Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209854.roa
File: AS209854.roa (raw, json)
Hash identifier: N1DG1k0NmiXNU//6An4P7pCcT4bUPM0l21PPaiR5dq0=
Subject key identifier: 3E:03:E4:E0:5B:CE:33:B6:75:94:50:9D:74:BD:7C:E7:B5:F0:4A:38
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 205CF55DD83B3003277AE0630079300EC1988EBF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209854.roa
Signing time: Wed 05 Mar 2025 13:15:58 +0000
ROA not before: Wed 05 Mar 2025 13:10:58 +0000
ROA not after: Wed 04 Mar 2026 13:15:58 +0000
asID: 209854
IP address blocks: 82.21.109.0/24 maxlen: 24
82.21.118.0/24 maxlen: 24
82.21.166.0/24 maxlen: 24
82.21.171.0/24 maxlen: 24
82.21.174.0/24 maxlen: 24
82.21.176.0/24 maxlen: 24
82.21.186.0/24 maxlen: 24
82.21.202.0/24 maxlen: 24
82.21.203.0/24 maxlen: 24
82.21.205.0/24 maxlen: 24
82.23.0.0/24 maxlen: 24
82.23.1.0/24 maxlen: 24
82.23.186.0/24 maxlen: 24
82.23.187.0/24 maxlen: 24
82.24.28.0/24 maxlen: 24
82.24.47.0/24 maxlen: 24
82.26.149.0/24 maxlen: 24
82.26.153.0/24 maxlen: 24
82.26.159.0/24 maxlen: 24
82.26.162.0/24 maxlen: 24
82.26.164.0/24 maxlen: 24
82.26.170.0/24 maxlen: 24
82.26.173.0/24 maxlen: 24
82.26.192.0/24 maxlen: 24
82.26.195.0/24 maxlen: 24
82.26.199.0/24 maxlen: 24
82.29.21.0/24 maxlen: 24
82.29.27.0/24 maxlen: 24
82.29.133.0/24 maxlen: 24
82.29.134.0/24 maxlen: 24
82.29.135.0/24 maxlen: 24
82.29.149.0/24 maxlen: 24
82.29.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:5c:f5:5d:d8:3b:30:03:27:7a:e0:63:00:79:30:0e:c1:98:8e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 5 13:10:58 2025 GMT
Not After : Mar 4 13:15:58 2026 GMT
Subject: CN=3E03E4E05BCE33B67594509D74BD7CE7B5F04A38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:48:3c:0d:e8:91:3d:fa:e4:78:bb:54:8e:05:
4a:60:3a:c7:19:8c:b1:7c:f6:48:bc:3e:13:c0:28:
c4:c9:d7:0e:49:75:73:ee:db:c4:25:a6:7c:d7:96:
56:34:92:8a:79:b3:4d:2d:2e:5f:10:c7:83:70:00:
c5:9a:5b:f8:3e:92:af:fa:3c:7f:bd:f7:12:d4:98:
d5:9c:82:a0:10:ec:2c:eb:9a:80:bb:f6:97:8f:eb:
6d:83:1a:8d:1c:63:9b:e4:f0:53:14:2a:7a:da:7e:
00:b2:9b:d7:94:db:a3:96:76:07:12:5b:1a:b3:2d:
60:d6:e8:3d:ec:09:c1:96:57:9d:84:64:09:a8:6c:
30:85:16:89:be:ff:2a:ca:cc:6e:0b:57:91:73:d1:
6f:95:5a:6f:55:f2:e5:e0:9a:81:41:92:64:0c:34:
a2:7c:c8:59:b8:68:de:49:71:1a:47:60:a3:44:7e:
e4:99:9d:61:64:e1:6f:cf:72:70:44:04:d1:7c:11:
0b:12:5d:e3:50:11:73:9d:17:8a:d6:b8:40:28:fb:
d2:63:dd:70:b8:17:9e:aa:fd:3a:63:5a:0f:77:42:
e9:6c:bd:a6:d7:6f:a5:83:b7:a2:79:3a:1f:58:cb:
1e:3d:ed:41:49:7f:05:66:87:f5:7f:a7:29:5d:6c:
9b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:03:E4:E0:5B:CE:33:B6:75:94:50:9D:74:BD:7C:E7:B5:F0:4A:38
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209854.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.109.0/24
