e:a4:e9:12:95:3d:df:13:32:ef:
73:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:30:E2:14:77:F9:20:B4:93:54:DD:96:21:F9:D9:33:23:BE:6C:A9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203964.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.209.0/24
82.21.211.0/24
82.21.221.0/24
82.22.209.0/24
82.22.226.0/24
82.23.211.0/24
82.23.221.0/24
82.24.215.0/24
82.24.217.0/24
82.24.232.0/24
82.25.226.0/24
82.25.231.0/24
82.26.213.0/24
82.27.219.0/24
82.29.212.0/24
82.29.219.0/24
82.29.222.0/24
82.29.224.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:56:9f:aa:ee:df:71:55:26:40:b3:7e:65:39:9b:0d:39:96:
aa:c2:c1:20:57:91:1b:2d:c7:5f:bd:ba:42:70:77:34:b3:0f:
59:22:3e:94:f5:da:63:a8:cf:47:30:f4:06:7b:1c:c1:04:33:
da:bc:17:e0:d1:89:7e:52:db:90:8d:a3:41:cc:c2:7a:3e:9c:
13:28:6d:5a:7a:82:8e:00:3a:5e:f0:cf:ae:3d:1a:69:7d:44:
9f:72:db:66:c5:f9:96:51:43:c5:75:34:1f:6a:29:a4:38:2e:
a8:1c:09:21:c1:aa:bb:28:2f:0b:a1:10:53:2d:8e:99:10:72:
40:80:8c:72:9a:00:3f:4a:01:d6:52:49:a8:e0:71:57:b0:4f:
a3:18:07:49:6f:b7:b4:3f:18:ee:5b:f6:e2:71:a1:d9:2b:e6:
a0:15:bf:d9:97:b5:f0:e6:dd:0c:40:08:5b:0f:4e:13:43:d3:
f1:c0:e7:51:a9:69:9f:b7:83:55:47:ad:8f:7e:8e:37:20:1c:
d5:8a:b0:48:42:56:6d:9f:23:48:70:7a:bd:b5:d5:8a:6b:4e:
50:40:06:5c:4e:ca:f5:b2:e8:d7:ab:6d:2d:1d:87:47:8a:f0:
b8:0a:a1:73:4e:17:ec:af:08:b2:b2:16:43:07:2a:e0:cb:85:
6e:51:b9:71
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIUBZVx2A6jBAxYS+lYi8kdnj3OnK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MDMwODE5MjRaFw0yNjA0MDIwODI0MjRaMDMxMTAvBgNV
BAMTKEUyMzBFMjE0NzdGOTIwQjQ5MzU0REQ5NjIxRjlEOTMzMjNCRTZDQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK1Dw9Cc/d8W5YebiJvb01TZA9
XN+rUbsA65uLQhuJXMBidbcf6iURBwcBTI72shrCzi4/VR/0EGq2PlkdrHB8o4Pm
97ZT3ynOJpH51bglKsh7gNELrrlMKmFaSqBL+7Ijv8avwgjwyRjdNX9GsB2oghC5
ORu4hXS2pQ6V/WtQqMIwwhGe/5JEBGzThN+TKQW2D84ZLt6tOHk0Wjx5gJH/K40e
VAcM08sezSwZ5a/DJOhN8Zsyo8uQfb4PxcRXCyocd3+n/T/xx36bgBzD5NmRTyq9
c1C3ftAqYYo4c/d5l9MvXaRG6P57WaKBoFihNi+8IH98XqTpEpU93xMy73N5AgMB
AAGjggJxMIICbTAdBgNVHQ4EFgQU4jDiFHf5ILSTVN2WIfnZMyO+bKkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzOTY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAFIV
0QMEAFIV0wMEAFIV3QMEAFIW0QMEAFIW4gMEAFIX0wMEAFIX3QMEAFIY1wMEAFIY
2QMEAFIY6AMEAFIZ4gMEAFIZ5wMEAFIa1QMEAFIb2wMEAFId1AMEAFId2wMEAFId
3gMEAFId4DANBgkqhkiG9w0BAQsFAAOCAQEAb1afqu7fcVUmQLN+ZTmbDTmWqsLB
IFeRGy3HX726QnB3NLMPWSI+lPXaY6jPRzD0BnscwQQz2rwX4NGJflLbkI2jQczC
ej6cEyhtWnqCjgA6XvDPrj0aaX1En3LbZsX5llFDxXU0H2oppDguqBwJIcGquygv
C6EQUy2OmRByQICMcpoAP0oB1lJJqOBxV7BPoxgHSW+3tD8Y7lv24nGh2SvmoBW/
2Ze18ObdDEAIWw9OE0PT8cDnUalpn7eDVUetj36ONyAc1YqwSEJWbZ8jSHB6vbXV
imtOUEAGXE7K9bLo16ttLR2HR4rwuAqhc04X7K8IsrIWQwcq4MuFblG5cQ==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:23:57 2025 by rpki-client