Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203964.roa
File: AS203964.roa (raw, json)
Hash identifier: HrkSZbUm0shGNy99ALWpBUGYnlLaKc0MWiXJf0sO4kw=
Subject key identifier: 23:DF:42:C8:6E:37:98:A2:B8:59:F6:78:DA:3E:30:6A:D1:B1:73:17
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 513CBC7BB10243A8B399467CCE3BD0D91DEF5624
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203964.roa
Signing time: Fri 29 Aug 2025 11:24:12 +0000
ROA not before: Fri 29 Aug 2025 11:19:12 +0000
ROA not after: Fri 28 Aug 2026 11:24:12 +0000
asID: 203964
IP address blocks: 82.21.209.0/24 maxlen: 24
82.21.221.0/24 maxlen: 24
82.22.209.0/24 maxlen: 24
82.22.226.0/24 maxlen: 24
82.23.211.0/24 maxlen: 24
82.23.221.0/24 maxlen: 24
82.24.217.0/24 maxlen: 24
82.24.232.0/24 maxlen: 24
82.25.226.0/24 maxlen: 24
82.25.231.0/24 maxlen: 24
82.26.213.0/24 maxlen: 24
82.27.219.0/24 maxlen: 24
82.29.212.0/24 maxlen: 24
82.29.219.0/24 maxlen: 24
82.29.222.0/24 maxlen: 24
82.29.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 19:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:3c:bc:7b:b1:02:43:a8:b3:99:46:7c:ce:3b:d0:d9:1d:ef:56:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 29 11:19:12 2025 GMT
Not After : Aug 28 11:24:12 2026 GMT
Subject: CN=23DF42C86E3798A2B859F678DA3E306AD1B17317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c6:56:95:7a:d1:8d:8a:b1:a2:16:fc:cc:09:
8d:6a:77:78:55:22:35:e5:a3:50:69:7e:3d:48:e0:
fd:ee:b4:a8:b6:d5:bc:f8:d9:c7:50:33:ec:47:81:
0b:bf:2f:46:26:b5:b8:dc:17:22:ba:95:ed:e8:63:
16:b0:d3:1d:a0:3c:2c:49:c1:95:cf:6a:14:ed:66:
3f:4f:81:27:60:9c:90:60:5e:97:16:96:3a:9b:11:
cb:00:24:69:14:ed:0d:f4:79:d8:a4:64:9e:32:04:
2d:05:fc:0b:a9:0b:cf:f3:17:b7:65:3b:a4:d2:8b:
64:a1:34:02:1c:21:c1:91:c8:65:8c:df:fe:35:e9:
a8:7d:59:ba:51:e9:38:f9:09:f1:02:23:a3:f8:b9:
16:53:99:a8:25:f4:06:1f:8d:64:0d:86:13:a7:7c:
1a:54:a5:d8:a3:c8:00:da:e6:3e:c8:1f:b3:35:23:
5a:27:1d:a9:9d:9e:1e:55:3d:cf:3a:3b:32:b0:7c:
ef:4a:4a:bf:f7:12:17:7f:98:66:12:73:93:4d:3f:
c1:07:a2:22:7a:ee:93:b5:ab:75:20:69:ef:a3:29:
4b:e8:31:47:02:9e:40:a2:04:29:d5:33:49:db:ca:
5f:d7:06:81:04:33:68:8e:99:85:82:c7:37:bd:ff:
90:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:DF:42:C8:6E:37:98:A2:B8:59:F6:78:DA:3E:30:6A:D1:B1:73:17
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203964.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.209.0/24
82.21.221.0/24
82.22.209.0/24
82.22.226.0/24
