Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS205809.roa
File: AS205809.roa (raw, json)
Hash identifier: DPw1tJjJ5UIxkwDAUdWiNUeNr84HRHBjSJm3nr8Y2mk=
Subject key identifier: 88:B9:AC:E5:03:66:B0:71:48:E0:1E:B2:38:39:16:C8:1A:5E:32:FC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0F4756F289541194261F87662CC3A2BBC90D819D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS205809.roa
Signing time: Tue 04 Mar 2025 09:27:21 +0000
ROA not before: Tue 04 Mar 2025 09:22:21 +0000
ROA not after: Tue 03 Mar 2026 09:27:21 +0000
asID: 205809
IP address blocks: 82.21.172.0/24 maxlen: 24
82.29.203.0/24 maxlen: 24
82.29.204.0/24 maxlen: 24
82.29.205.0/24 maxlen: 24
82.29.206.0/24 maxlen: 24
82.29.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:47:56:f2:89:54:11:94:26:1f:87:66:2c:c3:a2:bb:c9:0d:81:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 4 09:22:21 2025 GMT
Not After : Mar 3 09:27:21 2026 GMT
Subject: CN=88B9ACE50366B07148E01EB2383916C81A5E32FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:6a:5c:aa:9c:54:42:69:15:5b:0d:18:2b:64:
fa:d0:81:4a:64:83:b5:1b:5a:4e:1c:7d:37:61:cb:
0c:4f:a6:07:92:f6:c8:55:21:c3:dd:1f:e6:a2:14:
e3:14:3a:44:32:9b:d6:f6:fa:65:cf:93:9d:97:ca:
64:11:c6:a2:ea:9e:20:aa:c5:07:47:36:0f:70:f6:
33:a3:7c:fe:f4:a8:3e:80:75:94:f1:c3:fc:ba:50:
4b:22:67:5e:2b:f7:4c:17:0b:ba:18:dc:b0:ee:80:
63:8d:da:04:62:6b:9e:d3:7f:9b:45:2d:7e:e6:df:
8b:84:c7:86:fd:b2:7f:5b:2a:90:b2:57:2e:30:58:
0b:7a:f6:29:14:e0:0a:2e:6f:21:58:0f:c6:c1:e8:
0e:e5:1e:d3:ce:7f:6a:f8:b6:15:2a:e1:81:bb:05:
41:68:11:23:37:0f:9c:61:12:29:b6:d3:11:6b:c4:
b4:18:20:1a:63:d4:34:0b:8e:36:d3:63:54:1c:60:
4d:71:47:59:62:54:78:94:11:da:6b:18:f0:a8:08:
66:1e:95:d3:43:80:e8:45:84:7e:5c:5f:1d:5a:bc:
b4:49:6c:8c:ca:2a:7e:8a:86:8d:af:9a:5e:bf:e9:
ae:fa:b2:f6:9c:1d:df:55:c7:00:40:39:82:4a:90:
e2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B9:AC:E5:03:66:B0:71:48:E0:1E:B2:38:39:16:C8:1A:5E:32:FC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS205809.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.172.0/24
82.29.203.0-82.29.207.255
Signature Algorithm: sha256WithRSAEncryption
26:c4:c8:9a:81:39:6c:81:11:c8:59:c7:b6:74:9e:ba:76:33:
a0:8e:ca:b6:c1:9b:62:da:a3:8e:1a:3e:61:25:16:d9:96:a4:
c1:78:ed:9c:2b:c7:9c:2d:65:cc:71:27:e7:e6:41:3e:53:7a:
b7:9f:ad:8a:52:d1:c4:18:94:24:c7:85:37:a9:8d:1a:8f:eb:
dd:f6:6b:c8:ab:81:37:2b:87:94:70:9c:bd:eb:cc:c8:ac:b7:
27:eb:17:c6:0c:6f:7b:b8:96:36:0c:2e:5d:23:b1:0d:1e:e1:
23:fb:bc:b7:ae:da:9b:61:63:2a:de:f5:05:f1:2e:95:5a:c1:
1d:4c:92:a8:48:91:50:66:ae:17:af:92:7f:ec:22:18:8e:3e:
f0:77:3c:03:fe:49:99:80:76:44:10:5e:81:0a:98:66:24:eb:
f2:24:e7:7d:a2:ad:98:d7:e7:66:bb:24:c5:96:fc:21:9c:f0:
b4:17:c5:57:91:d4:be:8a:07:1e:fe:40:2d:e3:9b:15:f4:21:
ca:fa:0e:67:b9:4a:76:0e:62:95:06:3f:a6:2a:ba:0c:82:03:
ed:cd:88:2a:96:44:0a:60:f0:88:4e:85:e0:b9:8f:f3:6c:30:
9f:50:42:d4:35:55:42:81:d9:23:3b:f1:5b:da:45:c6:57:97:
15:6e:eb:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUD0dW8olUEZQmH4dmLMOiu8kNgZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMDQwOTIyMjFaFw0yNjAzMDMwOTI3MjFaMDMxMTAvBgNV
BAMTKDg4QjlBQ0U1MDM2NkIwNzE0OEUwMUVCMjM4MzkxNkM4MUE1RTMyRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtalyqnFRCaRVbDRgrZPrQgUpk
g7UbWk4cfTdhywxPpgeS9shVIcPdH+aiFOMUOkQym9b2+mXPk52XymQRxqLqniCq
xQdHNg9w9jOjfP70qD6AdZTxw/y6UEsiZ14r90wXC7oY3LDugGON2gRia57Tf5tF
LX7m34uEx4b9sn9bKpCyVy4wWAt69ikU4AoubyFYD8bB6A7lHtPOf2r4thUq4YG7
BUFoESM3D5xhEim20xFrxLQYIBpj1DQLjjbTY1QcYE1xR1liVHiUEdprGPCoCGYe
ldNDgOhFhH5cXx1avLRJbIzKKn6Kho2vml6/6a76svacHd9VxwBAOYJKkOJZAgMB
AAGjggIYMIICFDAdBgNVHQ4EFgQUiLms5QNmsHFI4B6yODkWyBpeMvwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA1ODA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAUhWs
MAwDBABSHcsDBARSHcAwDQYJKoZIhvcNAQELBQADggEBACbEyJqBOWyBEchZx7Z0
nrp2M6COyrbBm2Lao44aPmElFtmWpMF47Zwrx5wtZcxxJ+fmQT5TerefrYpS0cQY
lCTHhTepjRqP6932a8irgTcrh5RwnL3rzMistyfrF8YMb3u4ljYMLl0jsQ0e4SP7
vLeu2pthYyre9QXxLpVawR1MkqhIkVBmrhevkn/sIhiOPvB3PAP+SZmAdkQQXoEK
mGYk6/Ik532irZjX52a7JMWW/CGc8LQXxVeR1L6KBx7+QC3jmxX0Icr6Dme5SnYO
YpUGP6YqugyCA+3NiCqWRApg8IhOheC5j/NsMJ9QQtQ1VUKB2SM78VvaRcZXlxVu
6yM=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:18:39 2025 by rpki-client