Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS208483.roa
File: AS208483.roa (raw, json)
Hash identifier: TORaPACHEiRh/8ZHqvXwAvuxIEI5XhAR8nzUw7Q8kFw=
Subject key identifier: B5:DC:02:0F:E8:9E:D9:20:13:D7:A7:7D:B4:CC:D8:FD:27:34:D5:20
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7802B35EC3A5E125FBC7467D13532DE9C4161601
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS208483.roa
Signing time: Wed 06 Aug 2025 06:46:42 +0000
ROA not before: Wed 06 Aug 2025 06:41:42 +0000
ROA not after: Wed 05 Aug 2026 06:46:42 +0000
asID: 208483
IP address blocks: 82.25.190.0/24 maxlen: 24
2a13:9500:99::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:02:b3:5e:c3:a5:e1:25:fb:c7:46:7d:13:53:2d:e9:c4:16:16:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 6 06:41:42 2025 GMT
Not After : Aug 5 06:46:42 2026 GMT
Subject: CN=B5DC020FE89ED92013D7A77DB4CCD8FD2734D520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a5:d3:34:b8:6c:20:4a:4c:f1:43:2e:f2:70:
f6:72:af:e7:05:3a:7a:e1:e0:8d:5f:d9:4d:44:f1:
3f:33:09:84:76:d5:10:12:02:3e:50:68:d0:20:31:
fb:01:00:2f:e2:54:a1:ff:bd:8a:76:f5:bd:97:2f:
e3:e5:1a:ee:ea:5b:5e:1c:91:e8:88:15:4e:fc:57:
7b:d0:2d:5a:10:c5:35:98:4b:6f:df:f3:da:f0:4f:
7c:a3:1c:6a:b5:2a:89:59:bd:c4:22:61:af:ea:fd:
35:01:bc:83:38:0f:a1:f5:ce:52:06:ba:e6:92:87:
aa:cb:9c:c9:14:c8:41:5c:dd:d3:8a:8e:c9:d2:41:
9f:61:4e:84:5b:75:e9:32:ff:6e:7e:fa:ab:e3:60:
c5:f8:f9:65:d1:11:07:24:f1:6a:c9:be:73:a4:e0:
55:a0:fb:c5:15:82:96:70:f8:02:f0:39:a8:6c:af:
ab:3c:19:40:9c:1c:71:6c:6c:4f:93:7f:ca:ae:b3:
a3:c8:9b:ec:b1:e2:38:44:26:b9:9b:50:0f:07:1c:
16:a3:fd:93:bb:af:14:6b:72:53:9b:1c:2a:5c:fe:
90:2a:52:4b:50:9e:1c:08:28:db:c8:fb:f4:2b:74:
21:7f:3f:9f:91:e3:b3:a4:92:0c:99:fa:88:1b:82:
34:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DC:02:0F:E8:9E:D9:20:13:D7:A7:7D:B4:CC:D8:FD:27:34:D5:20
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS208483.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.190.0/24
IPv6:
2a13:9500:99::/48
Signature Algorithm: sha256WithRSAEncryption
02:a2:29:df:82:5b:ad:21:5a:a5:aa:b6:06:c8:96:11:49:63:
db:00:b2:ec:90:f9:8a:b7:1d:58:4a:28:8c:a6:69:f9:f5:97:
dd:f6:1a:27:93:4c:fd:c1:ce:a3:27:b3:27:19:11:d2:d9:8a:
9e:6e:7f:f8:51:74:e6:51:4f:33:87:42:92:4c:5f:bd:29:2d:
09:3c:61:2d:33:b9:50:00:2d:8f:7d:ba:86:bc:6f:0e:83:cd:
3b:27:c1:71:00:c6:15:6e:e8:dd:ce:21:6f:a7:c9:26:6a:fe:
c2:ee:81:37:26:62:02:df:ba:b6:64:f6:40:0a:93:ac:ed:10:
bf:25:75:76:de:36:56:64:75:35:44:7e:1d:98:4f:90:14:e0:
90:69:a1:bd:e3:b5:51:a9:ab:2d:44:90:e3:53:26:ed:9f:a7:
f8:f2:2a:45:fc:72:e4:27:bd:93:1a:f5:9a:07:53:10:7d:c3:
4a:17:d5:27:d3:8c:27:17:ea:a1:d4:f4:a5:7d:fb:01:d1:b7:
ee:2c:82:21:dd:e7:19:9b:b7:48:8b:89:c2:46:23:35:4a:ac:
04:df:68:99:27:ad:82:e0:c6:57:fa:d9:8e:60:df:74:90:c3:
97:7a:3d:11:a6:da:06:3b:b6:0e:5c:f1:d9:48:85:fb:1c:53:
d1:ea:d1:ce
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUeAKzXsOl4SX7x0Z9E1Mt6cQWFgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDYwNjQxNDJaFw0yNjA4MDUwNjQ2NDJaMDMxMTAvBgNV
BAMTKEI1REMwMjBGRTg5RUQ5MjAxM0Q3QTc3REI0Q0NEOEZEMjczNEQ1MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwpdM0uGwgSkzxQy7ycPZyr+cF
Onrh4I1f2U1E8T8zCYR21RASAj5QaNAgMfsBAC/iVKH/vYp29b2XL+PlGu7qW14c
keiIFU78V3vQLVoQxTWYS2/f89rwT3yjHGq1KolZvcQiYa/q/TUBvIM4D6H1zlIG
uuaSh6rLnMkUyEFc3dOKjsnSQZ9hToRbdeky/25++qvjYMX4+WXREQck8WrJvnOk
4FWg+8UVgpZw+ALwOahsr6s8GUCcHHFsbE+Tf8qus6PIm+yx4jhEJrmbUA8HHBaj
/ZO7rxRrclObHCpc/pAqUktQnhwIKNvI+/QrdCF/P5+R47OkkgyZ+ogbgjS3AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUtdwCD+ie2SAT16d9tMzY/Sc01SAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA4NDgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUhm+
MA8EAgACMAkDBwAqE5UAAJkwDQYJKoZIhvcNAQELBQADggEBAAKiKd+CW60hWqWq
tgbIlhFJY9sAsuyQ+Yq3HVhKKIymafn1l932GieTTP3BzqMnsycZEdLZip5uf/hR
dOZRTzOHQpJMX70pLQk8YS0zuVAALY99uoa8bw6DzTsnwXEAxhVu6N3OIW+nySZq
/sLugTcmYgLfurZk9kAKk6ztEL8ldXbeNlZkdTVEfh2YT5AU4JBpob3jtVGpqy1E
kONTJu2fp/jyKkX8cuQnvZMa9ZoHUxB9w0oX1SfTjCcX6qHU9KV9+wHRt+4sgiHd
5xmbt0iLicJGIzVKrATfaJknrYLgxlf62Y5g33SQw5d6PRGm2gY7tg5c8dlIhfsc
U9Hq0c4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:45:54 2025 by rpki-client