Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: AbjxaOObVG8KmdaPiKKXuCU7Gh7phgZ6nVbUNuAQq+o=
Subject key identifier: 21:84:E9:67:8E:1F:07:62:44:E1:C1:86:8B:3A:D9:B3:96:AD:70:FF
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 28407AD7C3FD249640FB2DFB796BC94EBBC30D76
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
Signing time: Sat 06 Sep 2025 14:32:12 +0000
ROA not before: Sat 06 Sep 2025 14:27:12 +0000
ROA not after: Sat 05 Sep 2026 14:32:12 +0000
asID: 214432
IP address blocks: 82.25.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:40:7a:d7:c3:fd:24:96:40:fb:2d:fb:79:6b:c9:4e:bb:c3:0d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 6 14:27:12 2025 GMT
Not After : Sep 5 14:32:12 2026 GMT
Subject: CN=2184E9678E1F076244E1C1868B3AD9B396AD70FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9c:5d:bc:ed:f2:04:40:33:6d:db:15:c4:51:
ce:fa:d0:43:59:1a:6c:a3:69:9a:22:fa:e1:f1:68:
35:17:0e:d3:02:16:50:6c:40:99:da:20:3d:35:d7:
6f:17:2a:8c:f2:d4:f7:9e:70:e1:a0:da:97:5a:0b:
55:21:b6:49:b8:f3:9d:83:2c:9c:2e:68:4c:7c:92:
e5:3c:6d:9a:4e:62:7d:3d:57:01:5e:75:68:dd:2e:
68:26:a4:52:78:ef:9b:d7:22:3f:90:68:04:68:cf:
ec:5c:53:ea:39:04:03:ce:b4:12:6a:92:b0:57:8d:
d6:1a:c1:c2:56:71:86:ae:dd:50:bb:06:4e:50:56:
a2:42:db:69:f5:91:60:dc:13:68:de:9f:dc:3f:4a:
f6:b1:84:74:fa:14:0e:51:83:20:63:2a:02:b4:b2:
7e:e1:55:81:1a:9c:7b:5b:5d:8d:27:ba:c8:e3:c0:
25:46:88:bf:2f:5c:0b:9b:10:56:5c:6a:99:1d:b9:
6b:87:ea:68:b7:ee:f7:d1:d6:ab:b6:91:d3:96:14:
7b:d5:68:bc:d4:5d:50:e6:2d:f3:fe:40:ed:a6:a1:
a9:63:e8:01:88:75:4a:38:b6:2a:b7:2d:da:7a:4a:
78:5d:e9:d9:06:05:8f:b3:d5:5f:b4:6a:e2:f9:8d:
75:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:84:E9:67:8E:1F:07:62:44:E1:C1:86:8B:3A:D9:B3:96:AD:70:FF
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.142.0/24
Signature Algorithm: sha256WithRSAEncryption
08:74:4c:13:8f:16:9d:be:f5:3f:5a:d7:28:35:98:7a:ed:20:
37:03:67:2c:ac:99:fb:0f:79:a1:8e:ee:7d:48:97:e5:74:c8:
e2:b7:ac:b4:3e:00:d7:92:f4:e5:53:1d:bc:da:82:26:15:a8:
65:4d:1a:3b:bf:4d:82:a6:76:7d:b9:56:78:30:ca:cb:eb:dc:
a3:f8:fe:9f:05:68:b3:ea:c9:e1:a4:76:44:01:22:39:48:43:
82:ca:57:2b:2e:1e:f5:de:39:58:c3:08:d8:e2:48:1c:7e:60:
69:75:43:e7:3e:01:90:20:45:6d:b7:22:31:d8:14:a9:c1:14:
8f:9a:46:38:30:ed:b7:4c:fe:b7:39:62:cc:fe:94:21:c4:f3:
78:c5:6d:8c:e2:6f:12:8c:f4:9e:40:39:5f:03:c4:ce:9d:ab:
cb:ea:a1:e8:e7:36:d7:35:de:b9:0e:91:e1:c3:4b:a5:8a:42:
38:7c:fd:6e:fc:e4:48:05:e8:bc:2b:3a:62:b4:ac:e3:ec:35:
cc:95:64:7d:76:1f:c7:f6:3b:3e:fa:2f:3b:3b:cc:97:43:6f:
77:08:2f:c4:d9:5d:0d:d8:a3:97:06:64:74:43:d0:b0:27:8f:
aa:cf:40:65:62:66:56:be:6d:2e:24:c2:c4:b8:d6:19:a1:04:
26:3e:03:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUKEB618P9JJZA+y37eWvJTrvDDXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MDYxNDI3MTJaFw0yNjA5MDUxNDMyMTJaMDMxMTAvBgNV
BAMTKDIxODRFOTY3OEUxRjA3NjI0NEUxQzE4NjhCM0FEOUIzOTZBRDcwRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdnF287fIEQDNt2xXEUc760ENZ
GmyjaZoi+uHxaDUXDtMCFlBsQJnaID01128XKozy1PeecOGg2pdaC1Uhtkm4852D
LJwuaEx8kuU8bZpOYn09VwFedWjdLmgmpFJ475vXIj+QaARoz+xcU+o5BAPOtBJq
krBXjdYawcJWcYau3VC7Bk5QVqJC22n1kWDcE2jen9w/SvaxhHT6FA5RgyBjKgK0
sn7hVYEanHtbXY0nusjjwCVGiL8vXAubEFZcapkduWuH6mi37vfR1qu2kdOWFHvV
aLzUXVDmLfP+QO2moalj6AGIdUo4tiq3Ldp6Snhd6dkGBY+z1V+0auL5jXXjAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUIYTpZ44fB2JE4cGGizrZs5atcP8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhmO
MA0GCSqGSIb3DQEBCwUAA4IBAQAIdEwTjxadvvU/WtcoNZh67SA3A2csrJn7D3mh
ju59SJfldMjit6y0PgDXkvTlUx282oImFahlTRo7v02CpnZ9uVZ4MMrL69yj+P6f
BWiz6snhpHZEASI5SEOCylcrLh713jlYwwjY4kgcfmBpdUPnPgGQIEVttyIx2BSp
wRSPmkY4MO23TP63OWLM/pQhxPN4xW2M4m8SjPSeQDlfA8TOnavL6qHo5zbXNd65
DpHhw0ulikI4fP1u/ORIBei8KzpitKzj7DXMlWR9dh/H9js++i87O8yXQ293CC/E
2V0N2KOXBmR0Q9CwJ4+qz0BlYmZWvm0uJMLEuNYZoQQmPgM/
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:22:58 2025 by rpki-client