Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
File:                     AS214432.roa (raw, json)
Hash identifier:          gW6+9ZJsGXubf62QW5h5WSRthV3eBsRmTgwHBX80RXk=
Subject key identifier:   27:80:4B:B4:68:DC:2A:74:CB:22:64:4F:FD:B1:5F:B5:28:D6:46:00
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       0BAA1B3743F88C2D3D48155E9C28426AFF1F1BAA
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
Signing time:             Mon 06 Jul 2026 14:28:16 +0000
ROA not before:           Mon 06 Jul 2026 14:23:16 +0000
ROA not after:            Mon 05 Jul 2027 14:28:16 +0000
asID:                     214432
IP address blocks:        82.21.125.0/24 maxlen: 24
                          82.23.13.0/24 maxlen: 24
                          82.25.37.0/24 maxlen: 24
                          82.26.202.0/24 maxlen: 24
                          82.27.131.0/24 maxlen: 24
                          82.39.187.0/24 maxlen: 24
                          82.39.211.0/24 maxlen: 24
                          82.41.57.0/24 maxlen: 24
                          82.41.74.0/24 maxlen: 24
                          82.41.97.0/24 maxlen: 24
                          82.47.11.0/24 maxlen: 24
                          82.47.12.0/24 maxlen: 24
                          84.75.129.0/24 maxlen: 24
                          178.83.16.0/24 maxlen: 24
                          178.83.102.0/24 maxlen: 24
                          178.83.103.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:aa:1b:37:43:f8:8c:2d:3d:48:15:5e:9c:28:42:6a:ff:1f:1b:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul  6 14:23:16 2026 GMT
            Not After : Jul  5 14:28:16 2027 GMT
        Subject: CN=27804BB468DC2A74CB22644FFDB15FB528D64600
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:93:e4:ea:28:bd:ba:83:ae:38:25:2b:50:b3:
                    c0:50:7c:49:c3:2d:cd:d9:84:ec:07:97:a7:f5:fa:
                    34:76:f3:f1:d5:15:ac:f5:63:2f:0f:e3:ca:85:7a:
                    ae:20:45:49:67:19:ac:18:10:bd:da:7d:9b:b7:77:
                    61:16:33:ce:99:54:92:25:e6:75:cb:e4:4f:fb:10:
                    dd:0f:2e:33:72:0c:12:98:45:90:6b:1f:c1:7e:02:
                    b5:76:11:d2:ec:26:7d:ec:fd:2e:13:f0:d8:06:59:
                    9d:22:bd:3e:5e:94:73:8b:64:b8:87:a5:af:e7:f7:
                    37:75:66:7a:99:b4:7b:56:9f:e2:14:9e:7a:d5:9e:
                    ad:cb:a4:b2:f9:85:e7:57:52:99:b3:f3:50:78:5d:
                    ab:80:d0:a0:d0:16:fa:c2:b0:e5:76:78:dd:d1:b7:
                    1e:fe:e1:85:ca:e0:9d:8d:ed:3c:37:71:00:74:22:
                    9d:07:18:8b:58:c4:a6:f5:f5:aa:d8:c8:5b:f0:12:
                    bf:4f:b6:7f:f5:61:13:4f:4b:a2:47:5f:d0:d3:37:
                    ba:c4:0d:4a:8d:5d:c9:96:ad:71:35:d2:d4:bb:2c:
                    3d:52:e4:39:1b:fb:2a:10:57:35:07:12:f5:ba:cc:
                    9c:4d:e6:49:7e:85:ec:1e:1a:1d:22:95:e7:53:12:
