Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS207158.roa
File: AS207158.roa (raw, json)
Hash identifier: QgixrWxQ8hEdYe3vxCshU8Wo5IubsQ2LOwoQg7CiL8o=
Subject key identifier: 5C:08:93:65:6C:90:15:43:28:F9:AA:F7:3F:4E:CC:B2:6E:B9:3F:58
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 68A6E4EEE9D2192AEB4D4F6FBBC064032B0CA7A3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS207158.roa
Signing time: Tue 09 Jun 2026 04:08:01 +0000
ROA not before: Tue 09 Jun 2026 04:03:01 +0000
ROA not after: Tue 08 Jun 2027 04:08:01 +0000
asID: 207158
IP address blocks: 82.47.2.0/24 maxlen: 24
82.47.133.0/24 maxlen: 24
82.47.138.0/24 maxlen: 24
82.47.165.0/24 maxlen: 24
84.75.142.0/24 maxlen: 24
84.75.143.0/24 maxlen: 24
84.75.149.0/24 maxlen: 24
178.83.29.0/24 maxlen: 24
178.83.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 19:37:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a6:e4:ee:e9:d2:19:2a:eb:4d:4f:6f:bb:c0:64:03:2b:0c:a7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 9 04:03:01 2026 GMT
Not After : Jun 8 04:08:01 2027 GMT
Subject: CN=5C0893656C90154328F9AAF73F4ECCB26EB93F58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ed:da:8c:5e:b9:74:67:c1:22:69:8a:b2:44:
b2:64:e9:88:64:dc:26:c6:1a:5c:5b:4f:71:16:65:
3d:42:3a:01:4b:d3:0f:de:08:20:5a:70:8e:40:8d:
d3:85:8e:6a:53:80:6c:85:ef:00:41:94:80:cb:33:
35:1b:3a:cc:45:31:3b:e7:cb:58:74:49:79:fd:0b:
f2:f4:62:8a:3f:ed:c0:66:3d:d5:80:7f:68:c5:2d:
58:e6:94:c1:10:ca:0a:a3:a3:a8:77:f5:2a:90:91:
cf:da:4e:db:1d:c5:e7:39:79:a5:45:b7:47:f6:8b:
dd:bd:69:45:d2:79:4f:61:cc:b9:56:3a:84:d0:3d:
25:07:a3:d0:5a:9c:f3:3b:46:3e:7c:ef:81:0a:d5:
19:10:8d:9f:3c:bc:0c:08:c5:e4:c8:dc:2f:e3:c1:
51:c4:eb:7e:9d:ef:4a:2b:83:e6:6e:5b:37:22:dd:
2f:dc:3b:7c:50:4f:62:4f:81:f0:78:e4:e0:44:ce:
77:08:c8:5f:8b:38:88:39:9c:b1:d5:c1:89:28:5e:
bc:06:7d:10:08:2b:c2:60:d1:a5:45:97:0b:f4:c4:
57:df:6b:29:ea:ed:57:19:5e:0c:5e:f0:fd:7f:58:
5a:9d:73:e6:43:83:36:2a:d5:9e:7d:47:15:79:89:
4e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:08:93:65:6C:90:15:43:28:F9:AA:F7:3F:4E:CC:B2:6E:B9:3F:58
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS207158.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.47.2.0/24
82.47.133.0/24
82.47.138.0/24
82.47.165.0/24
84.75.142.0/23
84.75.149.0/24
178.83.29.0/24
178.83.200.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:d2:0a:78:8f:b3:b6:8f:0a:8d:4d:4c:89:df:6c:5e:a6:e6:
3b:18:ed:59:8b:3d:52:50:98:f0:c9:6f:b8:1f:26:8b:c9:f4:
19:54:16:99:31:b8:87:0c:54:af:7b:57:59:bf:a9:7e:45:5f:
d9:2a:80:3e:50:10:bf:e1:b5:ac:97:0d:78:4e:01:ec:7b:b1:
b8:d4:29:7b:02:5f:b1:d4:2e:8b:6e:b9:d3:25:cf:ec:7c:c9:
83:7a:18:d0:4b:be:2c:de:93:01:a1:bc:89:86:c8:b1:e6:96:
08:44:1f:54:bb:71:e3:6a:03:ee:9a:fc:50:d0:70:ce:b7:4b:
12:38:65:b9:20:39:d4:57:4e:fb:ac:2b:fb:3a:15:46:15:fd:
5f:3d:d8:47:ba:ff:0d:bd:59:8e:50:be:6f:44:aa:b9:5e:a4:
41:77:5a:80:d7:71:53:8c:dd:90:dd:ba:71:36:67:a9:57:0c:
b6:aa:b3:98:f3:77:44:ec:c6:54:96:3b:80:35:29:80:db:58:
f6:f9:5e:cc:8d:60:66:06:d6:29:91:43:0a:af:28:88:61:71:
14:2d:ac:35:5e:3b:a7:6a:53:90:c8:95:92:d7:1e:7f:b6:3a:
97:f1:07:89:9d:28:16:a5:1e:cd:50:e5:4e:e1:9d:24:be:2d:
64:2b:f8:33
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUaKbk7unSGSrrTU9vu8BkAysMp6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDkwNDAzMDFaFw0yNzA2MDgwNDA4MDFaMDMxMTAvBgNV
BAMTKDVDMDg5MzY1NkM5MDE1NDMyOEY5QUFGNzNGNEVDQ0IyNkVCOTNGNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi7dqMXrl0Z8EiaYqyRLJk6Yhk
3CbGGlxbT3EWZT1COgFL0w/eCCBacI5AjdOFjmpTgGyF7wBBlIDLMzUbOsxFMTvn
y1h0SXn9C/L0Yoo/7cBmPdWAf2jFLVjmlMEQygqjo6h39SqQkc/aTtsdxec5eaVF
t0f2i929aUXSeU9hzLlWOoTQPSUHo9BanPM7Rj5874EK1RkQjZ88vAwIxeTI3C/j
wVHE636d70org+ZuWzci3S/cO3xQT2JPgfB45OBEzncIyF+LOIg5nLHVwYkoXrwG
fRAIK8Jg0aVFlwv0xFffaynq7VcZXgxe8P1/WFqdc+ZDgzYq1Z59RxV5iU6bAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUXAiTZWyQFUMo+ar3P07Msm65P1gwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA3MTU4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUi8C
AwQAUi+FAwQAUi+KAwQAUi+lAwQBVEuOAwQAVEuVAwQAslMdAwQAslPIMA0GCSqG
SIb3DQEBCwUAA4IBAQCh0gp4j7O2jwqNTUyJ32xepuY7GO1Ziz1SUJjwyW+4HyaL
yfQZVBaZMbiHDFSve1dZv6l+RV/ZKoA+UBC/4bWslw14TgHse7G41Cl7Al+x1C6L
brnTJc/sfMmDehjQS74s3pMBobyJhsix5pYIRB9Uu3HjagPumvxQ0HDOt0sSOGW5
IDnUV077rCv7OhVGFf1fPdhHuv8NvVmOUL5vRKq5XqRBd1qA13FTjN2Q3bpxNmep
Vwy2qrOY83dE7MZUljuANSmA21j2+V7MjWBmBtYpkUMKryiIYXEULaw1XjunalOQ
yJWS1x5/tjqX8QeJnSgWpR7NUOVO4Z0kvi1kK/gz
-----END CERTIFICATE-----
Generated at Fri Jun 12 04:57:47 2026 by rpki-client