Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: ylo+7gOaoEdILi/jykUqcEXdcYEg5dReiFnTX37MyHo=
Subject key identifier: 9B:3C:88:6E:03:52:96:75:95:54:01:B6:B6:0D:92:1F:54:EC:5D:0A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 09AE827E1B0D101B32D0992D0C70B5867FB58393
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
Signing time: Fri 31 Jan 2025 14:16:24 +0000
ROA not before: Fri 31 Jan 2025 14:11:24 +0000
ROA not after: Fri 30 Jan 2026 14:16:24 +0000
asID: 212238
IP address blocks: 82.21.128.0/22 maxlen: 22
82.21.172.0/23 maxlen: 23
82.29.24.0/23 maxlen: 23
82.29.43.0/24 maxlen: 24
82.29.44.0/24 maxlen: 24
82.29.50.0/24 maxlen: 24
82.29.92.0/24 maxlen: 24
82.29.94.0/24 maxlen: 24
82.29.96.0/24 maxlen: 24
82.29.97.0/24 maxlen: 24
82.29.100.0/24 maxlen: 24
82.29.101.0/24 maxlen: 24
82.29.109.0/24 maxlen: 24
82.29.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:ae:82:7e:1b:0d:10:1b:32:d0:99:2d:0c:70:b5:86:7f:b5:83:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 31 14:11:24 2025 GMT
Not After : Jan 30 14:16:24 2026 GMT
Subject: CN=9B3C886E03529675955401B6B60D921F54EC5D0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a9:64:fa:1b:fe:5d:83:46:9f:35:31:9d:3e:
7d:14:2c:b5:ca:4a:db:78:a3:ed:92:5b:3b:79:a9:
c5:e6:a9:8f:ba:8f:b7:0f:ed:74:bc:97:f7:af:de:
25:f8:db:4c:2a:39:86:3d:b4:45:77:8f:4c:74:62:
94:24:5c:dd:7e:81:a8:99:b6:9b:4f:76:d5:28:c5:
91:55:c5:55:83:1c:ad:1a:3d:ff:76:24:c5:ef:0e:
f8:49:21:aa:14:d1:fd:bf:7b:e1:61:38:9f:04:18:
bb:ca:9f:4a:ca:e8:55:ac:6f:37:9e:eb:35:44:c1:
f2:96:55:0b:96:62:38:ee:37:80:21:06:4e:b8:22:
87:0a:a0:f0:2e:0d:33:99:f4:ca:72:e0:76:01:a1:
6d:38:6a:72:92:d7:fe:15:8f:c4:f7:8a:61:3f:d3:
5c:23:dc:20:96:09:ea:46:e0:0c:a8:20:d8:e9:0c:
2b:b0:2c:06:2f:70:d4:9f:7a:e6:65:4c:30:2c:86:
5f:84:b6:55:4a:b0:a1:bf:cc:60:b5:4e:e2:21:cc:
47:d4:3c:5f:8f:8e:25:98:b9:fb:88:0b:de:9f:37:
5a:9d:40:e7:ea:7b:d7:d6:30:b3:e4:24:94:d4:57:
61:e8:e3:4d:80:71:5c:6a:4c:e8:ee:1f:3f:26:d5:
7f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3C:88:6E:03:52:96:75:95:54:01:B6:B6:0D:92:1F:54:EC:5D:0A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.128.0/22
82.21.172.0/23
82.29.24.0/23
82.29.43.0-82.29.44.255
82.29.50.0/24
82.29.92.0/24
