Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214657.roa
File: AS214657.roa (raw, json)
Hash identifier: mtbgk/3Tu3CoTIuJ+gepbQkzzLHR8QQouRrWAmOeyG4=
Subject key identifier: 9B:9E:9C:5B:5F:CD:D5:9C:0C:EE:21:EA:59:AF:F8:E1:B2:EF:A8:AF
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4401563FA4BC8F30D186320CA26E7C835AA70DDE
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214657.roa
Signing time: Fri 05 Jun 2026 22:07:57 +0000
ROA not before: Fri 05 Jun 2026 22:02:57 +0000
ROA not after: Fri 04 Jun 2027 22:07:57 +0000
asID: 214657
IP address blocks: 82.21.8.0/24 maxlen: 24
2a13:9500:7a::/48 maxlen: 48
2a13:9500:de::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:01:56:3f:a4:bc:8f:30:d1:86:32:0c:a2:6e:7c:83:5a:a7:0d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 5 22:02:57 2026 GMT
Not After : Jun 4 22:07:57 2027 GMT
Subject: CN=9B9E9C5B5FCDD59C0CEE21EA59AFF8E1B2EFA8AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5c:20:f4:2f:51:3d:44:e3:1e:8f:e9:83:38:
fc:47:4c:12:58:6c:11:98:37:3d:c8:c7:de:3b:44:
a2:fb:09:45:2f:f4:21:66:55:c6:43:0b:5b:ba:8b:
9e:1f:da:fe:60:e1:e3:eb:27:23:b0:8f:70:44:d3:
1a:ba:7b:28:de:e4:01:37:c8:c5:db:ea:f8:03:38:
b4:ef:f1:a0:fb:11:66:4f:c3:35:6c:bc:fc:84:1e:
56:de:f6:4a:14:3e:29:58:ac:66:88:07:92:ad:b0:
d7:47:1b:ec:23:33:66:61:f2:3f:fc:5a:85:0b:5a:
ae:8e:52:b1:52:52:c4:fd:f8:80:39:b2:a8:12:35:
1a:c3:47:1a:d0:38:a2:5a:fe:27:64:5c:29:43:fa:
11:9b:cd:07:23:4d:4f:2a:1c:ff:a7:8f:49:64:a3:
15:74:f0:46:24:0a:48:8a:03:ec:e9:51:a8:04:c4:
e6:86:de:bc:3f:c4:ab:91:7a:83:96:59:03:ca:cc:
27:9d:c0:de:bd:e4:16:8f:a1:c9:af:e2:9c:ae:4f:
38:ec:22:0b:8e:c0:99:4d:48:5b:7c:f8:07:ba:97:
a6:3a:84:de:df:57:5f:a0:bc:36:4f:b4:82:05:64:
99:9a:69:01:32:2f:51:9a:6e:5f:4d:0f:7c:7a:7d:
32:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:9E:9C:5B:5F:CD:D5:9C:0C:EE:21:EA:59:AF:F8:E1:B2:EF:A8:AF
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214657.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.8.0/24
IPv6:
2a13:9500:7a::/48
2a13:9500:de::/48
Signature Algorithm: sha256WithRSAEncryption
9c:01:1f:98:76:c2:f6:2f:c1:a7:ce:42:af:16:10:e1:91:ed:
6a:2f:f1:b8:62:7c:8e:0f:c0:33:05:54:3d:9b:99:24:ba:76:
39:ee:60:ee:48:70:36:85:74:e4:43:7b:7c:94:d1:0f:47:e5:
2c:97:e4:c8:c2:75:a1:2e:fe:88:eb:a9:d9:ad:ed:4a:18:31:
0c:0d:3a:05:87:61:34:eb:10:2e:49:b3:28:74:52:f7:51:0d:
3a:9d:49:b8:ae:32:90:42:db:3f:92:57:b6:0c:e9:31:84:53:
09:81:54:4e:fb:e5:74:db:d5:3f:5a:d0:5b:bd:64:15:0e:05:
4c:c6:21:dc:8d:93:6a:b6:0c:6f:34:02:2c:f0:b3:03:52:b9:
11:df:cc:1b:f4:29:a9:d2:9c:3a:ec:ac:9a:9a:eb:d6:cd:29:
e6:85:36:a5:88:d0:7b:b1:6a:a4:f6:e3:d6:f4:ff:2f:03:ac:
2c:4b:a5:ea:56:6d:b3:a8:a8:85:8d:30:e0:5b:b1:47:ca:5b:
79:ae:5d:f6:19:bf:83:b2:54:4d:9a:31:01:7c:c9:d5:ac:81:
ba:d1:58:7a:22:00:8e:c7:1d:c0:7d:9a:17:8a:e1:ef:88:29:
d3:20:ec:e9:71:ef:63:bc:3e:ed:63:a6:37:0e:99:a6:87:41:
37:1f:c9:fb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIURAFWP6S8jzDRhjIMom58g1qnDd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDUyMjAyNTdaFw0yNzA2MDQyMjA3NTdaMDMxMTAvBgNV
BAMTKDlCOUU5QzVCNUZDREQ1OUMwQ0VFMjFFQTU5QUZGOEUxQjJFRkE4QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XCD0L1E9ROMej+mDOPxHTBJY
bBGYNz3Ix947RKL7CUUv9CFmVcZDC1u6i54f2v5g4ePrJyOwj3BE0xq6eyje5AE3
yMXb6vgDOLTv8aD7EWZPwzVsvPyEHlbe9koUPilYrGaIB5KtsNdHG+wjM2Zh8j/8
WoULWq6OUrFSUsT9+IA5sqgSNRrDRxrQOKJa/idkXClD+hGbzQcjTU8qHP+nj0lk
oxV08EYkCkiKA+zpUagExOaG3rw/xKuReoOWWQPKzCedwN695BaPocmv4pyuTzjs
IguOwJlNSFt8+Ae6l6Y6hN7fV1+gvDZPtIIFZJmaaQEyL1Gabl9ND3x6fTIbAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUm56cW1/N1ZwM7iHqWa/44bLvqK8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NjU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAUhUI
MBgEAgACMBIDBwAqE5UAAHoDBwAqE5UAAN4wDQYJKoZIhvcNAQELBQADggEBAJwB
H5h2wvYvwafOQq8WEOGR7Wov8bhifI4PwDMFVD2bmSS6djnuYO5IcDaFdORDe3yU
0Q9H5SyX5MjCdaEu/ojrqdmt7UoYMQwNOgWHYTTrEC5Jsyh0UvdRDTqdSbiuMpBC
2z+SV7YM6TGEUwmBVE775XTb1T9a0Fu9ZBUOBUzGIdyNk2q2DG80AizwswNSuRHf
zBv0KanSnDrsrJqa69bNKeaFNqWI0HuxaqT249b0/y8DrCxLpepWbbOoqIWNMOBb
sUfKW3muXfYZv4OyVE2aMQF8ydWsgbrRWHoiAI7HHcB9mheK4e+IKdMg7Olx72O8
Pu1jpjcOmaaHQTcfyfs=
-----END CERTIFICATE-----
Generated at Thu Jun 11 20:26:55 2026 by rpki-client