Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214402.roa
File: AS214402.roa (raw, json)
Hash identifier: yPsDA/umjMi+UJ7HRyvqArEm+BWvmOuYDdtbT/mbSIw=
Subject key identifier: BA:03:11:95:08:07:D7:08:1F:E5:9C:9F:D2:5A:9E:8F:DA:07:73:4C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0AA8BF2EBEC3F586364EEAF09C3DFF3F5AE303FB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214402.roa
Signing time: Tue 08 Apr 2025 18:19:54 +0000
ROA not before: Tue 08 Apr 2025 18:14:54 +0000
ROA not after: Tue 07 Apr 2026 18:19:54 +0000
asID: 214402
IP address blocks: 82.26.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 02:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:a8:bf:2e:be:c3:f5:86:36:4e:ea:f0:9c:3d:ff:3f:5a:e3:03:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 8 18:14:54 2025 GMT
Not After : Apr 7 18:19:54 2026 GMT
Subject: CN=BA0311950807D7081FE59C9FD25A9E8FDA07734C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5a:2f:4e:04:b5:5f:00:f7:ca:b9:23:67:22:
3a:23:fa:25:72:6e:00:8e:22:93:4d:ed:6c:53:60:
ac:64:d1:25:8f:4a:e5:a0:3f:d9:9c:87:cf:58:43:
b9:42:9b:8d:97:29:a6:b7:c2:1b:ba:25:80:1f:2c:
9c:ea:6b:89:90:fc:e6:8b:1b:1e:98:9c:56:eb:75:
a0:7a:e6:91:e8:f2:39:47:b1:b1:0e:03:23:b8:f5:
1b:98:7f:f4:45:c7:7d:e6:18:f2:ba:78:fd:76:8f:
07:49:a5:c8:ec:2b:9a:ec:9b:5f:27:40:9e:62:e1:
67:5f:52:a7:b2:74:85:f5:95:d7:86:a7:38:1a:41:
10:98:0b:be:99:c5:78:7e:90:72:50:b6:0a:b3:3c:
9a:06:6c:c9:7e:f6:19:b6:26:b4:39:71:37:09:c5:
83:67:2f:90:b1:80:06:48:b5:4a:a1:3e:97:d5:a1:
f2:fc:6a:e6:90:73:7b:62:8a:7e:cd:a7:ba:d8:7b:
8f:18:c0:72:4c:2b:90:35:b7:73:4b:e0:b1:2a:10:
38:2d:e6:ac:75:ab:6c:97:04:03:8d:dd:cd:1d:60:
d3:72:0e:99:29:eb:1d:5c:b0:23:e7:12:62:7d:c6:
c2:72:2f:d0:a3:ea:46:b2:c8:e4:12:11:f6:f7:d4:
64:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:03:11:95:08:07:D7:08:1F:E5:9C:9F:D2:5A:9E:8F:DA:07:73:4C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214402.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.113.0/24
Signature Algorithm: sha256WithRSAEncryption
08:8b:06:d2:65:b6:66:1d:3c:32:2c:a3:bd:20:a2:19:e6:35:
2f:21:e0:24:b3:07:b6:9f:95:33:23:a5:d7:87:75:18:41:38:
57:07:ba:21:2d:4e:05:cc:47:b8:71:18:0a:8f:c9:9b:a6:ae:
96:fb:4e:05:a9:67:43:ca:9c:ed:63:27:3f:d4:b7:88:eb:0e:
33:17:c5:2b:ce:fa:8a:24:2f:21:a8:a8:b3:1a:ca:74:a6:ed:
9e:82:7d:b2:d3:97:2f:fa:ef:7d:26:3c:64:83:6f:08:8c:7a:
0d:26:b4:8d:50:79:83:38:a4:a8:ea:99:db:dd:2c:b4:77:62:
30:14:42:e2:86:fd:84:e0:92:5d:f6:85:fc:dd:81:81:3d:e9:
6c:22:5b:6b:fe:b7:d2:8a:26:30:12:ba:20:a4:21:86:73:de:
83:e3:b0:14:1f:d6:64:95:a7:6d:f4:a1:51:3e:56:75:95:59:
5e:e5:53:6f:b5:f4:8c:3f:33:e9:a5:c8:10:9f:6b:0c:08:8d:
d1:47:b9:bf:b5:5f:26:6d:82:2b:26:15:46:1f:93:82:5d:cb:
89:1b:aa:9a:d8:7d:71:b8:37:3c:ac:88:77:18:c2:1c:fe:83:
4b:c8:11:eb:84:47:e9:ed:ba:f9:4e:36:9e:9c:d8:b1:0e:d0:
f9:e7:da:8f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUCqi/Lr7D9YY2TurwnD3/P1rjA/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MDgxODE0NTRaFw0yNjA0MDcxODE5NTRaMDMxMTAvBgNV
BAMTKEJBMDMxMTk1MDgwN0Q3MDgxRkU1OUM5RkQyNUE5RThGREEwNzczNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUWi9OBLVfAPfKuSNnIjoj+iVy
bgCOIpNN7WxTYKxk0SWPSuWgP9mch89YQ7lCm42XKaa3whu6JYAfLJzqa4mQ/OaL
Gx6YnFbrdaB65pHo8jlHsbEOAyO49RuYf/RFx33mGPK6eP12jwdJpcjsK5rsm18n
QJ5i4WdfUqeydIX1ldeGpzgaQRCYC76ZxXh+kHJQtgqzPJoGbMl+9hm2JrQ5cTcJ
xYNnL5CxgAZItUqhPpfVofL8auaQc3tiin7Np7rYe48YwHJMK5A1t3NL4LEqEDgt
5qx1q2yXBAON3c0dYNNyDpkp6x1csCPnEmJ9xsJyL9Cj6kayyOQSEfb31GTTAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUugMRlQgH1wgf5Zyf0lqej9oHc0wwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhpx
MA0GCSqGSIb3DQEBCwUAA4IBAQAIiwbSZbZmHTwyLKO9IKIZ5jUvIeAkswe2n5Uz
I6XXh3UYQThXB7ohLU4FzEe4cRgKj8mbpq6W+04FqWdDypztYyc/1LeI6w4zF8Ur
zvqKJC8hqKizGsp0pu2egn2y05cv+u99Jjxkg28IjHoNJrSNUHmDOKSo6pnb3Sy0
d2IwFELihv2E4JJd9oX83YGBPelsIltr/rfSiiYwErogpCGGc96D47AUH9Zkladt
9KFRPlZ1lVle5VNvtfSMPzPppcgQn2sMCI3RR7m/tV8mbYIrJhVGH5OCXcuJG6qa
2H1xuDc8rIh3GMIc/oNLyBHrhEfp7br5TjaenNixDtD559qP
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:32:48 2025 by rpki-client