Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210481.roa
File: AS210481.roa (raw, json)
Hash identifier: Tmi5jHscsJ9FmdvBBxE12EXTDxYl8wOCQ1LfUIC5dSk=
Subject key identifier: 8C:73:C6:0C:87:37:13:FA:DC:0E:88:E1:46:17:E8:AE:89:3E:20:EC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 598B5353946B539868594A5B28CC4446C53E6C95
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210481.roa
Signing time: Thu 17 Apr 2025 19:48:34 +0000
ROA not before: Thu 17 Apr 2025 19:43:34 +0000
ROA not after: Thu 16 Apr 2026 19:48:34 +0000
asID: 210481
IP address blocks: 82.24.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:8b:53:53:94:6b:53:98:68:59:4a:5b:28:cc:44:46:c5:3e:6c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 17 19:43:34 2025 GMT
Not After : Apr 16 19:48:34 2026 GMT
Subject: CN=8C73C60C873713FADC0E88E14617E8AE893E20EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:05:32:98:04:4c:18:54:db:9a:be:9b:2c:14:
59:d5:bc:09:d2:4d:48:f3:a2:90:69:19:65:40:51:
4e:d0:99:98:e3:fd:b1:1a:15:d4:46:ff:6e:52:2b:
ad:6e:f0:f6:40:b2:ed:ce:a4:31:84:5a:fc:12:01:
e1:57:53:0e:e4:fc:f0:a5:63:9c:b5:da:27:be:01:
23:81:b1:ca:ed:a9:3d:1b:b1:bf:ce:0c:19:89:80:
bd:c7:0c:cf:74:76:bf:26:a5:40:60:e2:de:9c:7c:
fb:c2:80:9a:40:ca:4e:95:ea:9d:c7:22:0e:95:d8:
98:4f:9a:6a:4d:65:69:2e:3d:e7:da:9a:29:19:15:
89:c9:c6:d2:e6:b0:23:b5:89:e3:74:27:a5:2f:1b:
a0:34:07:5c:5e:ef:28:d1:9b:fa:5d:cb:df:62:49:
88:7a:ad:8d:f1:31:11:cb:89:d1:5d:fd:e5:6d:58:
42:3f:f7:31:15:c7:09:ad:5f:2b:4d:0e:39:a3:a6:
c6:64:e9:61:d2:92:45:bd:30:ae:31:c3:ed:13:07:
46:2a:bf:19:56:d6:1a:18:07:74:b4:af:45:47:78:
66:8f:5e:68:cd:53:4d:62:44:7c:fa:5c:f0:86:42:
ae:79:2b:71:d9:32:77:0c:5b:d2:f3:a6:40:39:bb:
59:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:73:C6:0C:87:37:13:FA:DC:0E:88:E1:46:17:E8:AE:89:3E:20:EC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210481.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.183.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:b7:1b:66:78:5b:2a:2c:ee:c4:8e:c0:9b:fb:df:11:7e:0a:
99:4c:33:10:fc:a0:be:ed:6c:22:ee:b5:c8:d5:9f:c5:d1:50:
66:42:05:09:bc:ab:99:1f:6c:e9:ee:ef:2f:8b:3a:63:c9:ac:
fd:c2:e0:26:f8:ad:84:66:21:fa:ef:cc:ac:f2:38:c5:f1:ff:
51:af:06:34:1e:ff:ad:ef:ab:1f:b2:e8:0a:c9:dc:43:11:de:
e5:89:42:ff:a4:59:57:db:c0:ad:65:df:35:bc:65:cd:ff:d1:
8b:47:d7:74:f5:32:6a:02:ca:f8:13:13:71:1c:66:2c:3b:34:
69:76:42:95:15:b7:68:f8:e0:ca:b6:09:29:aa:45:fe:0a:a2:
49:5e:f1:9a:02:52:f7:ae:a0:cd:35:11:91:3a:6f:c2:b6:b7:
ec:9d:90:43:7c:a7:67:83:7c:ef:4a:25:87:2d:d3:6e:2e:12:
62:eb:be:af:ad:02:40:e9:19:80:e2:aa:77:41:72:e5:12:55:
24:c9:01:be:71:79:aa:1a:ef:6b:76:62:fd:62:37:dd:bf:3f:
8a:ec:6b:37:33:62:ba:c7:c6:9c:95:a7:51:fc:6a:c4:a1:30:
f5:f2:6a:6b:16:cc:05:32:1d:81:4f:be:f7:25:6c:aa:17:34:
82:9c:c6:a3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUWYtTU5RrU5hoWUpbKMxERsU+bJUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MTcxOTQzMzRaFw0yNjA0MTYxOTQ4MzRaMDMxMTAvBgNV
BAMTKDhDNzNDNjBDODczNzEzRkFEQzBFODhFMTQ2MTdFOEFFODkzRTIwRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0BTKYBEwYVNuavpssFFnVvAnS
TUjzopBpGWVAUU7QmZjj/bEaFdRG/25SK61u8PZAsu3OpDGEWvwSAeFXUw7k/PCl
Y5y12ie+ASOBscrtqT0bsb/ODBmJgL3HDM90dr8mpUBg4t6cfPvCgJpAyk6V6p3H
Ig6V2JhPmmpNZWkuPefamikZFYnJxtLmsCO1ieN0J6UvG6A0B1xe7yjRm/pdy99i
SYh6rY3xMRHLidFd/eVtWEI/9zEVxwmtXytNDjmjpsZk6WHSkkW9MK4xw+0TB0Yq
vxlW1hoYB3S0r0VHeGaPXmjNU01iRHz6XPCGQq55K3HZMncMW9LzpkA5u1kvAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUjHPGDIc3E/rcDojhRhforok+IOwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEwNDgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhi3
MA0GCSqGSIb3DQEBCwUAA4IBAQA+txtmeFsqLO7EjsCb+98RfgqZTDMQ/KC+7Wwi
7rXI1Z/F0VBmQgUJvKuZH2zp7u8vizpjyaz9wuAm+K2EZiH678ys8jjF8f9RrwY0
Hv+t76sfsugKydxDEd7liUL/pFlX28CtZd81vGXN/9GLR9d09TJqAsr4ExNxHGYs
OzRpdkKVFbdo+ODKtgkpqkX+CqJJXvGaAlL3rqDNNRGROm/CtrfsnZBDfKdng3zv
SiWHLdNuLhJi676vrQJA6RmA4qp3QXLlElUkyQG+cXmqGu9rdmL9Yjfdvz+K7Gs3
M2K6x8acladR/GrEoTD18mprFswFMh2BT773JWyqFzSCnMaj
-----END CERTIFICATE-----
Generated at Tue May 6 16:35:55 2025 by rpki-client