Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214647.roa
File:                     AS214647.roa (raw, json)
Hash identifier:          aMUJdpdUvYgGpos/1cQu7IeT4k3pZERvDUnS5ttjmq8=
Subject key identifier:   C4:7B:59:4A:9A:F3:E4:7A:9D:12:3D:AB:C6:47:65:C9:6A:14:07:02
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       5187D20AE495FBC93EBC9B767007B7AB410AD9AC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214647.roa
Signing time:             Thu 25 Jun 2026 11:37:59 +0000
ROA not before:           Thu 25 Jun 2026 11:32:59 +0000
ROA not after:            Thu 24 Jun 2027 11:37:59 +0000
asID:                     214647
IP address blocks:        82.22.4.0/24 maxlen: 24
                          84.75.177.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:87:d2:0a:e4:95:fb:c9:3e:bc:9b:76:70:07:b7:ab:41:0a:d9:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun 25 11:32:59 2026 GMT
            Not After : Jun 24 11:37:59 2027 GMT
        Subject: CN=C47B594A9AF3E47A9D123DABC64765C96A140702
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:09:64:4b:08:31:bf:44:af:9c:32:41:60:b0:
                    17:43:7b:ce:39:79:50:bc:33:58:3d:e8:07:f2:35:
                    74:58:1a:cf:b7:35:cd:1f:85:14:81:dd:5a:5d:be:
                    5e:48:fa:1f:97:5d:b9:a0:6c:94:b0:2e:3d:aa:b2:
                    4b:18:31:b7:8c:bb:0b:5a:18:23:cf:b0:66:a3:f5:
                    8b:6f:66:32:51:9b:c7:31:eb:d0:af:f8:fe:56:8f:
                    a0:07:d7:8b:25:b1:f9:fb:ad:04:70:4e:8e:a0:5c:
                    22:ca:d3:19:a0:fc:ec:36:b7:81:89:06:76:b7:75:
                    17:fe:f5:a4:28:fb:d3:8f:9f:ef:72:b3:25:a7:31:
                    97:f7:b6:12:a0:f6:24:b8:4c:1a:70:93:2c:9c:2c:
                    bd:29:d2:26:0e:de:72:64:6a:45:a7:81:4d:aa:ff:
                    aa:7d:aa:28:13:8a:f2:e6:c5:14:43:71:ad:09:3e:
                    b9:11:35:27:c4:bf:76:d7:21:0c:3e:b6:7a:d8:3b:
                    e9:62:5e:e3:d2:0c:b8:ed:79:75:66:64:12:ff:ad:
                    16:a2:8c:cf:a2:a5:0b:67:2a:9d:e0:02:b0:fa:3c:
                    1a:be:43:45:ec:56:13:d4:57:97:59:de:5d:71:2e:
                    b5:91:6a:fa:c6:4c:00:3c:41:41:a9:a7:31:9c:23:
                    97:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:7B:59:4A:9A:F3:E4:7A:9D:12:3D:AB:C6:47:65:C9:6A:14:07:02
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214647.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.22.4.0/24
                  84.75.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:46:67:9a:fb:fc:56:ff:ad:32:e1:38:00:c8:17:16:a1:89:
         1c:1c:45:35:53:e4:47:ba:68:b1:30:e7:c4:22:f6:ae:3d:eb:
         9c:2a:ae:23:af:e5:7d:7f:0f:e0:ca:47:23:32:e3:ef:16:43:
         8b:04:c0:ce:ee:4e:67:ef:cd:d7:ad:16:4a:8a:03:c3:cc:a7:
         af:07:6e:a2:8c:6c:35:66:86:dc:87:c9:f1:15:cc:3b:93:e4:
         46:1f:36:00:4c:02:9a:2c:c2:3e:bd:31:9a:a1:fa:8f:f1:16:
         2a:81:11:c6:44:ec:a4:3e:91:fa:63:d2:ff:1b:9b:ff:85:b4:
         f1:7d:b4:d5:a3:8e:fa:c4:28:72:8d:36:5a:b6:3f:f5:95:48:
         a9:6b:9d:ee:e6:77:85:aa:2d:92:82:ed:bf:b9:0d:80:42:f8:
         79:a1:1c:3a:ea:62:20:20:62:bf:f8:3c:be:af:fc:8d:58:89:
         3c:0d:57:3c:bd:e4:95:14:96:7d:88:e1:4d:c6:0b:58:0a:a8:
         aa:be:8d:df:77:86:22:c2:f1:45:ab:30:3e:bb:5e:cd:c6:fb:
         61:43:d9:ed:8c:e1:a2:3c:90:08:13:97:34:fe:56:46:69:61:
         59:a8:5e:50:2b:94:65:fb:05:c3:9b:6e:7e:5f:ba:89:a8:16:
         a5:f9:a4:51
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUUYfSCuSV+8k+vJt2cAe3q0EK2awwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjUxMTMyNTlaFw0yNzA2MjQxMTM3NTlaMDMxMTAvBgNV
BAMTKEM0N0I1OTRBOUFGM0U0N0E5RDEyM0RBQkM2NDc2NUM5NkExNDA3MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChCWRLCDG/RK+cMkFgsBdDe845
eVC8M1g96AfyNXRYGs+3Nc0fhRSB3Vpdvl5I+h+XXbmgbJSwLj2qsksYMbeMuwta
GCPPsGaj9YtvZjJRm8cx69Cv+P5Wj6AH14slsfn7rQRwTo6gXCLK0xmg/Ow2t4GJ
Bna3dRf+9aQo+9OPn+9ysyWnMZf3thKg9iS4TBpwkyycLL0p0iYO3nJkakWngU2q
/6p9qigTivLmxRRDca0JPrkRNSfEv3bXIQw+tnrYO+liXuPSDLjteXVmZBL/rRai
jM+ipQtnKp3gArD6PBq+Q0XsVhPUV5dZ3l1xLrWRavrGTAA8QUGppzGcI5cZAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUxHtZSprz5HqdEj2rxkdlyWoUBwIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NjQ3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUhYE
AwQAVEuxMA0GCSqGSIb3DQEBCwUAA4IBAQA/Rmea+/xW/60y4TgAyBcWoYkcHEU1
U+RHumixMOfEIvauPeucKq4jr+V9fw/gykcjMuPvFkOLBMDO7k5n783XrRZKigPD
zKevB26ijGw1Zobch8nxFcw7k+RGHzYATAKaLMI+vTGaofqP8RYqgRHGROykPpH6
Y9L/G5v/hbTxfbTVo476xChyjTZatj/1lUipa53u5neFqi2Sgu2/uQ2AQvh5oRw6
6mIgIGK/+Dy+r/yNWIk8DVc8veSVFJZ9iOFNxgtYCqiqvo3fd4YiwvFFqzA+u17N
xvthQ9ntjOGiPJAIE5c0/lZGaWFZqF5QK5Rl+wXDm25+X7qJqBal+aRR
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:08:47 2026 by rpki-client