Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7018.roa
File: AS7018.roa (raw, json)
Hash identifier: iN4OOrTB0lTJ6HuCrn5A3ESW36wRKYUQj09wKjSs7ys=
Subject key identifier: 92:52:59:51:3D:70:6E:AF:4E:B3:D2:8D:D9:96:8D:05:DC:DF:20:52
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 239E2BD97183970EED5F988ECB0E1ADE4C773C9B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7018.roa
Signing time: Mon 31 Mar 2025 08:16:20 +0000
ROA not before: Mon 31 Mar 2025 08:11:20 +0000
ROA not after: Mon 30 Mar 2026 08:16:20 +0000
asID: 7018
IP address blocks: 82.21.104.0/22 maxlen: 24
82.22.0.0/18 maxlen: 24
82.22.128.0/21 maxlen: 24
82.22.136.0/22 maxlen: 24
82.22.148.0/22 maxlen: 24
82.22.152.0/22 maxlen: 24
82.23.152.0/21 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.10.0/23 maxlen: 24
82.24.36.0/22 maxlen: 24
82.24.44.0/23 maxlen: 24
82.24.50.0/23 maxlen: 24
82.24.102.0/23 maxlen: 24
82.24.184.0/22 maxlen: 24
82.24.204.0/23 maxlen: 24
82.25.0.0/22 maxlen: 24
82.25.18.0/23 maxlen: 24
82.25.128.0/22 maxlen: 24
82.25.206.0/23 maxlen: 24
82.26.102.0/23 maxlen: 24
82.27.24.0/21 maxlen: 24
82.27.48.0/20 maxlen: 24
82.27.80.0/21 maxlen: 24
82.27.112.0/22 maxlen: 24
82.27.136.0/21 maxlen: 24
82.27.144.0/20 maxlen: 24
82.27.168.0/21 maxlen: 24
82.27.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:9e:2b:d9:71:83:97:0e:ed:5f:98:8e:cb:0e:1a:de:4c:77:3c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 31 08:11:20 2025 GMT
Not After : Mar 30 08:16:20 2026 GMT
Subject: CN=925259513D706EAF4EB3D28DD9968D05DCDF2052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:07:09:fe:1f:b5:cb:00:80:64:5d:d6:c7:8e:
d2:15:97:4b:ce:66:d0:26:59:29:ae:c0:11:22:1e:
30:b8:d9:9e:4d:3e:89:2f:a4:77:34:3d:ba:7a:fc:
dc:4f:85:4f:34:e3:39:b7:69:c6:d4:63:a7:fe:c6:
14:fc:87:00:26:8e:7c:f4:f6:b2:5c:41:b0:ea:a8:
66:9d:ae:ad:1b:e4:4d:d1:d7:90:4a:25:32:95:87:
70:b4:69:37:b4:60:db:cb:58:27:b3:88:98:1f:b5:
44:c0:ee:ad:ea:eb:54:d7:a5:a2:49:79:3f:3b:58:
04:c3:6f:1f:8f:f2:78:3f:e7:8f:f9:78:1d:a6:e1:
22:56:e4:22:e3:a5:39:07:e1:b9:15:53:88:a4:98:
6d:44:e2:6a:81:ea:85:63:b1:5c:a2:7d:8f:77:77:
2c:a4:26:5b:09:17:49:6e:11:5d:e9:10:fb:5f:83:
3b:98:5f:08:c7:f4:a1:e9:01:cb:21:8b:df:17:48:
c2:48:b6:e1:c6:5a:36:cc:22:02:71:74:f5:27:09:
5e:d2:db:12:03:49:0d:1f:8f:c1:8d:02:6d:d5:7f:
9e:95:3c:bb:f8:4a:2b:0a:e9:bc:ba:a5:09:6b:c9:
fb:cb:42:90:6b:e3:c8:ff:49:b5:4d:90:33:e4:85:
e9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:52:59:51:3D:70:6E:AF:4E:B3:D2:8D:D9:96:8D:05:DC:DF:20:52
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS7018.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.104.0/22
82.22.0.0/18
82.22.128.0-82.22.139.255
82.22.148.0-82.22.155.255
