Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213929.roa
File: AS213929.roa (raw, json)
Hash identifier: qMLoPWljazUhhMWx3k3MQhYgHy5EOTvmTs2tRw4UG3I=
Subject key identifier: 2B:72:5C:64:43:B7:27:8F:9D:6E:BB:AA:18:E9:C4:A8:FE:81:62:D0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7E923BF2FF6BC71DF154E2836D43F560D623A69F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213929.roa
Signing time: Fri 27 Mar 2026 17:20:29 +0000
ROA not before: Fri 27 Mar 2026 17:15:29 +0000
ROA not after: Fri 26 Mar 2027 17:20:29 +0000
asID: 213929
IP address blocks: 82.21.4.0/24 maxlen: 24
84.75.255.0/24 maxlen: 24
2a13:9500:7b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:92:3b:f2:ff:6b:c7:1d:f1:54:e2:83:6d:43:f5:60:d6:23:a6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 27 17:15:29 2026 GMT
Not After : Mar 26 17:20:29 2027 GMT
Subject: CN=2B725C6443B7278F9D6EBBAA18E9C4A8FE8162D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:93:7d:62:55:22:fa:bd:17:0c:92:9c:35:a7:
46:1e:7b:31:0a:be:61:ef:90:52:86:69:80:a2:d0:
30:a1:92:39:01:ed:11:2f:c1:2b:fa:df:a8:db:35:
2f:c3:1a:43:b2:da:eb:36:21:e9:9e:33:da:40:74:
ec:3d:c4:c8:01:37:9b:a2:69:6b:fd:49:e9:cf:25:
b3:08:62:62:0b:b6:a1:aa:04:24:4a:a7:be:05:bf:
2a:2c:cd:32:2c:9d:b0:c0:4a:b6:2f:84:56:3e:61:
ff:10:a3:0c:41:fa:e0:ff:2a:15:25:30:3a:c8:a8:
bd:88:17:ff:ab:0f:53:77:d4:fe:1c:75:ac:25:61:
ba:5b:97:9c:46:87:e7:dc:37:70:da:1b:b0:60:9c:
fc:fc:ce:f3:b4:12:da:1e:27:c6:9c:06:61:6e:25:
65:92:20:f8:3a:33:61:56:8c:e9:ff:5b:0f:26:28:
66:cd:a8:a6:5c:f2:f5:21:f3:7e:a8:9f:e6:8f:ef:
86:b6:59:71:1b:14:a4:a0:f2:20:35:29:aa:a2:75:
ef:25:9f:a1:6f:48:33:51:93:3d:b3:94:9d:12:a2:
2b:c6:3f:08:f9:5c:8b:13:81:6c:9f:5c:f8:b8:a8:
06:7a:e1:7f:c0:69:d0:d8:98:21:ee:32:2f:dd:aa:
18:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:72:5C:64:43:B7:27:8F:9D:6E:BB:AA:18:E9:C4:A8:FE:81:62:D0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213929.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.4.0/24
84.75.255.0/24
IPv6:
2a13:9500:7b::/48
Signature Algorithm: sha256WithRSAEncryption
4d:f3:0a:7f:4f:ea:7e:9f:70:18:f7:ca:dd:e4:5a:79:ce:70:
c0:39:60:dd:07:23:77:f4:87:d0:35:fd:fa:8f:9f:2f:a0:90:
48:4e:76:2a:2c:1e:8e:b3:9f:bf:6d:69:32:5d:20:13:1d:29:
cc:7d:54:c7:af:03:6e:be:2d:6f:da:b8:00:bc:95:6c:65:1e:
c3:20:1f:5d:df:55:f2:f5:c8:a1:b8:93:a1:91:29:7c:b9:e2:
77:e8:e9:d2:85:0e:a5:9d:ab:23:71:71:a4:fc:37:30:11:d8:
f3:63:23:0a:d7:76:86:59:ad:71:47:33:c1:4a:59:62:9c:94:
89:8f:13:19:a5:ee:90:74:cc:1b:10:d4:22:70:29:2a:79:9d:
73:4b:8c:4a:23:d6:ae:3c:e7:02:8b:75:31:e4:6c:0f:8f:1d:
72:8f:99:4f:57:76:53:f5:8e:37:a6:5d:2f:2a:f5:ee:c5:71:
78:02:b1:71:78:04:43:16:6f:a5:75:1c:55:da:89:8c:86:ef:
98:dd:22:aa:81:6c:42:9f:c4:47:24:9e:c7:c2:8a:77:ec:b2:
a9:41:53:c8:a1:35:cc:60:6e:2a:5e:39:a5:6b:a4:6e:90:a5:
28:c2:84:83:56:ee:09:b4:29:6b:58:6c:64:74:22:28:b6:aa:
0c:c4:88:21
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUfpI78v9rxx3xVOKDbUP1YNYjpp8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjcxNzE1MjlaFw0yNzAzMjYxNzIwMjlaMDMxMTAvBgNV
BAMTKDJCNzI1QzY0NDNCNzI3OEY5RDZFQkJBQTE4RTlDNEE4RkU4MTYyRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgk31iVSL6vRcMkpw1p0YeezEK
vmHvkFKGaYCi0DChkjkB7REvwSv636jbNS/DGkOy2us2IemeM9pAdOw9xMgBN5ui
aWv9SenPJbMIYmILtqGqBCRKp74FvyoszTIsnbDASrYvhFY+Yf8QowxB+uD/KhUl
MDrIqL2IF/+rD1N31P4cdawlYbpbl5xGh+fcN3DaG7BgnPz8zvO0EtoeJ8acBmFu
JWWSIPg6M2FWjOn/Ww8mKGbNqKZc8vUh836on+aP74a2WXEbFKSg8iA1Kaqide8l
n6FvSDNRkz2zlJ0SoivGPwj5XIsTgWyfXPi4qAZ64X/AadDYmCHuMi/dqhiZAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUK3JcZEO3J4+dbruqGOnEqP6BYtAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEzOTI5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAUhUE
AwQAVEv/MA8EAgACMAkDBwAqE5UAAHswDQYJKoZIhvcNAQELBQADggEBAE3zCn9P
6n6fcBj3yt3kWnnOcMA5YN0HI3f0h9A1/fqPny+gkEhOdiosHo6zn79taTJdIBMd
Kcx9VMevA26+LW/auAC8lWxlHsMgH13fVfL1yKG4k6GRKXy54nfo6dKFDqWdqyNx
caT8NzAR2PNjIwrXdoZZrXFHM8FKWWKclImPExml7pB0zBsQ1CJwKSp5nXNLjEoj
1q485wKLdTHkbA+PHXKPmU9XdlP1jjemXS8q9e7FcXgCsXF4BEMWb6V1HFXaiYyG
75jdIqqBbEKfxEcknsfCinfssqlBU8ihNcxgbipeOaVrpG6QpSjChINW7gm0KWtY
bGR0Iii2qgzEiCE=
-----END CERTIFICATE-----
Generated at Sat Mar 28 20:08:04 2026 by rpki-client