Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: fqLX8aA+J8bqzui5dtHK7wIY2y3wpc2EC0aLSScrCWE=
Subject key identifier: 3C:86:72:8C:AA:90:42:9C:93:3E:FF:6D:5F:E1:69:48:AB:1F:0D:8F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1014B40D899CB24DC423CDFD23CDA9DC7A623945
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
Signing time: Sun 24 May 2026 16:23:56 +0000
ROA not before: Sun 24 May 2026 16:18:56 +0000
ROA not after: Sun 23 May 2027 16:23:56 +0000
asID: 214432
IP address blocks: 82.21.125.0/24 maxlen: 24
82.23.13.0/24 maxlen: 24
82.25.37.0/24 maxlen: 24
82.25.142.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.39.187.0/24 maxlen: 24
82.39.211.0/24 maxlen: 24
82.41.57.0/24 maxlen: 24
82.41.74.0/24 maxlen: 24
82.41.97.0/24 maxlen: 24
82.47.11.0/24 maxlen: 24
82.47.12.0/24 maxlen: 24
84.75.129.0/24 maxlen: 24
178.83.16.0/24 maxlen: 24
178.83.102.0/24 maxlen: 24
178.83.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:14:b4:0d:89:9c:b2:4d:c4:23:cd:fd:23:cd:a9:dc:7a:62:39:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 24 16:18:56 2026 GMT
Not After : May 23 16:23:56 2027 GMT
Subject: CN=3C86728CAA90429C933EFF6D5FE16948AB1F0D8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ec:7c:48:ee:32:0e:21:7d:aa:7d:92:1c:09:
03:dc:1d:46:87:83:76:ac:81:9a:6b:2a:b6:75:ea:
38:af:54:cd:ae:66:6f:60:e4:59:ba:21:8a:3e:63:
70:a9:c5:c5:a9:77:00:5e:b0:a5:25:e8:ae:ef:64:
9c:3b:af:57:71:fa:f6:b0:d5:bb:f0:1c:e1:65:4b:
56:bd:0c:00:5c:98:fc:bf:3f:30:06:eb:9c:cd:75:
df:3c:01:70:31:b4:92:d9:cc:c8:a9:9d:f4:43:26:
56:6f:3b:9c:8c:31:21:c7:c7:57:77:a5:6b:77:70:
9c:76:78:f4:42:58:10:41:42:53:96:94:ba:75:44:
4c:50:32:fd:cb:cf:88:d1:98:d1:44:5c:62:a3:b6:
73:69:2e:1e:3a:27:7a:01:42:5f:37:95:41:9d:fa:
d4:58:11:5b:e4:e8:fd:5e:80:02:8e:dc:1a:f2:92:
32:c4:2f:a5:b0:5e:a9:f0:a7:a3:85:59:58:3a:6e:
c4:79:8c:93:38:b5:d7:81:8f:e3:27:40:18:25:c4:
c1:55:46:c7:e1:3b:2b:21:af:4c:08:5a:11:67:e6:
31:ae:09:e5:6a:ad:a6:a2:10:91:3e:dc:42:6a:68:
5d:0f:af:62:95:3f:a6:0a:ea:1c:9f:1f:dc:b4:e7:
3b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:86:72:8C:AA:90:42:9C:93:3E:FF:6D:5F:E1:69:48:AB:1F:0D:8F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.125.0/24
82.23.13.0/24
82.25.37.0/24
82.25.142.0/24
82.26.202.0/24
82.27.131.0/24
82.39.187.0/24
82.39.211.0/24