82.21.118.0/24
82.21.166.0/24
82.21.171.0/24
82.21.174.0/24
82.21.176.0/24
82.21.186.0/24
82.21.202.0/23
82.21.205.0/24
82.23.0.0/23
82.23.186.0/23
82.24.28.0/24
82.24.47.0/24
82.26.149.0/24
82.26.153.0/24
82.26.159.0/24
82.26.162.0/24
82.26.164.0/24
82.26.170.0/24
82.26.173.0/24
82.26.192.0/24
82.26.195.0/24
82.26.199.0/24
82.29.21.0/24
82.29.27.0/24
82.29.133.0-82.29.135.255
82.29.149.0/24
82.29.151.0/24
Signature Algorithm: sha256WithRSAEncryption
47:c6:d7:64:16:40:d1:42:30:55:b7:61:d2:91:04:4a:81:5f:
aa:cd:45:23:c8:e8:83:89:27:45:bc:44:97:bc:91:f3:9c:d7:
70:e3:de:31:b3:ab:5f:c9:a6:42:a2:1e:ce:36:ec:50:4d:a2:
f7:67:b9:f2:8f:4c:9c:ae:67:55:8f:64:ae:a4:b3:15:f1:fd:
1f:57:38:86:32:06:a4:89:4c:c2:4e:e6:36:20:d8:79:1f:c9:
14:aa:18:9a:ce:88:33:59:4a:d1:87:d5:fa:eb:4f:a0:51:13:
5c:04:f0:d1:49:81:e6:f0:43:7a:b7:fd:dc:fb:a3:85:e4:9f:
9e:74:30:16:91:1b:8b:dc:26:ef:cc:f4:80:42:0b:9f:61:b6:
ed:a8:3d:89:5f:80:e9:a8:98:19:13:b3:cb:43:31:98:44:56:
3c:92:9a:32:2e:6a:40:49:1d:1b:2d:d8:2b:9a:b9:e4:59:52:
b3:1f:62:c9:bd:09:f1:b0:34:eb:ef:2a:f7:c1:93:44:b8:cd:
7b:d8:62:73:e7:5c:77:81:03:c4:f3:5e:ce:a0:86:9b:f6:c0:
6b:6c:53:56:ae:5a:6a:50:ee:37:02:9a:4a:53:a9:a6:9d:9f:
c0:c4:3e:0f:0d:3d:59:53:3e:27:89:e2:ce:15:c6:1b:3a:58:
04:c5:2e:fc
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIUIFz1Xdg7MAMneuBjAHkwDsGYjr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMDUxMzEwNThaFw0yNjAzMDQxMzE1NThaMDMxMTAvBgNV
BAMTKDNFMDNFNEUwNUJDRTMzQjY3NTk0NTA5RDc0QkQ3Q0U3QjVGMDRBMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzSDwN6JE9+uR4u1SOBUpgOscZ
jLF89ki8PhPAKMTJ1w5JdXPu28QlpnzXllY0kop5s00tLl8Qx4NwAMWaW/g+kq/6
PH+99xLUmNWcgqAQ7CzrmoC79peP622DGo0cY5vk8FMUKnrafgCym9eU26OWdgcS
WxqzLWDW6D3sCcGWV52EZAmobDCFFom+/yrKzG4LV5Fz0W+VWm9V8uXgmoFBkmQM
NKJ8yFm4aN5JcRpHYKNEfuSZnWFk4W/PcnBEBNF8EQsSXeNQEXOdF4rWuEAo+9Jj
3XC4F56q/TpjWg93QulsvabXb6WDt6J5Oh9Yyx497UFJfwVmh/V/pyldbJvBAgMB
AAGjggK5MIICtTAdBgNVHQ4EFgQUPgPk4FvOM7Z1lFCddL1857XwSjgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA5ODU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbAD
BABSFW0DBABSFXYDBABSFaYDBABSFasDBABSFa4DBABSFbADBABSFboDBAFSFcoD
BABSFc0DBAFSFwADBAFSF7oDBABSGBwDBABSGC8DBABSGpUDBABSGpkDBABSGp8D
BABSGqIDBABSGqQDBABSGqoDBABSGq0DBABSGsADBABSGsMDBABSGscDBABSHRUD
BABSHRswDAMEAFIdhQMEA1IdgAMEAFIdlQMEAFIdlzANBgkqhkiG9w0BAQsFAAOC
AQEAR8bXZBZA0UIwVbdh0pEESoFfqs1FI8jog4knRbxEl7yR85zXcOPeMbOrX8mm
QqIezjbsUE2i92e58o9MnK5nVY9krqSzFfH9H1c4hjIGpIlMwk7mNiDYeR/JFKoY
ms6IM1lK0YfV+utPoFETXATw0UmB5vBDerf93PujheSfnnQwFpEbi9wm78z0gEIL
n2G27ag9iV+A6aiYGROzy0MxmERWPJKaMi5qQEkdGy3YK5q55FlSsx9iyb0J8bA0
6+8q98GTRLjNe9hic+dcd4EDxPNezqCGm/bAa2xTVq5aalDuNwKaSlOppp2fwMQ+
Dw09WVM+J4nizhXGGzpYBMUu/A==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:26:17 2025 by rpki-client