Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: gSpPZ7p9nsVkBvj81rRYSwE475VwF3RZwM8b8/pJSKI=
Subject key identifier: 3B:03:D3:33:1B:4D:D0:8E:EF:F7:D5:FD:42:85:FA:62:9A:EC:46:48
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4241858A27180BB6697DDD09A4A159A563F393E2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
Signing time: Tue 30 Sep 2025 08:41:57 +0000
ROA not before: Tue 30 Sep 2025 08:36:57 +0000
ROA not after: Tue 29 Sep 2026 08:41:57 +0000
asID: 214025
IP address blocks: 82.21.3.0/24 maxlen: 24
82.22.187.0/24 maxlen: 24
82.24.25.0/24 maxlen: 24
82.26.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:41:85:8a:27:18:0b:b6:69:7d:dd:09:a4:a1:59:a5:63:f3:93:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 30 08:36:57 2025 GMT
Not After : Sep 29 08:41:57 2026 GMT
Subject: CN=3B03D3331B4DD08EEFF7D5FD4285FA629AEC4648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f2:f1:31:2a:c7:05:47:a7:46:19:9e:51:f1:
8b:48:31:3a:65:08:91:30:ad:c2:eb:8d:83:83:74:
b1:b6:67:29:c6:26:75:17:79:31:0c:f3:81:1b:e2:
52:32:ae:fc:33:22:90:19:ac:ed:f0:7b:5b:fc:59:
27:cd:a1:3a:4f:6d:a0:26:c9:69:f1:b4:62:54:9f:
e6:f5:2e:76:fc:05:59:58:a2:bd:9f:07:92:dd:54:
dd:a1:a9:d2:f6:78:f3:77:69:eb:3a:4f:e5:28:75:
13:4c:29:3d:e0:f1:55:77:87:42:85:2f:4a:a5:2c:
21:88:f2:8a:9b:6e:1c:77:28:60:ec:c5:fb:6f:6b:
03:2f:4f:54:1f:0a:3e:ef:6e:e7:33:50:af:ca:f7:
7f:65:0e:23:e8:90:ec:7c:54:f3:f3:b3:18:2f:ba:
a8:de:cf:4b:9d:85:ce:3d:98:c2:4f:4d:1a:ed:b4:
07:2b:98:2c:d3:f8:ba:91:82:91:df:57:5d:03:5f:
27:d6:58:63:d2:70:52:06:aa:68:cc:87:cd:18:94:
c9:7d:63:72:d7:c7:d0:d9:41:ce:5e:2b:5d:7c:00:
68:50:1b:6b:ee:93:de:26:2c:d3:8e:0a:56:af:22:
ad:e0:38:65:2a:b3:88:23:81:63:f7:16:f8:ac:20:
86:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:03:D3:33:1B:4D:D0:8E:EF:F7:D5:FD:42:85:FA:62:9A:EC:46:48
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.3.0/24
82.22.187.0/24
82.24.25.0/24
82.26.136.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:8a:a9:7c:2b:e0:05:31:1c:07:d9:f2:0e:c0:22:24:aa:96:
7c:d9:80:68:4e:4a:03:f8:47:d5:cf:84:96:be:64:43:37:c3:
59:fe:d5:20:b6:d5:83:a6:04:0f:4b:27:72:23:b9:be:cc:60:
ab:52:86:43:ea:b6:1a:50:3d:43:43:9e:18:b4:d9:c2:64:52:
8f:8f:e0:4d:68:aa:c0:8d:a9:ab:fe:e1:20:7b:c6:01:61:82:
55:a5:c7:b6:56:9d:b3:b8:3f:12:67:f3:37:33:e2:1a:1e:f5:
34:9c:d6:97:ed:7c:f5:cc:97:b3:e5:05:8e:23:6c:78:39:60:
b6:16:3f:eb:82:c3:56:84:4e:79:6a:38:fd:25:15:89:b2:50:
af:50:53:ea:b7:14:27:c9:3a:86:e3:42:76:c2:ab:81:d4:b1:
cd:77:1d:4c:69:7d:66:9c:93:81:9b:63:68:ae:20:ad:79:7a:
4c:88:66:03:a2:08:12:18:8d:1b:19:0c:f0:66:b0:8c:cf:12:
ae:63:2c:58:e6:59:dc:4a:70:3d:b9:b0:69:8c:5b:24:fd:a9:
bb:1e:b2:71:53:ae:a5:f2:a0:23:15:53:33:7d:68:40:71:42:
19:f3:c3:38:6d:3c:58:46:96:41:62:33:b7:1e:10:d1:55:92:
fb:28:9a:4f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUQkGFiicYC7Zpfd0JpKFZpWPzk+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MzAwODM2NTdaFw0yNjA5MjkwODQxNTdaMDMxMTAvBgNV
BAMTKDNCMDNEMzMzMUI0REQwOEVFRkY3RDVGRDQyODVGQTYyOUFFQzQ2NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ8vExKscFR6dGGZ5R8YtIMTpl
CJEwrcLrjYODdLG2ZynGJnUXeTEM84Eb4lIyrvwzIpAZrO3we1v8WSfNoTpPbaAm
yWnxtGJUn+b1Lnb8BVlYor2fB5LdVN2hqdL2ePN3aes6T+UodRNMKT3g8VV3h0KF
L0qlLCGI8oqbbhx3KGDsxftvawMvT1QfCj7vbuczUK/K939lDiPokOx8VPPzsxgv
uqjez0udhc49mMJPTRrttAcrmCzT+LqRgpHfV10DXyfWWGPScFIGqmjMh80YlMl9
Y3LXx9DZQc5eK118AGhQG2vuk94mLNOOClavIq3gOGUqs4gjgWP3FvisIIaLAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUOwPTMxtN0I7v99X9QoX6YprsRkgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhUD
AwQAUha7AwQAUhgZAwQAUhqIMA0GCSqGSIb3DQEBCwUAA4IBAQBriql8K+AFMRwH
2fIOwCIkqpZ82YBoTkoD+EfVz4SWvmRDN8NZ/tUgttWDpgQPSydyI7m+zGCrUoZD
6rYaUD1DQ54YtNnCZFKPj+BNaKrAjamr/uEge8YBYYJVpce2Vp2zuD8SZ/M3M+Ia
HvU0nNaX7Xz1zJez5QWOI2x4OWC2Fj/rgsNWhE55ajj9JRWJslCvUFPqtxQnyTqG
40J2wquB1LHNdx1MaX1mnJOBm2NoriCteXpMiGYDoggSGI0bGQzwZrCMzxKuYyxY
5lncSnA9ubBpjFsk/am7HrJxU66l8qAjFVMzfWhAcUIZ88M4bTxYRpZBYjO3HhDR
VZL7KJpP
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:23:34 2025 by rpki-client