Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212150.roa
File: AS212150.roa (raw, json)
Hash identifier: CIKwNd6kaQ9HqJqaWpSn7weeH3IjUtCv4RBXkxlXrEU=
Subject key identifier: E9:03:B4:DE:B0:4E:1B:2E:92:A1:8F:B5:DA:A7:08:D0:1A:E9:7A:3B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0D2397A1E83A60C36E65A225B45E51922192FE63
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212150.roa
Signing time: Thu 30 Jan 2025 22:54:57 +0000
ROA not before: Thu 30 Jan 2025 22:49:57 +0000
ROA not after: Thu 29 Jan 2026 22:54:57 +0000
asID: 212150
IP address blocks: 82.21.8.0/24 maxlen: 24
82.21.65.0/24 maxlen: 24
82.21.69.0/24 maxlen: 24
82.21.75.0/24 maxlen: 24
82.21.95.0/24 maxlen: 24
82.21.123.0/24 maxlen: 24
82.21.149.0/24 maxlen: 24
82.22.190.0/24 maxlen: 24
82.22.205.0/24 maxlen: 24
82.24.28.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.26.169.0/24 maxlen: 24
82.29.38.0/24 maxlen: 24
82.29.47.0/24 maxlen: 24
82.29.66.0/24 maxlen: 24
82.29.74.0/24 maxlen: 24
82.29.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:23:97:a1:e8:3a:60:c3:6e:65:a2:25:b4:5e:51:92:21:92:fe:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 30 22:49:57 2025 GMT
Not After : Jan 29 22:54:57 2026 GMT
Subject: CN=E903B4DEB04E1B2E92A18FB5DAA708D01AE97A3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f5:fa:b0:9e:a8:bb:20:d8:cd:40:4b:03:90:
62:0a:33:48:ef:bc:e0:a5:52:ca:dc:ee:5d:28:22:
77:53:df:c3:46:18:70:44:57:5b:6b:20:0d:d2:f1:
90:70:6e:69:4b:9a:d9:a7:4e:4a:c0:27:90:2a:70:
74:da:13:4c:46:88:7a:5a:67:09:5e:b3:bb:12:85:
15:03:d1:eb:bc:d4:48:92:32:28:c0:5f:40:b3:21:
fa:6c:20:74:be:d6:66:08:ce:98:fd:66:7d:9b:6d:
71:c6:c2:7e:79:00:91:b1:2a:cc:0f:e5:e1:95:31:
6e:94:54:8a:0a:99:86:cb:c4:87:62:c5:da:ad:c2:
03:c0:08:f2:6c:52:7b:66:34:74:c7:41:ec:c3:08:
56:89:e7:b3:62:7e:c7:b4:b5:22:84:68:36:74:3b:
bb:04:89:72:d9:fc:39:b5:1b:e0:54:9e:5b:44:b1:
2e:fa:46:fa:4d:10:be:cd:ba:e1:b3:56:e4:e0:75:
2e:87:25:b7:55:2a:29:c1:3c:03:bd:c0:e3:bc:8b:
53:f4:ef:6a:0b:28:01:f9:78:3a:31:4d:a6:42:2d:
95:9c:25:df:3b:ef:9c:30:0e:8e:9f:c4:9f:45:40:
5f:d5:f6:09:3c:fc:10:7f:98:17:fe:5a:f4:23:5e:
51:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:03:B4:DE:B0:4E:1B:2E:92:A1:8F:B5:DA:A7:08:D0:1A:E9:7A:3B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212150.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.8.0/24
82.21.65.0/24
82.21.69.0/24
82.21.75.0/24
82.21.95.0/24
