Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS205733.roa
File: AS205733.roa (raw, json)
Hash identifier: BU/Do7v8pnmggUlq8bg7MD2bTMPxkEqzIyczYaeCWHo=
Subject key identifier: 4C:FB:78:CC:1D:AB:FE:1A:C1:92:70:25:E1:02:B8:16:6E:9B:DB:2B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7A4E8B566283C717A469D08FED4BB6CE9051582E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS205733.roa
Signing time: Sat 21 Jun 2025 18:46:22 +0000
ROA not before: Sat 21 Jun 2025 18:41:22 +0000
ROA not after: Sat 20 Jun 2026 18:46:22 +0000
asID: 205733
IP address blocks: 82.21.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:4e:8b:56:62:83:c7:17:a4:69:d0:8f:ed:4b:b6:ce:90:51:58:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 21 18:41:22 2025 GMT
Not After : Jun 20 18:46:22 2026 GMT
Subject: CN=4CFB78CC1DABFE1AC1927025E102B8166E9BDB2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9f:20:d5:b0:ed:1d:15:bc:08:bc:dc:54:4f:
e8:48:e9:78:08:d8:d5:72:b4:7a:b5:1c:97:0e:04:
8c:0d:16:06:21:2c:18:8f:0d:21:86:b3:95:98:c5:
08:7f:68:66:e1:1c:51:7e:ae:2e:92:42:20:8f:01:
36:70:0b:2b:6c:f4:2b:7b:bb:5a:94:5a:3d:b9:c7:
bf:13:c3:57:71:5a:6b:d0:79:a3:09:97:18:86:bf:
d5:2c:82:7c:ed:66:5a:db:f5:b9:eb:1a:a9:f2:03:
f4:d3:56:7f:f6:22:c8:cc:fd:12:fe:e9:08:eb:b0:
58:52:32:67:9b:c1:5a:ec:ed:12:0c:2d:b9:1f:2d:
79:9a:bf:c5:2f:29:e7:13:9b:28:b6:c6:7d:97:3d:
dd:5a:f3:ce:14:d4:58:15:1d:ba:13:36:58:a3:45:
b0:67:a4:f7:46:7b:00:1e:57:1b:19:3d:3d:64:ba:
5a:7f:1b:cd:0f:29:fc:30:09:30:04:7b:62:69:25:
37:3c:2d:fe:b5:ab:c5:a4:c4:f0:63:d1:2a:54:42:
b6:e7:6d:07:d3:e7:cc:bc:1f:75:eb:51:43:41:8a:
da:f2:c3:b8:25:60:6b:cb:8b:6a:f5:98:cd:1c:17:
18:56:dc:40:ef:35:59:62:ca:4a:5b:20:cc:9e:59:
ab:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:FB:78:CC:1D:AB:FE:1A:C1:92:70:25:E1:02:B8:16:6E:9B:DB:2B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS205733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.149.0/24
Signature Algorithm: sha256WithRSAEncryption
38:d1:85:ca:dd:7e:62:41:97:fd:bd:38:ff:35:39:16:d0:09:
9b:5a:28:c5:2d:a3:08:37:c8:20:3a:2a:f0:23:43:fd:89:63:
73:60:89:e9:94:38:3b:93:ca:ac:2d:77:33:05:66:f1:6b:dd:
b6:e7:33:34:2f:f5:e9:e7:54:62:9e:51:a6:8f:48:43:1b:52:
07:a9:5f:16:6a:70:80:28:01:f2:0a:ae:c1:82:04:25:56:23:
3d:49:81:91:22:54:b1:ee:8c:ce:ef:4c:43:24:36:76:85:f5:
8a:39:5e:1b:d5:70:40:66:2b:67:b4:ce:6a:33:58:fa:ed:ea:
9b:df:cb:c2:fd:03:ae:99:72:08:cc:ab:cf:eb:21:79:8a:d9:
29:51:a7:d1:20:ed:ab:f5:35:a2:28:e7:5a:71:e0:e4:b1:63:
bc:fe:3c:05:fd:2e:21:f1:e6:5f:44:6a:f5:17:61:04:1c:04:
8b:7c:aa:0f:c3:3d:e6:b0:a6:99:f6:62:e4:ad:53:7f:8b:83:
97:82:b1:b3:85:c5:da:cc:1f:f6:fb:ba:37:0f:0d:c9:6a:31:
6e:22:c9:3d:7d:5f:e3:37:75:49:80:83:40:8f:49:7e:82:99:
6b:36:66:4a:db:f5:c7:1f:06:de:71:b5:7c:4d:85:18:73:b8:
e7:24:df:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUek6LVmKDxxekadCP7Uu2zpBRWC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjExODQxMjJaFw0yNjA2MjAxODQ2MjJaMDMxMTAvBgNV
BAMTKDRDRkI3OENDMURBQkZFMUFDMTkyNzAyNUUxMDJCODE2NkU5QkRCMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPnyDVsO0dFbwIvNxUT+hI6XgI
2NVytHq1HJcOBIwNFgYhLBiPDSGGs5WYxQh/aGbhHFF+ri6SQiCPATZwCyts9Ct7
u1qUWj25x78Tw1dxWmvQeaMJlxiGv9UsgnztZlrb9bnrGqnyA/TTVn/2IsjM/RL+
6QjrsFhSMmebwVrs7RIMLbkfLXmav8UvKecTmyi2xn2XPd1a884U1FgVHboTNlij
RbBnpPdGewAeVxsZPT1kulp/G80PKfwwCTAEe2JpJTc8Lf61q8WkxPBj0SpUQrbn
bQfT58y8H3XrUUNBitryw7glYGvLi2r1mM0cFxhW3EDvNVliykpbIMyeWav3AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUTPt4zB2r/hrBknAl4QK4Fm6b2yswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA1NzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhWV
MA0GCSqGSIb3DQEBCwUAA4IBAQA40YXK3X5iQZf9vTj/NTkW0AmbWijFLaMIN8gg
OirwI0P9iWNzYInplDg7k8qsLXczBWbxa9225zM0L/Xp51RinlGmj0hDG1IHqV8W
anCAKAHyCq7BggQlViM9SYGRIlSx7ozO70xDJDZ2hfWKOV4b1XBAZitntM5qM1j6
7eqb38vC/QOumXIIzKvP6yF5itkpUafRIO2r9TWiKOdaceDksWO8/jwF/S4h8eZf
RGr1F2EEHASLfKoPwz3msKaZ9mLkrVN/i4OXgrGzhcXazB/2+7o3Dw3JajFuIsk9
fV/jN3VJgINAj0l+gplrNmZK2/XHHwbecbV8TYUYc7jnJN9K
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:52:12 2025 by rpki-client