82.29.94.0/24
82.29.96.0/23
82.29.100.0/23
82.29.109.0/24
82.29.202.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ef:35:40:12:88:3b:ca:cc:75:4d:54:d5:9f:27:42:f6:c8:
91:3a:39:fc:20:40:7c:92:d3:66:a0:8b:f8:98:e0:51:98:da:
18:3c:39:27:83:1d:0c:92:c8:73:99:15:27:08:14:fc:21:b8:
5d:ef:4d:39:bb:7a:8a:5f:36:c6:56:04:7b:b3:94:b4:e5:b7:
9c:84:ee:a6:18:69:6b:04:70:0b:81:d8:32:71:94:28:47:05:
b5:0c:89:33:c3:86:b7:c9:bd:74:88:62:fd:24:bb:03:ae:01:
df:d0:dc:74:01:31:ff:97:7e:18:3d:d4:52:ee:91:38:a8:d6:
38:14:2d:06:54:77:d1:ac:80:8b:f7:3e:b8:59:b4:5c:47:ea:
3b:46:20:f5:4e:af:fc:b8:40:5d:08:6e:bb:e7:b9:98:ef:85:
b4:94:02:4f:ab:87:29:fc:56:4f:e7:a4:4e:3c:af:fc:15:a8:
12:dc:58:e1:e0:f0:b4:81:4f:f7:2a:0d:13:82:22:c2:7d:8d:
f3:58:a1:02:c1:41:82:56:fe:8d:2e:68:43:0b:e8:b2:6a:9d:
c8:43:00:68:2a:c8:3b:1d:3e:ee:a9:85:c3:0d:60:e9:2a:d5:
aa:1b:ee:39:4c:41:0e:a5:93:20:3b:56:a8:e4:4b:8e:9b:e8:
b9:53:50:60
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUCa6CfhsNEBsy0JktDHC1hn+1g5MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMzExNDExMjRaFw0yNjAxMzAxNDE2MjRaMDMxMTAvBgNV
BAMTKDlCM0M4ODZFMDM1Mjk2NzU5NTU0MDFCNkI2MEQ5MjFGNTRFQzVEMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJqWT6G/5dg0afNTGdPn0ULLXK
Stt4o+2SWzt5qcXmqY+6j7cP7XS8l/ev3iX420wqOYY9tEV3j0x0YpQkXN1+gaiZ
tptPdtUoxZFVxVWDHK0aPf92JMXvDvhJIaoU0f2/e+FhOJ8EGLvKn0rK6FWsbzee
6zVEwfKWVQuWYjjuN4AhBk64IocKoPAuDTOZ9Mpy4HYBoW04anKS1/4Vj8T3imE/
01wj3CCWCepG4AyoINjpDCuwLAYvcNSfeuZlTDAshl+EtlVKsKG/zGC1TuIhzEfU
PF+PjiWYufuIC96fN1qdQOfqe9fWMLPkJJTUV2Ho402AcVxqTOjuHz8m1X+jAgMB
AAGjggJOMIICSjAdBgNVHQ4EFgQUmzyIbgNSlnWVVAG2tg2SH1TsXQowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCUhWA
AwQBUhWsAwQBUh0YMAwDBABSHSsDBABSHSwDBABSHTIDBABSHVwDBABSHV4DBAFS
HWADBAFSHWQDBABSHW0DBABSHcowDQYJKoZIhvcNAQELBQADggEBAAnvNUASiDvK
zHVNVNWfJ0L2yJE6OfwgQHyS02agi/iY4FGY2hg8OSeDHQySyHOZFScIFPwhuF3v
TTm7eopfNsZWBHuzlLTlt5yE7qYYaWsEcAuB2DJxlChHBbUMiTPDhrfJvXSIYv0k
uwOuAd/Q3HQBMf+Xfhg91FLukTio1jgULQZUd9GsgIv3PrhZtFxH6jtGIPVOr/y4
QF0IbrvnuZjvhbSUAk+rhyn8Vk/npE48r/wVqBLcWOHg8LSBT/cqDROCIsJ9jfNY
oQLBQYJW/o0uaEML6LJqnchDAGgqyDsdPu6phcMNYOkq1aob7jlMQQ6lkyA7Vqjk
S46b6LlTUGA=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:08:26 2025 by rpki-client