82.23.152.0/21
82.24.0.0/22
82.24.10.0/23
82.24.36.0/22
82.24.44.0/23
82.24.50.0/23
82.24.102.0/23
82.24.184.0/22
82.24.204.0/23
82.25.0.0/22
82.25.18.0/23
82.25.128.0/22
82.25.206.0/23
82.26.102.0/23
82.27.24.0/21
82.27.48.0/20
82.27.80.0/21
82.27.112.0/22
82.27.136.0-82.27.159.255
82.27.168.0/21
82.27.192.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:c6:17:55:f3:cf:af:e5:bd:72:07:57:5a:03:a3:2b:26:85:
4e:14:6d:4e:83:8f:7d:9a:77:2a:90:5f:54:80:71:77:d5:e6:
b4:e3:9f:c5:39:63:ac:14:14:d1:71:3a:ed:a2:cb:69:47:be:
fb:48:58:40:87:59:f8:2b:23:45:c3:07:9f:b4:76:fa:66:c5:
0a:d4:02:bb:2b:c8:e2:8d:e0:a6:0b:82:a5:d9:df:42:e3:a3:
cd:96:1f:be:37:b9:71:dd:ab:fe:66:bb:8b:1f:90:cc:98:a1:
fc:88:a0:86:42:18:6a:24:56:6c:1d:6d:f3:65:96:4c:40:06:
13:6b:72:c0:11:51:38:ae:d5:96:ae:10:34:fc:33:b6:65:6c:
92:72:7f:0d:9d:36:10:0e:f3:7b:31:98:d6:87:40:69:13:19:
fe:52:f1:f9:87:f7:e5:ac:8e:75:c1:90:0f:a3:78:c8:16:79:
b9:d4:0e:b3:59:ee:e0:8c:72:5e:e4:97:0f:b6:00:c7:77:7a:
f6:5a:0c:7a:a6:cc:e4:49:bb:8b:5d:2a:0f:2d:bb:eb:8e:4e:
16:b1:b7:86:d9:93:00:27:9e:7d:f3:a7:44:53:00:08:ab:4e:
6b:18:f4:26:5d:ce:14:f0:61:56:c6:9d:ca:88:1d:dd:e0:ae:
f6:66:d9:fb
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIUI54r2XGDlw7tX5iOyw4a3kx3PJswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMzEwODExMjBaFw0yNjAzMzAwODE2MjBaMDMxMTAvBgNV
BAMTKDkyNTI1OTUxM0Q3MDZFQUY0RUIzRDI4REQ5OTY4RDA1RENERjIwNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaBwn+H7XLAIBkXdbHjtIVl0vO
ZtAmWSmuwBEiHjC42Z5NPokvpHc0Pbp6/NxPhU804zm3acbUY6f+xhT8hwAmjnz0
9rJcQbDqqGadrq0b5E3R15BKJTKVh3C0aTe0YNvLWCeziJgftUTA7q3q61TXpaJJ
eT87WATDbx+P8ng/54/5eB2m4SJW5CLjpTkH4bkVU4ikmG1E4mqB6oVjsVyifY93
dyykJlsJF0luEV3pEPtfgzuYXwjH9KHpAcshi98XSMJItuHGWjbMIgJxdPUnCV7S
2xIDSQ0fj8GNAm3Vf56VPLv4SisK6by6pQlryfvLQpBr48j/SbVNkDPkhenFAgMB
AAGjggK1MIICsTAdBgNVHQ4EFgQUklJZUT1wbq9Os9KN2ZaNBdzfIFIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNzAxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBywYIKwYBBQUHAQcBAf8EgbswgbgwgbUEAgABMIGuAwQC
UhVoAwQGUhYAMAwDBAdSFoADBAJSFogwDAMEAlIWlAMEAlIWmAMEA1IXmAMEAlIY
AAMEAVIYCgMEAlIYJAMEAVIYLAMEAVIYMgMEAVIYZgMEAlIYuAMEAVIYzAMEAlIZ
AAMEAVIZEgMEAlIZgAMEAVIZzgMEAVIaZgMEA1IbGAMEBFIbMAMEA1IbUAMEAlIb
cDAMAwQDUhuIAwQFUhuAAwQDUhuoAwQCUhvAMA0GCSqGSIb3DQEBCwUAA4IBAQAN
xhdV88+v5b1yB1daA6MrJoVOFG1Og499mncqkF9UgHF31ea045/FOWOsFBTRcTrt
ostpR777SFhAh1n4KyNFwweftHb6ZsUK1AK7K8jijeCmC4Kl2d9C46PNlh++N7lx
3av+ZruLH5DMmKH8iKCGQhhqJFZsHW3zZZZMQAYTa3LAEVE4rtWWrhA0/DO2ZWyS
cn8NnTYQDvN7MZjWh0BpExn+UvH5h/flrI51wZAPo3jIFnm51A6zWe7gjHJe5JcP
tgDHd3r2Wgx6pszkSbuLXSoPLbvrjk4WsbeG2ZMAJ55986dEUwAIq05rGPQmXc4U
8GFWxp3KiB3d4K72Ztn7
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:26:19 2025 by rpki-client