Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214654.roa
File: AS214654.roa (raw, json)
Hash identifier: b85t9DPm/s6MNfhN/i/oJiSrfnuQEgiMogeLQQuOjcs=
Subject key identifier: 46:AC:6B:95:8B:C2:ED:ED:14:FA:91:C4:92:E4:99:87:43:78:76:CD
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6CB55637D2950215D6D9023959BA54257F49650C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214654.roa
Signing time: Tue 21 Oct 2025 16:20:20 +0000
ROA not before: Tue 21 Oct 2025 16:15:20 +0000
ROA not after: Tue 20 Oct 2026 16:20:20 +0000
asID: 214654
IP address blocks: 82.22.8.0/24 maxlen: 24
82.25.37.0/24 maxlen: 24
82.25.46.0/23 maxlen: 24
82.26.91.0/24 maxlen: 24
82.26.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:b5:56:37:d2:95:02:15:d6:d9:02:39:59:ba:54:25:7f:49:65:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 21 16:15:20 2025 GMT
Not After : Oct 20 16:20:20 2026 GMT
Subject: CN=46AC6B958BC2EDED14FA91C492E49987437876CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f4:af:41:78:2f:ca:90:26:40:a0:15:1f:60:
1b:32:3b:23:47:1e:44:d6:6e:dd:59:48:55:e4:50:
c5:01:56:e6:07:7c:f3:7a:59:26:8a:6e:8e:4b:a7:
ab:95:cc:5b:a5:fb:4f:a2:7a:53:4c:d6:31:21:69:
e0:8a:01:66:5a:f7:5b:1c:5e:41:28:f2:e2:e9:71:
8e:bf:9f:8a:43:1b:7e:6b:13:d3:af:41:44:8a:8e:
5e:09:50:47:20:b2:ad:5a:f9:b5:53:4a:a4:42:0d:
f6:ba:df:29:c5:d6:75:51:10:b7:4f:ad:5a:7c:ae:
d7:a4:1c:42:01:64:cf:c2:7f:aa:df:df:9c:bb:4b:
ca:3c:a1:29:9f:a2:ca:cf:94:f9:8c:6d:af:6a:3c:
bd:8f:3a:73:e2:55:51:82:73:6b:e1:c8:b5:db:fb:
1b:46:11:79:1f:c1:5a:48:3a:f8:67:38:86:5b:64:
96:a1:da:42:b6:21:1f:75:4c:19:ba:d8:45:b7:00:
de:9c:42:f8:a9:8f:ae:a9:ba:27:92:e0:6a:99:ec:
43:c5:8d:51:b6:20:3c:7c:56:c6:3a:3d:96:2b:db:
65:ae:dd:ac:02:84:4c:1a:aa:1e:8b:b8:39:cd:93:
fe:a5:25:47:50:49:c4:e3:f8:aa:46:b1:2e:43:8c:
8f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AC:6B:95:8B:C2:ED:ED:14:FA:91:C4:92:E4:99:87:43:78:76:CD
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214654.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.8.0/24
82.25.37.0/24
82.25.46.0/23
82.26.91.0/24
82.26.93.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:1b:01:d8:ce:b9:c9:8a:a2:ca:f4:94:0f:9b:99:a9:73:3d:
3d:bd:8e:4f:a1:bc:2e:fc:ed:95:f5:59:c5:ec:56:e0:30:38:
8e:24:b5:bd:0f:65:1b:4f:c1:e4:4e:8b:01:ab:d1:a2:2b:6d:
db:35:d9:f4:b1:51:c5:1b:82:d1:9a:60:6b:d8:5f:e9:2e:ad:
f8:22:5e:3b:2a:88:12:d1:ee:16:2d:17:41:8b:bd:95:94:a3:
f4:f7:76:3b:3d:50:cc:e8:04:28:a7:93:c0:95:58:ef:7d:7b:
e1:af:7f:b7:dd:74:0e:e5:04:21:d0:b0:6b:0b:25:0d:05:b4:
b5:7a:97:0b:85:d3:df:45:78:5b:5d:14:17:0b:fc:5c:f7:11:
af:07:93:4c:4f:d8:4b:6b:b3:a3:b8:4d:d2:cd:67:98:e9:52:
3c:fc:17:4a:6b:9a:32:ae:3c:8f:df:d0:50:dd:96:fa:34:2c:
08:e8:9a:f9:17:f5:2e:6f:83:80:db:2e:a5:5f:12:6d:fc:f2:
27:64:3f:20:4e:dd:3a:81:7a:b0:92:61:b0:fa:04:e2:ac:6a:
76:26:45:6e:7b:33:bb:32:48:f2:16:2a:b8:73:88:33:76:a3:
a3:10:e6:de:79:3c:ef:e0:4c:27:83:39:57:ac:c8:f7:33:5b:
20:c3:ab:72
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUbLVWN9KVAhXW2QI5WbpUJX9JZQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMjExNjE1MjBaFw0yNjEwMjAxNjIwMjBaMDMxMTAvBgNV
BAMTKDQ2QUM2Qjk1OEJDMkVERUQxNEZBOTFDNDkyRTQ5OTg3NDM3ODc2Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh9K9BeC/KkCZAoBUfYBsyOyNH
HkTWbt1ZSFXkUMUBVuYHfPN6WSaKbo5Lp6uVzFul+0+ielNM1jEhaeCKAWZa91sc
XkEo8uLpcY6/n4pDG35rE9OvQUSKjl4JUEcgsq1a+bVTSqRCDfa63ynF1nVRELdP
rVp8rtekHEIBZM/Cf6rf35y7S8o8oSmfosrPlPmMba9qPL2POnPiVVGCc2vhyLXb
+xtGEXkfwVpIOvhnOIZbZJah2kK2IR91TBm62EW3AN6cQvipj66puieS4GqZ7EPF
jVG2IDx8VsY6PZYr22Wu3awChEwaqh6LuDnNk/6lJUdQScTj+KpGsS5DjI+XAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQURqxrlYvC7e0U+pHEkuSZh0N4ds0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NjU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUhYI
AwQAUhklAwQBUhkuAwQAUhpbAwQAUhpdMA0GCSqGSIb3DQEBCwUAA4IBAQANGwHY
zrnJiqLK9JQPm5mpcz09vY5Pobwu/O2V9VnF7FbgMDiOJLW9D2UbT8HkTosBq9Gi
K23bNdn0sVHFG4LRmmBr2F/pLq34Il47KogS0e4WLRdBi72VlKP093Y7PVDM6AQo
p5PAlVjvfXvhr3+33XQO5QQh0LBrCyUNBbS1epcLhdPfRXhbXRQXC/xc9xGvB5NM
T9hLa7OjuE3SzWeY6VI8/BdKa5oyrjyP39BQ3Zb6NCwI6Jr5F/Uub4OA2y6lXxJt
/PInZD8gTt06gXqwkmGw+gTirGp2JkVuezO7MkjyFiq4c4gzdqOjEObeeTzv4Ewn
gzlXrMj3M1sgw6ty
-----END CERTIFICATE-----
Generated at Tue Oct 21 21:28:24 2025 by rpki-client