Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS211192.roa
File: AS211192.roa (raw, json)
Hash identifier: ZsiJtMcOJn+l5GsFknXCZCmkzMH0zle4kjYU8RwrAqU=
Subject key identifier: E0:60:93:0B:9A:02:18:0C:5C:6C:4E:83:9F:41:44:DF:77:59:68:6F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3FCDD5D6FB81494BBEA5A1F0FBB951DA55CADB36
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS211192.roa
Signing time: Wed 26 Mar 2025 15:58:38 +0000
ROA not before: Wed 26 Mar 2025 15:53:38 +0000
ROA not after: Wed 25 Mar 2026 15:58:38 +0000
asID: 211192
IP address blocks: 82.21.177.0/24 maxlen: 24
82.21.178.0/24 maxlen: 24
82.21.179.0/24 maxlen: 24
82.21.181.0/24 maxlen: 24
82.21.182.0/24 maxlen: 24
82.21.183.0/24 maxlen: 24
82.26.90.0/24 maxlen: 24
82.26.92.0/24 maxlen: 24
82.26.101.0/24 maxlen: 24
82.26.105.0/24 maxlen: 24
82.26.106.0/24 maxlen: 24
82.26.117.0/24 maxlen: 24
82.26.138.0/24 maxlen: 24
82.26.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 03:59:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:cd:d5:d6:fb:81:49:4b:be:a5:a1:f0:fb:b9:51:da:55:ca:db:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 26 15:53:38 2025 GMT
Not After : Mar 25 15:58:38 2026 GMT
Subject: CN=E060930B9A02180C5C6C4E839F4144DF7759686F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:1a:a0:27:b5:16:d1:5a:08:79:67:36:45:
c7:86:00:45:82:50:12:ce:e5:22:f2:e6:d5:c1:20:
55:6e:35:e8:03:ce:ec:1a:45:4e:6a:12:3a:90:b8:
44:e7:a8:1d:eb:40:02:9e:92:14:9d:12:5c:97:8d:
67:0f:d8:46:44:13:82:1c:15:81:63:f8:d1:19:b1:
2f:8e:5e:4d:0c:3b:d3:33:44:ae:31:74:46:5d:83:
2f:b2:30:52:3f:4f:1d:c7:36:8e:5a:1e:c0:0c:52:
0d:e4:d9:5a:22:27:aa:a2:a3:30:3b:33:50:9e:e3:
8b:9a:09:ff:91:54:f8:bd:3f:e2:b7:9c:56:9e:cc:
9a:c0:3f:5a:c6:a1:b2:7e:6e:13:7f:76:91:f8:70:
23:58:17:33:11:e4:c2:10:41:61:7b:c1:20:57:ad:
db:4a:28:23:45:d7:7f:5c:16:5e:e6:a4:b1:6c:fc:
dd:f9:d1:ef:15:69:04:d9:ea:39:d0:a7:64:fe:4e:
e1:a3:68:ce:b6:97:38:88:99:fc:47:92:b1:ae:26:
38:67:56:08:47:68:58:62:c6:76:d7:17:a6:5a:3d:
d9:33:1a:f2:10:9c:7f:7f:5a:0e:06:20:35:f5:57:
50:fe:7c:b2:c2:fb:c0:e0:d3:f2:53:43:3a:04:14:
75:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:60:93:0B:9A:02:18:0C:5C:6C:4E:83:9F:41:44:DF:77:59:68:6F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS211192.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.177.0-82.21.179.255
82.21.181.0-82.21.183.255