82.41.57.0/24
82.41.74.0/24
82.41.97.0/24
82.47.11.0-82.47.12.255
84.75.129.0/24
178.83.16.0/24
178.83.102.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:15:57:56:43:36:9e:24:ec:d0:61:27:0c:d5:7b:69:77:7f:
33:50:6c:2e:56:3f:f0:e3:53:0e:97:2d:29:5d:75:31:ca:31:
71:c8:e5:d9:b0:db:f3:7d:08:8e:b4:67:bc:29:bf:7f:c7:9a:
90:62:f7:0a:2c:46:a6:b0:f6:cc:bd:b5:cc:f8:5c:e1:bf:0f:
c4:ef:70:17:6a:e5:8b:f1:87:d0:9e:64:47:8f:00:c5:d8:92:
bf:81:18:fb:0d:bc:44:6f:f8:b1:e5:b9:9d:27:a8:37:c0:37:
a6:ef:22:8d:73:c5:2c:3b:c9:b2:b4:f6:a0:35:57:27:42:ff:
12:ea:70:5d:ed:e2:32:d7:99:ce:ee:ce:9a:bd:21:dd:e1:33:
8a:13:f0:dd:58:98:dc:11:ca:65:bd:7d:5d:e8:f8:96:97:5c:
94:9f:de:de:c3:8b:4b:5e:48:9f:e8:79:04:5e:e4:ea:ae:e3:
d3:4a:0f:c4:e1:40:54:50:e6:23:5c:bb:f6:a6:e9:c3:1f:ad:
8e:23:cb:50:96:d5:16:df:c8:17:36:fa:08:fb:13:e2:92:e4:
08:5c:4d:44:83:48:f9:88:e7:71:55:ae:24:7c:3a:7e:6c:5e:
74:86:90:9c:a1:80:bc:dd:34:71:75:20:c8:34:ff:45:3c:00:
56:64:dd:88
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIUEBS0DYmcsk3EI839I82p3HpiOUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjQxNjE4NTZaFw0yNzA1MjMxNjIzNTZaMDMxMTAvBgNV
BAMTKDNDODY3MjhDQUE5MDQyOUM5MzNFRkY2RDVGRTE2OTQ4QUIxRjBEOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX7HxI7jIOIX2qfZIcCQPcHUaH
g3asgZprKrZ16jivVM2uZm9g5Fm6IYo+Y3CpxcWpdwBesKUl6K7vZJw7r1dx+vaw
1bvwHOFlS1a9DABcmPy/PzAG65zNdd88AXAxtJLZzMipnfRDJlZvO5yMMSHHx1d3
pWt3cJx2ePRCWBBBQlOWlLp1RExQMv3Lz4jRmNFEXGKjtnNpLh46J3oBQl83lUGd
+tRYEVvk6P1egAKO3BrykjLEL6WwXqnwp6OFWVg6bsR5jJM4tdeBj+MnQBglxMFV
RsfhOyshr0wIWhFn5jGuCeVqraaiEJE+3EJqaF0Pr2KVP6YK6hyfH9y05zujAgMB
AAGjggJmMIICYjAdBgNVHQ4EFgQUPIZyjKqQQpyTPv9tX+FpSKsfDY8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAUhV9
AwQAUhcNAwQAUhklAwQAUhmOAwQAUhrKAwQAUhuDAwQAUie7AwQAUifTAwQAUik5
AwQAUilKAwQAUilhMAwDBABSLwsDBABSLwwDBABUS4EDBACyUxADBAGyU2YwDQYJ
KoZIhvcNAQELBQADggEBAI4VV1ZDNp4k7NBhJwzVe2l3fzNQbC5WP/DjUw6XLSld
dTHKMXHI5dmw2/N9CI60Z7wpv3/HmpBi9wosRqaw9sy9tcz4XOG/D8TvcBdq5Yvx
h9CeZEePAMXYkr+BGPsNvERv+LHluZ0nqDfAN6bvIo1zxSw7ybK09qA1VydC/xLq
cF3t4jLXmc7uzpq9Id3hM4oT8N1YmNwRymW9fV3o+JaXXJSf3t7Di0teSJ/oeQRe
5Oqu49NKD8ThQFRQ5iNcu/am6cMfrY4jy1CW1RbfyBc2+gj7E+KS5AhcTUSDSPmI
53FVriR8On5sXnSGkJyhgLzdNHF1IMg0/0U8AFZk3Yg=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:46 2026 by rpki-client