Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216223.roa
File: AS216223.roa (raw, json)
Hash identifier: qfMENdTy8uaO4cKaV1uhMjgLEJ3pGZJtWrRNQ5ZfU8w=
Subject key identifier: 43:C9:C5:0C:33:C3:8F:2F:12:B9:01:D0:97:7E:84:05:C0:52:DA:BF
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3A35FB7E9C89C0FD322006F4C3238E2C2876EABC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216223.roa
Signing time: Mon 08 Sep 2025 20:39:58 +0000
ROA not before: Mon 08 Sep 2025 20:34:58 +0000
ROA not after: Mon 07 Sep 2026 20:39:58 +0000
asID: 216223
IP address blocks: 82.25.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:35:fb:7e:9c:89:c0:fd:32:20:06:f4:c3:23:8e:2c:28:76:ea:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 8 20:34:58 2025 GMT
Not After : Sep 7 20:39:58 2026 GMT
Subject: CN=43C9C50C33C38F2F12B901D0977E8405C052DABF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7d:77:ee:b2:ea:bf:c9:9a:60:54:a9:ab:4f:
cd:ff:b1:8c:59:e7:8d:ab:67:14:3c:11:c0:e2:fa:
a0:aa:26:b2:44:48:63:31:0a:2d:f7:ec:e9:45:02:
95:a3:08:af:42:f8:ae:72:79:c8:6c:5d:42:ca:ed:
e6:d1:fe:e5:78:3c:91:77:fa:83:5b:f9:fb:e8:25:
3d:b5:b4:e5:71:01:7e:91:cb:6c:35:34:65:49:62:
a1:71:89:75:98:d4:0a:d7:bd:e1:1d:ab:01:6c:d3:
e9:f7:15:8b:44:8b:41:d6:01:07:99:b9:32:3b:19:
f7:c6:da:ae:d4:1d:e9:d6:e7:d0:77:53:1f:7e:57:
fa:6f:6a:81:c6:9a:26:14:f8:29:0c:47:9a:48:d3:
e6:90:df:b1:80:8e:27:a8:1c:9f:d6:91:b4:47:b3:
18:68:17:b2:68:1e:66:5a:35:ea:c2:15:1f:1b:44:
4d:3b:d3:01:03:a1:5e:e4:5f:7e:1d:cb:b4:5b:d5:
16:fb:38:cb:13:a9:05:85:8b:de:22:89:b1:2c:3d:
0c:85:27:69:2a:5b:58:bb:8b:5e:a3:4e:20:be:5e:
07:b3:12:bd:7b:05:ee:c2:90:ce:54:fb:35:7f:d0:
17:52:e8:30:68:35:2b:e9:e9:8f:5d:69:ad:cb:30:
e3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C9:C5:0C:33:C3:8F:2F:12:B9:01:D0:97:7E:84:05:C0:52:DA:BF
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS216223.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.44.0/24
Signature Algorithm: sha256WithRSAEncryption
90:4f:e9:ec:49:ce:b5:ea:5b:0d:59:2a:2e:f7:5a:9b:47:44:
1a:74:e7:fa:1e:35:26:46:81:5c:4c:b3:34:53:76:6f:de:a8:
fd:ff:41:8b:d5:a3:9d:ca:35:47:64:4d:7e:11:52:57:db:8f:
f7:78:c2:d0:a6:a4:d6:70:e4:b4:d3:a9:f3:bc:80:11:7a:0f:
c6:f3:10:67:02:b1:6e:2f:53:5f:db:9b:a2:5a:a1:c4:76:d9:
ce:73:d4:45:c4:91:88:8a:6e:08:2e:61:11:69:5f:61:99:24:
38:14:f0:a5:37:a6:4a:d0:6e:aa:18:cb:c4:d8:83:d9:e3:63:
44:aa:13:ec:fe:b6:2c:e6:cc:44:5a:c3:64:d6:f4:9b:4e:7b:
73:31:f9:e8:81:4b:3f:0e:c0:97:48:74:ca:3f:35:cb:fe:f2:
91:6e:16:6c:d0:db:5a:06:2e:98:58:04:f5:49:f8:56:1f:80:
1f:68:c3:01:b3:76:6d:80:f4:07:d8:ad:f5:de:b1:83:7d:a3:
a0:28:d6:85:78:8f:84:09:ad:01:b5:97:89:71:3e:e4:a3:1a:
fd:ea:f6:c8:69:b3:d6:dc:e5:60:ea:d3:e3:49:aa:fd:1e:cd:
df:e2:c0:60:f0:69:c5:4e:21:15:61:3e:0e:20:2f:99:f5:00:
8d:83:69:3e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUOjX7fpyJwP0yIAb0wyOOLCh26rwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MDgyMDM0NThaFw0yNjA5MDcyMDM5NThaMDMxMTAvBgNV
BAMTKDQzQzlDNTBDMzNDMzhGMkYxMkI5MDFEMDk3N0U4NDA1QzA1MkRBQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCofXfusuq/yZpgVKmrT83/sYxZ
542rZxQ8EcDi+qCqJrJESGMxCi337OlFApWjCK9C+K5yechsXULK7ebR/uV4PJF3
+oNb+fvoJT21tOVxAX6Ry2w1NGVJYqFxiXWY1ArXveEdqwFs0+n3FYtEi0HWAQeZ
uTI7GffG2q7UHenW59B3Ux9+V/pvaoHGmiYU+CkMR5pI0+aQ37GAjieoHJ/WkbRH
sxhoF7JoHmZaNerCFR8bRE070wEDoV7kX34dy7Rb1Rb7OMsTqQWFi94iibEsPQyF
J2kqW1i7i16jTiC+XgezEr17Be7CkM5U+zV/0BdS6DBoNSvp6Y9daa3LMOORAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUQ8nFDDPDjy8SuQHQl36EBcBS2r8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE2MjIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhks
MA0GCSqGSIb3DQEBCwUAA4IBAQCQT+nsSc616lsNWSou91qbR0QadOf6HjUmRoFc
TLM0U3Zv3qj9/0GL1aOdyjVHZE1+EVJX24/3eMLQpqTWcOS006nzvIAReg/G8xBn
ArFuL1Nf25uiWqHEdtnOc9RFxJGIim4ILmERaV9hmSQ4FPClN6ZK0G6qGMvE2IPZ
42NEqhPs/rYs5sxEWsNk1vSbTntzMfnogUs/DsCXSHTKPzXL/vKRbhZs0NtaBi6Y
WAT1SfhWH4AfaMMBs3ZtgPQH2K313rGDfaOgKNaFeI+ECa0BtZeJcT7koxr96vbI
abPW3OVg6tPjSar9Hs3f4sBg8GnFTiEVYT4OIC+Z9QCNg2k+
-----END CERTIFICATE-----
Generated at Tue Sep 9 13:46:03 2025 by rpki-client