Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: 2jHQiYaCY/4zpRHU6nWNHQ6/+H4a5w94hchxP/H0M4A=
Subject key identifier: 6D:B1:94:F8:09:14:EB:74:7D:2A:4F:F3:9D:05:22:4C:D8:D5:A0:83
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1705500C06CD5136D3A40F02AB0075A6C378AA56
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
Signing time: Wed 04 Mar 2026 08:30:17 +0000
ROA not before: Wed 04 Mar 2026 08:25:17 +0000
ROA not after: Wed 03 Mar 2027 08:30:17 +0000
asID: 214432
IP address blocks: 82.21.75.0/24 maxlen: 24
82.25.142.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.39.187.0/24 maxlen: 24
82.41.57.0/24 maxlen: 24
82.41.74.0/24 maxlen: 24
82.41.97.0/24 maxlen: 24
178.83.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:05:50:0c:06:cd:51:36:d3:a4:0f:02:ab:00:75:a6:c3:78:aa:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 4 08:25:17 2026 GMT
Not After : Mar 3 08:30:17 2027 GMT
Subject: CN=6DB194F80914EB747D2A4FF39D05224CD8D5A083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dc:db:22:88:29:97:50:39:74:d8:4a:c7:b0:
9f:ec:47:aa:00:8c:0f:a6:f6:c5:36:39:0f:bc:a2:
0b:d6:aa:9b:b7:bf:59:a1:e6:6f:77:26:60:e4:02:
da:0a:04:c1:82:ed:cb:78:f3:17:fb:ec:b0:c3:fc:
55:2b:c8:7d:3e:ef:f7:d9:53:12:f3:2e:8c:34:da:
e9:95:5b:f2:a1:2b:42:99:cb:aa:45:01:fa:c1:cd:
1b:5d:a7:4c:9c:0c:56:93:5d:0d:50:a1:17:85:0f:
74:d3:ee:be:81:24:37:77:9d:81:d0:ed:db:e8:a6:
dd:a9:03:80:55:60:38:62:7e:a6:b4:bd:98:9c:27:
cf:e1:84:1a:b8:d4:02:9a:eb:70:d6:7b:75:cc:4d:
b2:06:0e:b7:79:a5:3b:74:de:34:b5:00:f2:91:aa:
44:56:7f:06:bc:11:57:29:83:33:20:bd:3c:7c:43:
88:14:56:f4:c7:7d:c4:5e:9c:be:3b:b2:c6:0a:d5:
ae:82:ff:16:ef:3f:49:9d:bc:b4:9e:d0:12:33:f5:
94:e9:cd:30:d6:b8:f1:40:69:68:4f:1e:66:a1:1e:
75:a2:60:c3:41:89:11:57:bd:04:f2:ce:cb:19:84:
6e:51:7d:b5:35:ae:00:ab:f4:13:97:db:89:4e:59:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B1:94:F8:09:14:EB:74:7D:2A:4F:F3:9D:05:22:4C:D8:D5:A0:83
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.25.142.0/24
82.27.131.0/24
82.39.187.0/24
82.41.57.0/24
82.41.74.0/24
82.41.97.0/24
178.83.34.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:36:b9:04:e0:ae:53:36:0b:29:54:97:60:cc:43:04:41:e7:
c3:0f:7d:b9:3c:15:6e:39:e5:8a:06:73:a3:70:65:ff:a4:c4:
9a:b1:f5:9e:e4:9e:9c:93:2a:b7:a3:fb:cf:14:9d:87:ea:82:
dd:6d:13:7a:1f:97:85:85:21:d9:f9:d9:16:92:9d:ba:92:64:
b1:39:10:6e:9f:2d:39:d7:aa:3a:68:8b:5e:59:97:5d:a6:9f:
66:f3:71:9c:51:ab:be:c8:44:c3:fc:01:69:e9:9f:b6:f7:2c:
4f:2e:3f:1c:e9:c3:17:41:4c:6e:78:30:07:66:81:8f:08:6e:
ce:e8:79:50:26:dd:60:af:31:a2:76:ec:ce:07:0f:e1:69:28:
79:ad:43:b5:33:44:a1:a6:dd:c3:f0:a0:a4:3a:ff:db:3b:7f:
e7:db:10:3a:c6:fd:bd:c1:7d:e9:50:92:1f:a6:ce:13:c1:17:
55:6f:5b:0f:51:e4:22:2d:70:22:83:57:42:ff:e4:63:28:cd:
5c:71:a4:e0:69:57:8d:f3:a7:66:69:b2:ba:07:a6:08:45:d1:
39:5a:75:04:30:34:08:4a:c1:35:4a:aa:1e:e1:b0:6d:19:1b:
12:76:3c:bc:00:b3:4b:9d:bc:63:9d:30:fc:5c:d6:00:2b:7a:
c5:2e:a6:e1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUFwVQDAbNUTbTpA8CqwB1psN4qlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDQwODI1MTdaFw0yNzAzMDMwODMwMTdaMDMxMTAvBgNV
BAMTKDZEQjE5NEY4MDkxNEVCNzQ3RDJBNEZGMzlEMDUyMjRDRDhENUEwODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx3NsiiCmXUDl02ErHsJ/sR6oA
jA+m9sU2OQ+8ogvWqpu3v1mh5m93JmDkAtoKBMGC7ct48xf77LDD/FUryH0+7/fZ
UxLzLow02umVW/KhK0KZy6pFAfrBzRtdp0ycDFaTXQ1QoReFD3TT7r6BJDd3nYHQ
7dvopt2pA4BVYDhifqa0vZicJ8/hhBq41AKa63DWe3XMTbIGDrd5pTt03jS1APKR
qkRWfwa8EVcpgzMgvTx8Q4gUVvTHfcRenL47ssYK1a6C/xbvP0mdvLSe0BIz9ZTp
zTDWuPFAaWhPHmahHnWiYMNBiRFXvQTyzssZhG5RfbU1rgCr9BOX24lOWatLAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUbbGU+AkU63R9Kk/znQUiTNjVoIMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUhVL
AwQAUhmOAwQAUhuDAwQAUie7AwQAUik5AwQAUilKAwQAUilhAwQAslMiMA0GCSqG
SIb3DQEBCwUAA4IBAQAaNrkE4K5TNgspVJdgzEMEQefDD325PBVuOeWKBnOjcGX/
pMSasfWe5J6ckyq3o/vPFJ2H6oLdbRN6H5eFhSHZ+dkWkp26kmSxORBuny0516o6
aIteWZddpp9m83GcUau+yETD/AFp6Z+29yxPLj8c6cMXQUxueDAHZoGPCG7O6HlQ
Jt1grzGiduzOBw/haSh5rUO1M0Shpt3D8KCkOv/bO3/n2xA6xv29wX3pUJIfps4T
wRdVb1sPUeQiLXAig1dC/+RjKM1ccaTgaVeN86dmabK6B6YIRdE5WnUEMDQISsE1
Sqoe4bBtGRsSdjy8ALNLnbxjnTD8XNYAK3rFLqbh
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:04:29 2026 by rpki-client