Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214456.roa
File: AS214456.roa (raw, json)
Hash identifier: lDB0YbKLMqTDMJcw/AuAETAxm6NDhRZW/pIvTummV1Y=
Subject key identifier: 4A:56:0A:0E:51:FF:EB:88:B3:FB:1A:C7:79:0A:95:A5:7B:2E:BB:1F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 072094CFBABD747C52D9FB45722F05D6CF7C2C84
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214456.roa
Signing time: Sat 18 Apr 2026 04:18:57 +0000
ROA not before: Sat 18 Apr 2026 04:13:57 +0000
ROA not after: Sat 17 Apr 2027 04:18:57 +0000
asID: 214456
IP address blocks: 178.83.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 10:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:20:94:cf:ba:bd:74:7c:52:d9:fb:45:72:2f:05:d6:cf:7c:2c:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 18 04:13:57 2026 GMT
Not After : Apr 17 04:18:57 2027 GMT
Subject: CN=4A560A0E51FFEB88B3FB1AC7790A95A57B2EBB1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:98:2c:99:66:a6:da:58:92:fa:f2:ab:ef:ac:
04:77:8b:f7:6a:c7:d5:00:27:11:83:29:5e:7d:21:
a6:6e:44:4b:35:59:22:7a:32:ed:a1:e3:18:65:5c:
bb:fa:ce:6e:82:56:61:02:58:ea:51:74:9c:91:c1:
b2:91:4e:6d:53:cf:d2:8d:9b:ae:59:a3:33:d0:a0:
b9:22:43:27:22:7a:47:d1:f7:f4:ff:5a:a1:55:15:
18:08:62:52:66:f2:e0:f5:cf:3b:29:63:9f:d3:64:
02:30:fd:ca:ba:6f:a5:94:9d:d5:5d:8a:5c:13:9b:
90:da:e0:68:f2:fa:a8:1d:bd:07:94:c6:f9:05:77:
64:35:2a:46:4f:c6:8d:84:6c:43:71:e6:93:8b:fc:
a6:79:26:ca:22:72:e5:b0:b1:e7:f8:50:bd:e2:d4:
99:1c:dd:0d:f5:8e:06:ec:31:78:33:fe:9e:e2:68:
49:4b:25:8f:1b:21:52:7c:e9:7c:7b:a0:7f:ff:43:
72:f1:65:3e:96:ec:05:9f:a0:9d:9f:48:99:a0:66:
fd:8f:70:9f:5b:3f:a8:62:37:05:c1:4a:dd:a2:50:
7f:99:cd:7d:dc:03:75:e2:18:4e:ff:c3:d3:ec:db:
37:d7:55:3e:96:a8:50:2a:b6:12:ef:35:39:58:ea:
17:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:56:0A:0E:51:FF:EB:88:B3:FB:1A:C7:79:0A:95:A5:7B:2E:BB:1F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214456.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.83.9.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:21:a5:9c:27:9c:bb:59:1b:7a:e4:2e:3b:a7:2c:86:1a:72:
8e:bd:f1:08:7a:c1:55:f1:e0:84:fc:76:7c:2a:a5:9a:d3:b3:
7a:fa:b9:d7:83:ba:b4:22:b7:39:1e:43:89:99:05:28:33:3e:
f4:a3:1c:68:7e:c0:81:01:db:ff:2f:f0:fc:7c:55:82:a9:7b:
d1:8a:c8:58:e2:17:81:20:d6:c8:1f:93:8f:32:7d:09:96:76:
99:1b:f6:5a:18:60:79:77:3e:4b:d1:01:c2:b0:71:54:25:4d:
a4:53:07:2e:06:87:35:e0:5e:3c:6f:1e:45:37:f1:87:53:32:
84:53:65:51:f0:22:a2:74:74:02:10:b0:93:ac:c5:96:fc:e1:
2b:2d:a9:12:a1:fa:11:fa:43:4f:ec:51:77:82:49:49:b7:49:
d6:42:25:69:2e:db:f0:14:87:59:aa:e2:58:cc:23:66:28:e9:
5c:f4:9b:ff:e8:bd:62:bc:04:d1:03:92:65:96:df:f1:24:ab:
83:1e:25:5e:d1:82:29:ae:41:ee:fa:f9:3c:9e:08:0e:50:24:
8d:05:3c:b9:66:e0:60:7e:61:48:cc:7a:f5:b4:a8:2c:c4:da:
d2:77:ca:b7:b5:5d:93:a4:2d:f5:20:29:ce:38:41:bf:d2:83:
3d:53:4b:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUByCUz7q9dHxS2ftFci8F1s98LIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTgwNDEzNTdaFw0yNzA0MTcwNDE4NTdaMDMxMTAvBgNV
BAMTKDRBNTYwQTBFNTFGRkVCODhCM0ZCMUFDNzc5MEE5NUE1N0IyRUJCMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7mCyZZqbaWJL68qvvrAR3i/dq
x9UAJxGDKV59IaZuREs1WSJ6Mu2h4xhlXLv6zm6CVmECWOpRdJyRwbKRTm1Tz9KN
m65ZozPQoLkiQyciekfR9/T/WqFVFRgIYlJm8uD1zzspY5/TZAIw/cq6b6WUndVd
ilwTm5Da4Gjy+qgdvQeUxvkFd2Q1KkZPxo2EbENx5pOL/KZ5JsoicuWwsef4UL3i
1Jkc3Q31jgbsMXgz/p7iaElLJY8bIVJ86Xx7oH//Q3LxZT6W7AWfoJ2fSJmgZv2P
cJ9bP6hiNwXBSt2iUH+ZzX3cA3XiGE7/w9Ps2zfXVT6WqFAqthLvNTlY6hfZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUSlYKDlH/64iz+xrHeQqVpXsuux8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAslMJ
MA0GCSqGSIb3DQEBCwUAA4IBAQCmIaWcJ5y7WRt65C47pyyGGnKOvfEIesFV8eCE
/HZ8KqWa07N6+rnXg7q0Irc5HkOJmQUoMz70oxxofsCBAdv/L/D8fFWCqXvRishY
4heBINbIH5OPMn0JlnaZG/ZaGGB5dz5L0QHCsHFUJU2kUwcuBoc14F48bx5FN/GH
UzKEU2VR8CKidHQCELCTrMWW/OErLakSofoR+kNP7FF3gklJt0nWQiVpLtvwFIdZ
quJYzCNmKOlc9Jv/6L1ivATRA5Jllt/xJKuDHiVe0YIprkHu+vk8nggOUCSNBTy5
ZuBgfmFIzHr1tKgsxNrSd8q3tV2TpC31ICnOOEG/0oM9U0se
-----END CERTIFICATE-----
Generated at Sat Apr 18 19:35:10 2026 by rpki-client