82.23.211.0/24
82.23.221.0/24
82.24.217.0/24
82.24.232.0/24
82.25.226.0/24
82.25.231.0/24
82.26.213.0/24
82.27.219.0/24
82.29.212.0/24
82.29.219.0/24
82.29.222.0/24
82.29.224.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:d8:b8:25:6a:8f:2a:5c:ac:8a:fe:19:4c:41:64:b0:57:50:
08:b8:da:20:8b:4c:99:7a:c5:a8:19:24:45:82:70:5e:32:8e:
21:9d:90:a2:86:a5:a1:6b:ba:d7:4a:ac:3e:80:df:a2:14:84:
7e:88:ef:b7:d2:2d:8e:b5:a7:b7:5f:b9:7a:2a:22:1f:9c:cd:
1e:3e:6d:b8:62:a0:b0:21:6d:e2:65:d7:f1:1e:6e:79:d1:7c:
7c:2c:1f:a7:c1:0b:0c:31:59:50:07:74:36:0c:c1:9b:23:34:
7a:1d:56:14:86:56:db:d2:40:c1:ab:e3:71:06:af:d7:f3:53:
5e:c7:ac:d5:86:dd:84:55:4b:1a:06:d6:92:fb:07:b0:d8:68:
7c:0d:a8:d7:f2:ee:ae:4f:23:00:6b:a9:0f:26:45:a2:f9:ee:
12:12:c6:b7:07:0c:ac:0a:fe:0e:a8:f4:82:f5:86:4f:80:3d:
9a:37:c6:18:a4:59:6d:11:b1:f9:57:71:78:6e:82:47:46:5d:
95:a2:55:63:18:9e:95:38:ec:f6:06:8b:23:23:08:e7:61:d5:
84:bf:13:ec:ea:d1:bc:5f:a6:16:a2:59:86:2e:fa:da:e9:9b:
aa:c0:2b:d8:ed:41:c5:2b:8a:7c:ec:5d:d5:80:dd:5d:a0:55:
e9:e3:85:fc
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIUUTy8e7ECQ6izmUZ8zjvQ2R3vViQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MjkxMTE5MTJaFw0yNjA4MjgxMTI0MTJaMDMxMTAvBgNV
BAMTKDIzREY0MkM4NkUzNzk4QTJCODU5RjY3OERBM0UzMDZBRDFCMTczMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWxlaVetGNirGiFvzMCY1qd3hV
IjXlo1Bpfj1I4P3utKi21bz42cdQM+xHgQu/L0YmtbjcFyK6le3oYxaw0x2gPCxJ
wZXPahTtZj9PgSdgnJBgXpcWljqbEcsAJGkU7Q30edikZJ4yBC0F/AupC8/zF7dl
O6TSi2ShNAIcIcGRyGWM3/416ah9WbpR6Tj5CfECI6P4uRZTmagl9AYfjWQNhhOn
fBpUpdijyADa5j7IH7M1I1onHamdnh5VPc86OzKwfO9KSr/3Ehd/mGYSc5NNP8EH
oiJ67pO1q3Ugae+jKUvoMUcCnkCiBCnVM0nbyl/XBoEEM2iOmYWCxze9/5B1AgMB
AAGjggJkMIICYDAdBgNVHQ4EFgQUI99CyG43mKK4WfZ42j4watGxcxcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzOTY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAUhXR
AwQAUhXdAwQAUhbRAwQAUhbiAwQAUhfTAwQAUhfdAwQAUhjZAwQAUhjoAwQAUhni
AwQAUhnnAwQAUhrVAwQAUhvbAwQAUh3UAwQAUh3bAwQAUh3eAwQAUh3gMA0GCSqG
SIb3DQEBCwUAA4IBAQAv2Lglao8qXKyK/hlMQWSwV1AIuNogi0yZesWoGSRFgnBe
Mo4hnZCihqWha7rXSqw+gN+iFIR+iO+30i2Otae3X7l6KiIfnM0ePm24YqCwIW3i
ZdfxHm550Xx8LB+nwQsMMVlQB3Q2DMGbIzR6HVYUhlbb0kDBq+NxBq/X81Nex6zV
ht2EVUsaBtaS+wew2Gh8DajX8u6uTyMAa6kPJkWi+e4SEsa3BwysCv4OqPSC9YZP
gD2aN8YYpFltEbH5V3F4boJHRl2VolVjGJ6VOOz2BosjIwjnYdWEvxPs6tG8X6YW
olmGLvra6ZuqwCvY7UHFK4p87F3VgN1doFXp44X8
-----END CERTIFICATE-----
Generated at Fri Sep 5 09:46:07 2025 by rpki-client