Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213482.roa
File: AS213482.roa (raw, json)
Hash identifier: e25CjTTnQzCJgm1zwi/WhQ+9DXOVXOIosYbl4+azBGo=
Subject key identifier: A6:9B:8D:F2:1A:5D:39:F1:DF:5C:7E:3C:30:57:9A:B6:D6:07:3F:F7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 668935F8B69E3406B9B9E0A59893B2F699EE5FC9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213482.roa
Signing time: Thu 13 Feb 2025 00:22:40 +0000
ROA not before: Thu 13 Feb 2025 00:17:40 +0000
ROA not after: Thu 12 Feb 2026 00:22:40 +0000
asID: 213482
IP address blocks: 82.22.119.0/24 maxlen: 24
82.25.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:89:35:f8:b6:9e:34:06:b9:b9:e0:a5:98:93:b2:f6:99:ee:5f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 13 00:17:40 2025 GMT
Not After : Feb 12 00:22:40 2026 GMT
Subject: CN=A69B8DF21A5D39F1DF5C7E3C30579AB6D6073FF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:db:b8:0e:64:78:87:9d:e9:3f:86:6f:be:cb:
ba:59:75:81:3b:bf:a8:b7:9c:9d:ab:a1:4a:96:e3:
95:55:8b:53:e2:9b:08:50:7e:a6:58:d3:59:ed:b2:
29:dd:bf:52:9b:eb:99:ce:1f:94:ff:99:f2:aa:ca:
5e:c3:ee:69:b8:7e:1f:24:76:ca:fd:f0:6c:c4:ee:
77:25:fb:87:bb:37:2b:89:f7:d0:b8:8c:b3:31:b7:
f9:87:ab:28:b9:c2:10:4d:66:15:32:66:6c:cf:37:
c0:95:85:92:51:68:e7:2f:f9:cc:51:41:18:34:20:
4d:18:0e:77:99:ff:85:2b:f4:98:7a:36:09:31:01:
09:fa:bc:6e:6f:3b:93:f5:b2:7a:c1:27:34:c5:a7:
53:5d:f9:df:ff:76:09:38:0d:10:41:9a:b7:b5:91:
9a:46:cc:9c:05:cb:41:29:23:2a:14:66:33:f2:b1:
91:19:95:e8:ac:24:75:02:82:ed:62:c0:95:07:08:
09:1f:11:4e:e4:95:31:e1:84:48:a4:97:6e:70:94:
91:17:37:14:82:bf:5f:f6:7f:e6:91:51:44:52:54:
7c:00:fd:14:74:7c:bd:3e:b0:72:6b:0a:7d:03:81:
f1:a4:7c:d0:06:0c:ee:1f:ef:30:06:73:a4:79:ab:
53:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:9B:8D:F2:1A:5D:39:F1:DF:5C:7E:3C:30:57:9A:B6:D6:07:3F:F7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213482.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.119.0/24
82.25.187.0/24
Signature Algorithm: sha256WithRSAEncryption
56:1c:9b:9b:d8:2e:b3:5d:79:23:32:f4:02:bd:dc:a5:40:ac:
72:d9:7a:ae:c6:c3:7d:7b:bf:87:69:20:c0:de:8a:fd:da:22:
d4:7e:8f:7f:a8:85:0a:20:44:b4:2d:48:dd:a4:14:12:f7:8e:
f0:b0:76:72:00:28:55:71:dc:48:32:26:54:94:ce:36:c8:86:
08:0d:47:2e:32:84:f3:32:fe:37:1b:f7:e1:75:32:15:e4:9d:
84:98:90:2e:98:85:b3:a4:8b:e3:fd:a7:30:de:71:88:01:d1:
d9:c2:4a:22:1b:93:bd:7b:75:76:39:03:db:5f:1e:8f:ff:c5:
ae:a6:1c:96:51:51:19:b9:8b:53:b8:25:e1:20:50:6d:e1:89:
37:ed:ed:8c:4b:7a:82:f2:d1:01:b1:ff:80:62:84:96:a5:33:
ef:71:6e:e4:6e:d3:e9:41:c3:cf:0d:df:8e:c3:3a:0d:ce:fd:
96:fb:9a:c6:b7:fc:24:9a:a0:01:ac:82:1f:d5:c6:16:b5:60:
c9:9b:d2:0f:75:20:53:b2:84:f3:5a:03:44:17:a6:fb:4b:48:
bf:27:32:ca:84:53:08:2c:1a:be:e9:cd:ab:e1:34:e2:f9:eb:
3e:c1:b8:8a:c0:ac:fd:3d:9d:84:a2:16:51:3d:a9:b9:ff:a6:
53:1b:0c:40
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUZok1+LaeNAa5ueClmJOy9pnuX8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTMwMDE3NDBaFw0yNjAyMTIwMDIyNDBaMDMxMTAvBgNV
BAMTKEE2OUI4REYyMUE1RDM5RjFERjVDN0UzQzMwNTc5QUI2RDYwNzNGRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk27gOZHiHnek/hm++y7pZdYE7
v6i3nJ2roUqW45VVi1PimwhQfqZY01ntsindv1Kb65nOH5T/mfKqyl7D7mm4fh8k
dsr98GzE7ncl+4e7NyuJ99C4jLMxt/mHqyi5whBNZhUyZmzPN8CVhZJRaOcv+cxR
QRg0IE0YDneZ/4Ur9Jh6NgkxAQn6vG5vO5P1snrBJzTFp1Nd+d//dgk4DRBBmre1
kZpGzJwFy0EpIyoUZjPysZEZleisJHUCgu1iwJUHCAkfEU7klTHhhEikl25wlJEX
NxSCv1/2f+aRUURSVHwA/RR0fL0+sHJrCn0DgfGkfNAGDO4f7zAGc6R5q1OxAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUppuN8hpdOfHfXH48MFeattYHP/cwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEzNDgyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUhZ3
AwQAUhm7MA0GCSqGSIb3DQEBCwUAA4IBAQBWHJub2C6zXXkjMvQCvdylQKxy2Xqu
xsN9e7+HaSDA3or92iLUfo9/qIUKIES0LUjdpBQS947wsHZyAChVcdxIMiZUlM42
yIYIDUcuMoTzMv43G/fhdTIV5J2EmJAumIWzpIvj/acw3nGIAdHZwkoiG5O9e3V2
OQPbXx6P/8WuphyWUVEZuYtTuCXhIFBt4Yk37e2MS3qC8tEBsf+AYoSWpTPvcW7k
btPpQcPPDd+OwzoNzv2W+5rGt/wkmqABrIIf1cYWtWDJm9IPdSBTsoTzWgNEF6b7
S0i/JzLKhFMILBq+6c2r4TTi+es+wbiKwKz9PZ2EohZRPam5/6ZTGwxA
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:26:16 2025 by rpki-client