Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209888.roa
File: AS209888.roa (raw, json)
Hash identifier: pqtsa+Sn/OdFE2s36oj7Lkh3vxBNCOpFSdOqlA7aRgE=
Subject key identifier: 0E:B8:42:B6:66:8A:C9:BC:55:34:43:4E:9C:E6:C5:13:A5:6D:89:55
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 13E5D89067D7A1A566ED60A8913E1453D41A925A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209888.roa
Signing time: Thu 30 Apr 2026 00:59:44 +0000
ROA not before: Thu 30 Apr 2026 00:54:44 +0000
ROA not after: Thu 29 Apr 2027 00:59:44 +0000
asID: 209888
IP address blocks: 82.47.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:e5:d8:90:67:d7:a1:a5:66:ed:60:a8:91:3e:14:53:d4:1a:92:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 30 00:54:44 2026 GMT
Not After : Apr 29 00:59:44 2027 GMT
Subject: CN=0EB842B6668AC9BC5534434E9CE6C513A56D8955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ef:49:f3:14:26:9d:b0:d2:46:b7:5b:34:a3:
ff:f0:df:8b:99:7c:50:f9:f9:1b:c5:a6:ae:08:d0:
cc:b9:20:ec:a8:c1:e8:e8:2f:7d:39:19:64:ae:b1:
46:e1:e0:73:1f:44:4c:f7:de:c5:81:f9:81:e1:17:
87:82:f7:1c:a8:d2:6c:bd:ff:4a:6b:91:29:c2:2a:
a3:ce:19:58:2a:7b:43:00:e3:7f:42:41:19:6e:d9:
fe:ef:17:cb:60:46:03:e6:59:25:ef:6e:01:0f:7e:
13:33:c5:8c:fc:19:a3:9e:ef:3c:12:9a:36:b4:71:
60:74:e7:28:8d:2b:c9:2f:44:15:72:8a:dc:df:fe:
2d:84:ed:ff:99:34:9d:cc:75:e3:17:a0:5d:be:be:
ab:60:17:28:de:0c:aa:42:1e:6c:fc:e6:b9:f1:98:
d6:76:5f:dd:4a:bb:4d:99:8e:39:1e:a4:46:5a:f6:
a0:0e:3f:d9:ad:35:66:a5:08:dc:1d:64:74:11:db:
e2:f4:b2:24:6e:5b:99:b8:07:45:4b:a6:10:9e:66:
2c:17:d8:bd:eb:8f:a0:87:ed:85:38:17:10:f3:a1:
fb:b3:15:89:26:b8:82:d2:b5:61:a4:eb:f0:96:c5:
3d:e6:41:85:c1:12:28:95:61:cf:69:eb:86:aa:41:
5a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B8:42:B6:66:8A:C9:BC:55:34:43:4E:9C:E6:C5:13:A5:6D:89:55
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS209888.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.47.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:fb:64:3d:f7:e4:6c:4d:dc:16:43:29:ae:99:63:40:72:00:
63:6b:ca:18:87:29:3a:a2:a1:21:c3:b5:b4:3c:12:f7:9b:02:
ba:a8:cb:a3:a1:95:e4:b6:69:69:34:f2:48:9f:8c:51:4f:66:
ed:95:bd:db:8e:5b:8d:e4:f3:d0:ba:a2:88:a5:47:69:0c:32:
1f:e4:a8:5b:88:e9:83:07:d5:60:ef:52:a5:be:dd:a8:33:44:
34:32:b8:df:39:c2:dc:aa:a0:4e:57:2d:00:9e:10:67:29:d6:
10:ab:51:f2:c7:a2:73:92:24:a0:de:95:41:c4:d8:59:bc:a0:
e5:eb:00:3a:a6:a5:4f:f2:bf:d8:d6:8a:74:27:fa:c9:66:44:
c0:9f:2a:ec:62:cf:d0:31:99:34:2f:7d:ac:c9:f4:6e:99:a0:
1a:f1:f8:f7:a7:6c:1a:37:88:f9:7e:1a:f2:c2:35:ec:9f:d0:
e4:5d:73:e5:2f:e0:81:d2:37:ad:f9:6f:e9:7a:26:23:92:6d:
db:c4:1e:05:f2:f3:e4:4e:34:e0:66:90:a6:c3:1b:8a:74:bc:
ef:d3:c1:f7:d4:5a:83:17:e3:f5:e3:94:a9:26:5e:ef:5e:9f:
16:a7:7f:15:54:f8:5a:2c:a1:fb:b5:28:32:e4:2d:ea:75:1f:
f2:5c:5e:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUE+XYkGfXoaVm7WCokT4UU9QaklowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MzAwMDU0NDRaFw0yNzA0MjkwMDU5NDRaMDMxMTAvBgNV
BAMTKDBFQjg0MkI2NjY4QUM5QkM1NTM0NDM0RTlDRTZDNTEzQTU2RDg5NTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG70nzFCadsNJGt1s0o//w34uZ
fFD5+RvFpq4I0My5IOyowejoL305GWSusUbh4HMfREz33sWB+YHhF4eC9xyo0my9
/0prkSnCKqPOGVgqe0MA439CQRlu2f7vF8tgRgPmWSXvbgEPfhMzxYz8GaOe7zwS
mja0cWB05yiNK8kvRBVyitzf/i2E7f+ZNJ3MdeMXoF2+vqtgFyjeDKpCHmz85rnx
mNZ2X91Ku02ZjjkepEZa9qAOP9mtNWalCNwdZHQR2+L0siRuW5m4B0VLphCeZiwX
2L3rj6CH7YU4FxDzofuzFYkmuILStWGk6/CWxT3mQYXBEiiVYc9p64aqQVp9AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUDrhCtmaKybxVNENOnObFE6VtiVUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA5ODg4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUi/e
MA0GCSqGSIb3DQEBCwUAA4IBAQBs+2Q99+RsTdwWQymumWNAcgBja8oYhyk6oqEh
w7W0PBL3mwK6qMujoZXktmlpNPJIn4xRT2btlb3bjluN5PPQuqKIpUdpDDIf5Khb
iOmDB9Vg71Klvt2oM0Q0MrjfOcLcqqBOVy0AnhBnKdYQq1Hyx6JzkiSg3pVBxNhZ
vKDl6wA6pqVP8r/Y1op0J/rJZkTAnyrsYs/QMZk0L32syfRumaAa8fj3p2waN4j5
fhrywjXsn9DkXXPlL+CB0jet+W/peiYjkm3bxB4F8vPkTjTgZpCmwxuKdLzv08H3
1FqDF+P145SpJl7vXp8Wp38VVPhaLKH7tSgy5C3qdR/yXF7M
-----END CERTIFICATE-----
Generated at Wed May 6 02:40:20 2026 by rpki-client