Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212384.roa
File:                     AS212384.roa (raw, json)
Hash identifier:          REHgsFUPfuU+yFryI1k5PfYidhlIzBi5av2W+cT0w/Q=
Subject key identifier:   0D:6C:33:4D:5C:BA:A5:BA:E1:8E:EE:44:76:03:99:60:0B:8E:8E:C1
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       4C8BE0B65B840E2FAB0F395785E9DE611CF6DA33
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212384.roa
Signing time:             Thu 21 May 2026 13:47:15 +0000
ROA not before:           Thu 21 May 2026 13:42:15 +0000
ROA not after:            Thu 20 May 2027 13:47:15 +0000
asID:                     212384
IP address blocks:        82.25.38.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jun 2026 15:55:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:8b:e0:b6:5b:84:0e:2f:ab:0f:39:57:85:e9:de:61:1c:f6:da:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May 21 13:42:15 2026 GMT
            Not After : May 20 13:47:15 2027 GMT
        Subject: CN=0D6C334D5CBAA5BAE18EEE44760399600B8E8EC1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:b7:85:ba:66:ef:5d:82:58:17:85:b9:79:36:
                    fe:76:79:6c:07:cf:36:ac:29:d6:d5:eb:0d:79:e9:
                    79:0c:01:40:2d:33:dc:ca:b3:27:e5:dc:fd:c9:12:
                    e2:06:5e:6e:9d:24:de:a8:d5:28:37:7e:4d:2b:d8:
                    df:d5:8a:90:3f:eb:a5:16:c8:c3:26:f2:e4:0f:58:
                    ca:e1:57:a2:1b:27:e1:64:fe:be:7e:ec:b8:b5:50:
                    f0:9d:39:e0:81:87:44:94:c5:43:44:67:b3:9a:68:
                    3b:6e:dc:3f:f1:55:ac:0e:fe:50:e0:fc:d3:8b:3e:
                    7a:a4:86:e3:c6:cf:a3:a2:40:4b:cd:be:58:86:8d:
                    bb:e2:f4:de:2e:f7:32:e6:56:d8:e5:36:63:2e:38:
                    24:40:2a:f1:88:a8:12:3d:42:87:35:ad:b4:87:cb:
                    1f:47:c2:88:bd:74:43:ea:b0:25:28:5c:3b:0a:c8:
                    2f:e5:ea:62:7e:1f:d4:94:bc:2d:eb:1d:fb:ed:d5:
                    36:30:52:3d:59:85:38:01:12:43:e4:79:30:f1:41:
                    0f:04:92:c0:73:13:cd:97:1a:3f:0c:fa:3f:5a:7e:
                    2e:8f:8c:10:62:5f:66:b4:84:b2:30:bc:85:4f:49:
                    f5:c7:f8:1e:db:2e:a7:1f:07:e3:d9:ba:ab:9c:9b:
                    36:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:6C:33:4D:5C:BA:A5:BA:E1:8E:EE:44:76:03:99:60:0B:8E:8E:C1
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212384.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.25.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:5a:31:57:92:2c:5c:5a:65:7e:4e:23:61:ac:d9:50:35:79:
         2f:1b:dc:70:95:e0:05:da:71:02:93:2d:6f:31:42:b1:53:f2:
         8f:4e:3a:45:55:88:47:54:71:6a:cd:3d:54:53:58:e4:11:cc:
         aa:3b:3c:db:24:f9:2a:30:d8:d3:f6:06:ae:5d:08:28:bf:cd:
         80:5f:18:cb:3d:85:29:22:9e:1c:cf:24:11:9a:60:fe:84:38:
         48:90:0b:cd:5d:79:02:bd:a4:98:38:8a:a0:b2:5a:d4:cd:57:
         5a:49:0b:db:15:ea:b2:7e:a7:48:56:85:2f:0b:82:17:fc:02:
         6f:0b:55:7b:62:cd:97:d9:4a:c5:6c:3c:52:79:dc:ad:6c:93:
         e8:8a:e5:d0:b3:ec:c5:49:06:38:29:27:8d:fc:65:7d:e6:15:
         04:4a:1f:42:40:a7:f2:73:69:93:e6:81:9c:fd:86:5a:f3:90:
         0d:d0:ad:8f:bc:25:9f:05:8a:55:fd:c9:de:9f:09:2c:e8:0a:
         bc:0e:2b:c0:a3:0a:9a:c8:31:8f:1e:ce:6d:3a:9e:e0:34:a5:
         07:63:68:97:e2:b9:fd:9a:25:7b:37:95:fe:ed:45:41:3a:2b:
         47:bc:fd:fd:72:8f:f4:ea:3c:33:9e:61:2c:70:1a:a9:56:dc:
         4e:e0:de:9e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUTIvgtluEDi+rDzlXheneYRz22jMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjExMzQyMTVaFw0yNzA1MjAxMzQ3MTVaMDMxMTAvBgNV
BAMTKDBENkMzMzRENUNCQUE1QkFFMThFRUU0NDc2MDM5OTYwMEI4RThFQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJt4W6Zu9dglgXhbl5Nv52eWwH
zzasKdbV6w156XkMAUAtM9zKsyfl3P3JEuIGXm6dJN6o1Sg3fk0r2N/VipA/66UW
yMMm8uQPWMrhV6IbJ+Fk/r5+7Li1UPCdOeCBh0SUxUNEZ7OaaDtu3D/xVawO/lDg
/NOLPnqkhuPGz6OiQEvNvliGjbvi9N4u9zLmVtjlNmMuOCRAKvGIqBI9Qoc1rbSH
yx9Hwoi9dEPqsCUoXDsKyC/l6mJ+H9SUvC3rHfvt1TYwUj1ZhTgBEkPkeTDxQQ8E
ksBzE82XGj8M+j9afi6PjBBiX2a0hLIwvIVPSfXH+B7bLqcfB+PZuqucmzaZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUDWwzTVy6pbrhju5EdgOZYAuOjsEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMzg0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhkm
MA0GCSqGSIb3DQEBCwUAA4IBAQCdWjFXkixcWmV+TiNhrNlQNXkvG9xwleAF2nEC
ky1vMUKxU/KPTjpFVYhHVHFqzT1UU1jkEcyqOzzbJPkqMNjT9gauXQgov82AXxjL
PYUpIp4czyQRmmD+hDhIkAvNXXkCvaSYOIqgslrUzVdaSQvbFeqyfqdIVoUvC4IX
/AJvC1V7Ys2X2UrFbDxSedytbJPoiuXQs+zFSQY4KSeN/GV95hUESh9CQKfyc2mT
5oGc/YZa85AN0K2PvCWfBYpV/cnenwks6Aq8DivAowqayDGPHs5tOp7gNKUHY2iX
4rn9miV7N5X+7UVBOitHvP39co/06jwznmEscBqpVtxO4N6e
-----END CERTIFICATE-----