                    2d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:80:4B:B4:68:DC:2A:74:CB:22:64:4F:FD:B1:5F:B5:28:D6:46:00
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.125.0/24
                  82.23.13.0/24
                  82.25.37.0/24
                  82.26.202.0/24
                  82.27.131.0/24
                  82.39.187.0/24
                  82.39.211.0/24
                  82.41.57.0/24
                  82.41.74.0/24
                  82.41.97.0/24
                  82.47.11.0-82.47.12.255
                  84.75.129.0/24
                  178.83.16.0/24
                  178.83.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:86:e5:7d:c2:e3:ce:59:0e:7a:09:6b:2d:6b:c0:99:98:53:
         1c:a6:78:39:49:80:42:95:ef:58:12:84:be:fd:be:54:91:a7:
         af:87:2e:d2:62:d1:c3:a4:10:e4:81:dc:3b:cf:84:b0:96:46:
         e2:ca:d8:9c:37:81:ed:94:92:80:43:d7:0d:87:71:cc:09:b2:
         6b:7e:c7:44:d6:bb:2b:0f:65:f7:5e:c9:bc:1c:43:bb:54:92:
         80:26:d4:4d:dd:0c:91:9f:f0:f9:0a:38:96:fb:98:f0:b6:ab:
         ec:61:72:88:2f:35:a8:6a:71:44:de:29:2d:82:fd:11:b5:bf:
         fc:68:ee:b6:0e:2c:2e:7c:ca:14:09:4e:00:6b:4b:2c:cd:3c:
         93:3e:81:0d:02:cd:41:13:7c:55:28:23:d8:d2:26:93:a2:71:
         88:cb:b8:df:6f:f0:7a:8d:0c:b0:81:8b:4e:9e:66:61:0b:8f:
         ae:ff:51:26:b4:35:9f:33:b2:8f:f8:33:ad:4d:e9:e7:70:29:
         5c:67:a2:f4:fb:62:bc:95:a7:fa:10:09:e8:98:25:6d:76:b2:
         6a:5e:65:a7:cb:12:b9:1c:91:c8:aa:5e:56:ea:46:07:3b:56:
         62:5f:c7:50:6c:46:77:c6:8f:92:c4:e4:bc:a5:24:ff:a5:fa:
         ab:67:bd:60
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUC6obN0P4jC09SBVenChCav8fG6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MDYxNDIzMTZaFw0yNzA3MDUxNDI4MTZaMDMxMTAvBgNV
BAMTKDI3ODA0QkI0NjhEQzJBNzRDQjIyNjQ0RkZEQjE1RkI1MjhENjQ2MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdk+TqKL26g644JStQs8BQfEnD
Lc3ZhOwHl6f1+jR28/HVFaz1Yy8P48qFeq4gRUlnGawYEL3afZu3d2EWM86ZVJIl
5nXL5E/7EN0PLjNyDBKYRZBrH8F+ArV2EdLsJn3s/S4T8NgGWZ0ivT5elHOLZLiH
pa/n9zd1ZnqZtHtWn+IUnnrVnq3LpLL5hedXUpmz81B4XauA0KDQFvrCsOV2eN3R
tx7+4YXK4J2N7Tw3cQB0Ip0HGItYxKb19arYyFvwEr9Ptn/1YRNPS6JHX9DTN7rE
DUqNXcmWrXE10tS7LD1S5Dkb+yoQVzUHEvW6zJxN5kl+heweGh0iledTEi0HAgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQUJ4BLtGjcKnTLImRP/bFftSjWRgAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAUhV9
AwQAUhcNAwQAUhklAwQAUhrKAwQAUhuDAwQAUie7AwQAUifTAwQAUik5AwQAUilK
AwQAUilhMAwDBABSLwsDBABSLwwDBABUS4EDBACyUxADBAGyU2YwDQYJKoZIhvcN
AQELBQADggEBAEmG5X3C485ZDnoJay1rwJmYUxymeDlJgEKV71gShL79vlSRp6+H
LtJi0cOkEOSB3DvPhLCWRuLK2Jw3ge2UkoBD1w2HccwJsmt+x0TWuysPZfdeybwc
Q7tUkoAm1E3dDJGf8PkKOJb7mPC2q+xhcogvNahqcUTeKS2C/RG1v/xo7rYOLC58
yhQJTgBrSyzNPJM+gQ0CzUETfFUoI9jSJpOicYjLuN9v8HqNDLCBi06eZmELj67/
USa0NZ8zso/4M61N6edwKVxnovT7YryVp/oQCeiYJW12smpeZafLErkckciqXlbq
Rgc7VmJfx1BsRnfGj5LE5LylJP+l+qtnvWA=
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:05:16 2026 by rpki-client