Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203020.roa
File: AS203020.roa (raw, json)
Hash identifier: 75ofY1vG3VHOmVmYcINFEtCm82KPeicVN7qX4D+wOyI=
Subject key identifier: AE:59:B3:3F:86:48:8B:A4:98:AA:3C:19:53:77:4D:2B:DA:79:FE:9F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0705CA85A6793A8377154505E85EE0127BA020B0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203020.roa
Signing time: Mon 16 Jun 2025 13:31:11 +0000
ROA not before: Mon 16 Jun 2025 13:26:11 +0000
ROA not after: Mon 15 Jun 2026 13:31:11 +0000
asID: 203020
IP address blocks: 82.21.241.0/24 maxlen: 24
82.24.242.0/24 maxlen: 24
82.25.242.0/24 maxlen: 24
82.26.242.0/24 maxlen: 24
82.27.242.0/24 maxlen: 24
82.29.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:05:ca:85:a6:79:3a:83:77:15:45:05:e8:5e:e0:12:7b:a0:20:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 16 13:26:11 2025 GMT
Not After : Jun 15 13:31:11 2026 GMT
Subject: CN=AE59B33F86488BA498AA3C1953774D2BDA79FE9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:de:11:86:b5:05:40:65:89:35:47:c7:a4:f9:
ee:b2:8d:db:d3:3c:b6:50:e2:75:6b:10:0b:8f:f2:
16:7a:04:04:dc:cb:d4:66:d8:ea:ef:40:1c:a4:0e:
c4:c3:95:61:ae:d7:1b:23:f8:f5:cb:37:6a:3d:b2:
ba:8e:6c:b8:3f:03:6d:df:80:ab:97:fc:12:db:73:
74:37:7f:d7:11:ac:2f:f8:c0:71:69:f3:1f:7f:70:
d6:6d:b1:a2:b7:5c:32:18:31:d6:55:bc:50:b0:b4:
8f:24:9f:d6:dd:ab:e6:b7:91:4b:0e:ec:45:4e:ef:
92:4d:ae:05:a1:8a:04:13:48:0a:ba:1a:15:34:e6:
a2:47:8e:f2:c0:31:08:c9:45:ce:e8:b8:d6:82:32:
ab:b7:2e:ed:f0:1e:d5:c4:f6:ca:49:2a:22:56:b7:
9c:d0:28:5c:60:94:13:46:9c:d5:e5:ec:a9:02:b3:
99:15:16:a5:59:7c:41:7f:83:91:d2:e6:66:29:31:
96:7f:8c:cb:3f:9e:00:0f:5c:ad:7d:92:57:96:cc:
5d:f5:fc:3c:fc:8c:8a:91:6e:5e:6d:8c:7d:49:45:
94:5a:1d:86:7f:f6:5f:c8:46:aa:5a:1c:9c:2e:c6:
8e:e1:44:6b:4d:98:8b:21:c4:8c:1e:27:15:15:99:
a3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:59:B3:3F:86:48:8B:A4:98:AA:3C:19:53:77:4D:2B:DA:79:FE:9F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203020.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.241.0/24
82.24.242.0/24
82.25.242.0/24
82.26.242.0/24
82.27.242.0/24
82.29.241.0/24
Signature Algorithm: sha256WithRSAEncryption
33:fd:de:f6:2c:c7:ab:b7:f6:9e:74:93:02:e8:3e:0f:2b:f0:
97:5c:66:28:7c:9b:31:60:06:d6:8d:d9:3c:d3:7b:b9:be:48:
ec:86:c2:d3:6b:f5:6f:92:97:72:0e:5e:e8:84:d4:f6:14:77:
8b:8e:5c:80:fb:ad:6c:74:8b:82:1b:15:e1:09:77:46:c0:e6:
10:73:4b:d2:d7:24:35:ea:90:12:2a:da:16:f7:a6:ef:a5:0d:
de:ee:2d:c2:93:0b:16:f8:71:bd:95:3e:5c:bc:4f:74:4a:65:
43:dc:d8:7b:ee:8c:5c:50:6e:46:16:3d:2b:c0:90:49:ae:8b:
64:c0:f8:7a:b1:ab:ed:ab:0e:f2:96:54:1f:60:c5:ea:80:89:
ef:a4:0e:a7:47:a8:aa:9e:b2:ac:6e:b9:22:2f:a4:78:ee:83:
73:4c:d5:78:e4:dd:61:e9:4d:cd:b7:65:f1:73:0d:e6:98:13:
c6:58:a6:b2:63:1d:bb:4a:f4:05:94:29:da:fd:33:43:a9:3f:
0b:b5:89:50:9d:44:ed:64:99:4d:81:d1:92:b2:7a:24:60:39:
f9:b7:e2:57:4d:f5:36:97:cd:ff:4b:e1:20:b1:2e:20:17:d3:
64:9c:1b:78:a3:82:58:47:8e:d3:7e:76:1a:e0:58:0f:35:b2:
04:60:f0:32
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUBwXKhaZ5OoN3FUUF6F7gEnugILAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTYxMzI2MTFaFw0yNjA2MTUxMzMxMTFaMDMxMTAvBgNV
BAMTKEFFNTlCMzNGODY0ODhCQTQ5OEFBM0MxOTUzNzc0RDJCREE3OUZFOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC73hGGtQVAZYk1R8ek+e6yjdvT
PLZQ4nVrEAuP8hZ6BATcy9Rm2OrvQBykDsTDlWGu1xsj+PXLN2o9srqObLg/A23f
gKuX/BLbc3Q3f9cRrC/4wHFp8x9/cNZtsaK3XDIYMdZVvFCwtI8kn9bdq+a3kUsO
7EVO75JNrgWhigQTSAq6GhU05qJHjvLAMQjJRc7ouNaCMqu3Lu3wHtXE9spJKiJW
t5zQKFxglBNGnNXl7KkCs5kVFqVZfEF/g5HS5mYpMZZ/jMs/ngAPXK19kleWzF31
/Dz8jIqRbl5tjH1JRZRaHYZ/9l/IRqpaHJwuxo7hRGtNmIshxIweJxUVmaOLAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUrlmzP4ZIi6SYqjwZU3dNK9p5/p8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzMDIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUhXx
AwQAUhjyAwQAUhnyAwQAUhryAwQAUhvyAwQAUh3xMA0GCSqGSIb3DQEBCwUAA4IB
AQAz/d72LMert/aedJMC6D4PK/CXXGYofJsxYAbWjdk803u5vkjshsLTa/Vvkpdy
Dl7ohNT2FHeLjlyA+61sdIuCGxXhCXdGwOYQc0vS1yQ16pASKtoW96bvpQ3e7i3C
kwsW+HG9lT5cvE90SmVD3Nh77oxcUG5GFj0rwJBJrotkwPh6savtqw7yllQfYMXq
gInvpA6nR6iqnrKsbrkiL6R47oNzTNV45N1h6U3Nt2Xxcw3mmBPGWKayYx27SvQF
lCna/TNDqT8LtYlQnUTtZJlNgdGSsnokYDn5t+JXTfU2l83/S+EgsS4gF9NknBt4
o4JYR47TfnYa4FgPNbIEYPAy
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:56 2025 by rpki-client