82.26.90.0/24
82.26.92.0/24
82.26.101.0/24
82.26.105.0-82.26.106.255
82.26.117.0/24
82.26.138.0/24
82.26.145.0/24
Signature Algorithm: sha256WithRSAEncryption
62:75:d6:73:b3:0d:cf:f7:34:9a:34:61:7c:44:e0:51:4f:cd:
f6:a3:13:ec:81:fa:0a:b7:c3:83:5d:20:d5:d9:af:9f:d5:a1:
bb:75:74:7d:26:2e:ff:9f:f1:e9:f7:c1:f1:37:c6:e9:41:6d:
1b:d6:ad:21:1e:93:a8:18:33:34:51:d1:b9:57:5f:e5:8c:40:
e8:6e:99:a5:28:ac:ae:7b:26:b4:2c:94:27:a9:68:af:40:04:
6a:0a:30:fe:d6:fb:fa:ed:d2:ac:2a:05:c2:c8:3c:5f:8c:e7:
17:53:ee:bc:15:df:87:2e:42:31:dc:e8:8a:be:90:09:e6:8f:
f5:ae:a5:66:b0:11:d1:9b:31:48:2e:41:ab:e9:5d:eb:4f:ac:
39:dd:01:cc:13:de:08:97:18:ba:16:e3:e9:d1:6e:7d:4c:06:
57:de:3f:f9:b0:cb:ca:13:b3:01:63:32:17:cf:cd:bb:b8:f7:
cc:f2:2c:34:fa:f0:3c:1f:13:f2:f0:bf:7a:3c:f9:44:34:f1:
3c:d8:44:1b:96:32:1d:dd:a2:1f:d1:80:f1:95:82:4d:50:34:
eb:b7:52:a3:4a:2d:e9:b3:14:48:41:f4:f1:0e:e6:8d:30:eb:
b4:87:bb:16:ae:49:8d:f4:e8:4d:1e:29:eb:cb:53:04:f2:3e:
23:04:92:16
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUP83V1vuBSUu+paHw+7lR2lXK2zYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMjYxNTUzMzhaFw0yNjAzMjUxNTU4MzhaMDMxMTAvBgNV
BAMTKEUwNjA5MzBCOUEwMjE4MEM1QzZDNEU4MzlGNDE0NERGNzc1OTY4NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsChqgJ7UW0VoIeWc2RceGAEWC
UBLO5SLy5tXBIFVuNegDzuwaRU5qEjqQuETnqB3rQAKekhSdElyXjWcP2EZEE4Ic
FYFj+NEZsS+OXk0MO9MzRK4xdEZdgy+yMFI/Tx3HNo5aHsAMUg3k2VoiJ6qiozA7
M1Ce44uaCf+RVPi9P+K3nFaezJrAP1rGobJ+bhN/dpH4cCNYFzMR5MIQQWF7wSBX
rdtKKCNF139cFl7mpLFs/N350e8VaQTZ6jnQp2T+TuGjaM62lziImfxHkrGuJjhn
VghHaFhixnbXF6ZaPdkzGvIQnH9/Wg4GIDX1V1D+fLLC+8Dg0/JTQzoEFHXzAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQU4GCTC5oCGAxcbE6Dn0FE33dZaG8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjExMTkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBABS
FbEDBAJSFbAwDAMEAFIVtQMEA1IVsAMEAFIaWgMEAFIaXAMEAFIaZTAMAwQAUhpp
AwQAUhpqAwQAUhp1AwQAUhqKAwQAUhqRMA0GCSqGSIb3DQEBCwUAA4IBAQBiddZz
sw3P9zSaNGF8ROBRT832oxPsgfoKt8ODXSDV2a+f1aG7dXR9Ji7/n/Hp98HxN8bp
QW0b1q0hHpOoGDM0UdG5V1/ljEDobpmlKKyueya0LJQnqWivQARqCjD+1vv67dKs
KgXCyDxfjOcXU+68Fd+HLkIx3OiKvpAJ5o/1rqVmsBHRmzFILkGr6V3rT6w53QHM
E94Ilxi6FuPp0W59TAZX3j/5sMvKE7MBYzIXz827uPfM8iw0+vA8HxPy8L96PPlE
NPE82EQbljId3aIf0YDxlYJNUDTrt1KjSi3psxRIQfTxDuaNMOu0h7sWrkmN9OhN
Hinry1ME8j4jBJIW
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:43:37 2025 by rpki-client