82.21.123.0/24
82.21.149.0/24
82.22.190.0/24
82.22.205.0/24
82.24.28.0/24
82.26.152.0/24
82.26.169.0/24
82.29.38.0/24
82.29.47.0/24
82.29.66.0/24
82.29.74.0/24
82.29.88.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:10:45:f6:5f:e0:6f:51:7c:b2:09:93:db:73:85:8d:ea:60:
b1:82:31:b8:b9:46:e1:48:84:0c:5f:ff:0d:eb:d2:21:92:5c:
f6:20:10:fa:24:48:ea:57:6a:9b:85:3f:d3:5e:72:77:b2:6e:
d7:e3:bd:b3:70:0f:fb:6a:54:0a:9f:8e:51:a8:92:46:1b:fc:
6b:58:16:5c:ec:26:3a:9c:38:13:92:e8:93:aa:a1:88:cf:f8:
91:80:41:29:1e:53:b4:ab:8f:41:cf:9e:93:8a:74:e6:af:5d:
b5:c3:a1:37:33:b7:70:79:10:91:8c:b6:92:55:91:dd:0a:01:
16:f5:a0:ef:3e:97:58:42:d5:4f:1c:5d:07:4d:ff:b1:a4:36:
c7:96:f3:f9:f6:3d:07:b8:09:f7:4a:9e:72:b9:1d:50:e9:18:
f6:42:8b:f3:b2:68:49:20:34:30:da:d1:a3:a4:16:39:64:ad:
bb:ea:81:cb:1d:a8:29:ef:1a:25:b4:18:72:ef:4f:5f:f3:05:
98:40:13:41:e5:49:e6:b6:08:89:2e:52:04:6f:50:3a:41:60:
02:d1:e3:92:f1:a1:c3:bc:17:fd:58:78:2c:dd:c9:01:60:66:
fe:8f:df:1d:14:25:6e:e6:ba:f4:47:71:07:5b:8d:d2:c0:bc:
cd:a9:45:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDSOXoeg6YMNuZaIltF5RkiGS/mMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMzAyMjQ5NTdaFw0yNjAxMjkyMjU0NTdaMDMxMTAvBgNV
BAMTKEU5MDNCNERFQjA0RTFCMkU5MkExOEZCNURBQTcwOEQwMUFFOTdBM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG9fqwnqi7INjNQEsDkGIKM0jv
vOClUsrc7l0oIndT38NGGHBEV1trIA3S8ZBwbmlLmtmnTkrAJ5AqcHTaE0xGiHpa
Zwles7sShRUD0eu81EiSMijAX0CzIfpsIHS+1mYIzpj9Zn2bbXHGwn55AJGxKswP
5eGVMW6UVIoKmYbLxIdixdqtwgPACPJsUntmNHTHQezDCFaJ57Nifse0tSKEaDZ0
O7sEiXLZ/Dm1G+BUnltEsS76RvpNEL7NuuGzVuTgdS6HJbdVKinBPAO9wOO8i1P0
72oLKAH5eDoxTaZCLZWcJd8775wwDo6fxJ9FQF/V9gk8/BB/mBf+WvQjXlHHAgMB
AAGjggJqMIICZjAdBgNVHQ4EFgQU6QO03rBOGy6SoY+12qcI0BrpejswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMTUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAUhUI
AwQAUhVBAwQAUhVFAwQAUhVLAwQAUhVfAwQAUhV7AwQAUhWVAwQAUha+AwQAUhbN
AwQAUhgcAwQAUhqYAwQAUhqpAwQAUh0mAwQAUh0vAwQAUh1CAwQAUh1KAwQAUh1Y
MA0GCSqGSIb3DQEBCwUAA4IBAQAeEEX2X+BvUXyyCZPbc4WN6mCxgjG4uUbhSIQM
X/8N69Ihklz2IBD6JEjqV2qbhT/TXnJ3sm7X472zcA/7alQKn45RqJJGG/xrWBZc
7CY6nDgTkuiTqqGIz/iRgEEpHlO0q49Bz56TinTmr121w6E3M7dweRCRjLaSVZHd
CgEW9aDvPpdYQtVPHF0HTf+xpDbHlvP59j0HuAn3Sp5yuR1Q6Rj2QovzsmhJIDQw
2tGjpBY5ZK276oHLHagp7xoltBhy709f8wWYQBNB5UnmtgiJLlIEb1A6QWAC0eOS
8aHDvBf9WHgs3ckBYGb+j98dFCVu5rr0R3EHW43SwLzNqUU2
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:46:18 2025 by rpki-client