Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
File: AS214025.roa (raw, json)
Hash identifier: bbmW9lA0OkVC37ZohHY23fGBDaA3U0nMoWBOlDaUJJA=
Subject key identifier: 42:21:BB:EB:9B:94:5E:C9:71:3D:32:B5:B7:44:7A:D7:A0:3C:AC:5B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 402183A6996CC03D5A1761F3D127CC82CE8F50E9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
Signing time: Wed 04 Mar 2026 11:49:03 +0000
ROA not before: Wed 04 Mar 2026 11:44:03 +0000
ROA not after: Wed 03 Mar 2027 11:49:03 +0000
asID: 214025
IP address blocks: 82.26.88.0/24 maxlen: 24
82.27.92.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.39.102.0/24 maxlen: 24
178.83.141.0/24 maxlen: 24
178.83.144.0/24 maxlen: 24
178.83.147.0/24 maxlen: 24
178.83.151.0/24 maxlen: 24
178.83.155.0/24 maxlen: 24
178.83.157.0/24 maxlen: 24
178.83.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:21:83:a6:99:6c:c0:3d:5a:17:61:f3:d1:27:cc:82:ce:8f:50:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 4 11:44:03 2026 GMT
Not After : Mar 3 11:49:03 2027 GMT
Subject: CN=4221BBEB9B945EC9713D32B5B7447AD7A03CAC5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8b:69:fe:fa:55:53:2c:60:41:9d:5d:3f:fd:
a6:43:43:ee:7a:36:d2:71:1a:ee:57:77:bd:67:96:
53:e0:ce:2f:c7:6e:14:b6:57:bd:06:56:90:43:9e:
fe:1b:45:ce:e5:57:87:e5:9b:1a:79:61:55:14:2c:
7c:df:69:25:cc:b3:62:af:93:39:20:3a:88:8f:7c:
3a:92:2d:02:b4:4f:cb:92:b0:67:33:68:da:dc:a3:
33:57:69:b6:ed:21:9d:04:d9:f6:81:ca:7a:76:4d:
c8:36:03:4c:48:a5:aa:70:25:c0:7e:46:46:bf:b8:
c1:16:b3:a3:00:50:fa:a9:2d:e6:ca:ca:15:2e:16:
f7:47:cd:40:2c:db:bd:54:ac:0f:da:fe:40:89:f6:
8e:d0:62:5e:a7:53:a1:41:42:10:4a:58:b2:9d:f2:
e6:70:82:f1:e3:d2:2b:25:ee:68:94:62:97:f2:e9:
0f:9f:3a:a7:ad:31:d0:ba:aa:a5:91:af:da:b5:f7:
8a:84:3d:d8:f2:b3:16:d9:9a:47:f2:89:2d:1d:f7:
60:6e:ab:b3:e0:0f:24:ea:33:fa:9f:9d:6b:9b:c0:
73:a7:19:a0:6a:fd:31:54:24:0b:e3:ba:18:5f:54:
01:39:c6:c8:dd:c7:29:89:5c:bc:d9:d9:4f:e3:f6:
ac:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:21:BB:EB:9B:94:5E:C9:71:3D:32:B5:B7:44:7A:D7:A0:3C:AC:5B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.88.0/24
82.27.92.0/24
82.29.48.0/24
82.39.102.0/24
178.83.141.0/24
178.83.144.0/24
178.83.147.0/24
178.83.151.0/24
178.83.155.0/24
178.83.157.0/24
178.83.164.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:76:f5:11:ac:ec:82:59:63:83:db:71:d4:0c:0f:43:1a:47:
e4:fe:ce:f4:7b:16:8f:0c:03:05:93:52:50:7f:80:c9:84:68:
d7:52:95:3a:07:28:46:68:1a:5e:72:3a:18:50:1b:45:37:d0:
81:a0:2e:47:e1:0a:53:7f:42:95:fb:a4:f9:6c:e3:ae:2c:01:
34:3c:3e:a5:60:ce:9b:af:62:00:90:9a:17:a0:eb:1c:a7:ed:
3a:bb:53:9b:6a:96:40:38:c9:af:e5:14:5b:9c:e9:a4:7f:f8:
5e:92:f1:26:e6:ed:42:86:5a:22:a7:1b:eb:a0:8c:a8:bc:ca:
20:de:9a:ab:fb:b6:08:fe:c2:a1:0f:a3:90:02:f2:5d:43:f2:
57:73:3e:db:ee:fb:fc:0d:f5:39:f2:8a:38:0e:d0:d1:ef:43:
6f:ee:06:7b:c9:69:b1:fa:3b:47:9e:f1:29:09:53:44:48:c6:
87:f4:2f:7b:f6:b5:31:c2:dd:5f:6b:42:2c:1c:5a:d7:8d:a7:
17:c9:66:7d:5c:bf:46:40:a1:30:30:74:32:62:b8:a9:fc:45:
a0:d1:c0:88:b2:b6:0d:4b:9c:34:f8:b2:82:af:9c:f2:70:fb:
9e:58:e1:a5:d8:fa:fd:87:5d:fe:c6:3a:9b:8e:62:f8:c9:8e:
43:9a:55:5d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUQCGDpplswD1aF2Hz0SfMgs6PUOkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDQxMTQ0MDNaFw0yNzAzMDMxMTQ5MDNaMDMxMTAvBgNV
BAMTKDQyMjFCQkVCOUI5NDVFQzk3MTNEMzJCNUI3NDQ3QUQ3QTAzQ0FDNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpi2n++lVTLGBBnV0//aZDQ+56
NtJxGu5Xd71nllPgzi/HbhS2V70GVpBDnv4bRc7lV4flmxp5YVUULHzfaSXMs2Kv
kzkgOoiPfDqSLQK0T8uSsGczaNrcozNXabbtIZ0E2faBynp2Tcg2A0xIpapwJcB+
Rka/uMEWs6MAUPqpLebKyhUuFvdHzUAs271UrA/a/kCJ9o7QYl6nU6FBQhBKWLKd
8uZwgvHj0isl7miUYpfy6Q+fOqetMdC6qqWRr9q194qEPdjysxbZmkfyiS0d92Bu
q7PgDyTqM/qfnWubwHOnGaBq/TFUJAvjuhhfVAE5xsjdxymJXLzZ2U/j9qxHAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUQiG765uUXslxPTK1t0R616A8rFswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUhpY
AwQAUhtcAwQAUh0wAwQAUidmAwQAslONAwQAslOQAwQAslOTAwQAslOXAwQAslOb
AwQAslOdAwQAslOkMA0GCSqGSIb3DQEBCwUAA4IBAQCPdvURrOyCWWOD23HUDA9D
Gkfk/s70exaPDAMFk1JQf4DJhGjXUpU6ByhGaBpecjoYUBtFN9CBoC5H4QpTf0KV
+6T5bOOuLAE0PD6lYM6br2IAkJoXoOscp+06u1ObapZAOMmv5RRbnOmkf/hekvEm
5u1ChloipxvroIyovMog3pqr+7YI/sKhD6OQAvJdQ/JXcz7b7vv8DfU58oo4DtDR
70Nv7gZ7yWmx+jtHnvEpCVNESMaH9C979rUxwt1fa0IsHFrXjacXyWZ9XL9GQKEw
MHQyYrip/EWg0cCIsrYNS5w0+LKCr5zycPueWOGl2Pr9h13+xjqbjmL4yY5DmlVd
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:05:17 2026 by rpki-client