Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212150.roa
File: AS212150.roa (raw, json)
Hash identifier: e1x7u5Zl5mFIYDDECMRpDu23GX8x1Xo46f7kWdJZTv4=
Subject key identifier: 01:10:2F:39:3B:E3:AF:5A:FE:62:42:29:BF:61:24:DA:9F:5E:8B:69
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4CB01C44EB4893FE467662385BA35290B9B9C75D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212150.roa
Signing time: Thu 01 May 2025 11:20:07 +0000
ROA not before: Thu 01 May 2025 11:15:07 +0000
ROA not after: Thu 30 Apr 2026 11:20:07 +0000
asID: 212150
IP address blocks: 82.21.8.0/24 maxlen: 24
82.21.65.0/24 maxlen: 24
82.22.205.0/24 maxlen: 24
82.29.38.0/24 maxlen: 24
82.29.74.0/24 maxlen: 24
82.29.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:b0:1c:44:eb:48:93:fe:46:76:62:38:5b:a3:52:90:b9:b9:c7:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 1 11:15:07 2025 GMT
Not After : Apr 30 11:20:07 2026 GMT
Subject: CN=01102F393BE3AF5AFE624229BF6124DA9F5E8B69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:19:91:f2:e4:81:5a:5f:df:21:6e:f9:17:34:
9f:1c:9a:44:d4:f0:2b:e9:a3:93:5a:90:ff:86:15:
38:c6:00:54:0d:4e:3c:96:be:d9:e4:ca:36:77:9f:
19:1d:a5:a6:ff:cb:76:3c:5f:92:cf:1f:0b:7a:06:
50:95:4b:87:41:75:a2:8c:ef:62:76:0b:d6:49:77:
55:a8:eb:78:05:30:14:3a:08:61:f5:f0:45:e8:95:
1e:19:9b:9a:89:9e:31:8f:d6:38:37:6b:c0:e2:2b:
f1:e7:1b:39:0c:40:fc:13:d2:3b:c2:9b:6e:fc:d6:
48:c9:cb:38:16:94:aa:13:6d:7b:f9:b0:1f:29:06:
dc:79:9d:bf:d9:94:24:4b:c9:bb:9b:ff:f2:b1:c3:
19:43:ec:2f:e8:34:54:d7:fa:db:b3:71:a9:e3:58:
52:ef:71:77:ac:f3:0d:1c:2a:b6:b9:3d:f9:9b:64:
c6:ce:95:fa:5e:5d:55:b3:de:8e:71:07:56:93:f2:
a8:90:b3:aa:ae:c4:5f:06:a4:f2:90:dc:3d:36:c2:
29:63:93:57:3c:0c:0c:be:35:c7:a7:e2:1e:f5:ca:
63:34:22:47:d7:8e:e9:9b:6a:ce:0e:12:f9:61:cb:
cb:b7:b2:06:54:a1:2e:df:ff:79:d6:ba:1b:50:25:
c7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:10:2F:39:3B:E3:AF:5A:FE:62:42:29:BF:61:24:DA:9F:5E:8B:69
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212150.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.8.0/24
82.21.65.0/24
82.22.205.0/24
82.29.38.0/24
82.29.74.0/24
82.29.88.0/24
Signature Algorithm: sha256WithRSAEncryption
51:18:07:e8:4f:6d:9b:1f:9d:07:ca:44:46:69:aa:50:b1:0f:
01:02:17:d6:21:7c:6b:c6:c4:f2:d2:5b:c6:f1:f2:b3:09:f0:
c2:29:12:5f:df:6d:53:fb:8a:52:ff:3c:34:95:7b:6a:ee:8c:
5b:a5:c5:a7:dc:38:fd:5c:9b:69:59:db:af:b0:27:b6:b0:ae:
e5:72:47:38:d4:80:76:a2:38:89:89:51:ba:a4:f8:30:30:b9:
46:23:e1:bf:ad:4e:fe:8b:6d:4d:53:ec:fc:f8:b1:c8:92:20:
67:46:bf:6b:e5:e6:bf:17:0e:2c:c0:14:28:44:df:f1:bb:f5:
5c:8b:e3:f7:7c:4b:f1:51:1a:58:1f:7b:5a:ba:28:37:d0:f0:
32:7e:e0:04:d2:82:68:d8:62:bd:a2:67:d6:ae:6f:25:b0:9a:
39:19:3c:30:1b:02:cb:ef:fe:ef:e7:aa:27:15:cc:e8:eb:12:
ee:3a:36:b9:d4:b1:a4:75:cb:30:38:13:ca:40:b9:1a:69:c4:
ae:e0:20:4d:32:9f:f2:ab:e8:6c:63:9d:1b:1a:2d:19:e9:e6:
7f:14:40:e6:06:07:b3:54:9d:c4:08:ee:2f:7a:7f:4f:e9:e7:
9e:25:d5:fc:06:50:a6:d9:e1:c1:19:53:3d:49:61:1d:3d:bb:
fb:30:9e:98
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUTLAcROtIk/5GdmI4W6NSkLm5x10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MDExMTE1MDdaFw0yNjA0MzAxMTIwMDdaMDMxMTAvBgNV
BAMTKDAxMTAyRjM5M0JFM0FGNUFGRTYyNDIyOUJGNjEyNERBOUY1RThCNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqGZHy5IFaX98hbvkXNJ8cmkTU
8Cvpo5NakP+GFTjGAFQNTjyWvtnkyjZ3nxkdpab/y3Y8X5LPHwt6BlCVS4dBdaKM
72J2C9ZJd1Wo63gFMBQ6CGH18EXolR4Zm5qJnjGP1jg3a8DiK/HnGzkMQPwT0jvC
m2781kjJyzgWlKoTbXv5sB8pBtx5nb/ZlCRLybub//KxwxlD7C/oNFTX+tuzcanj
WFLvcXes8w0cKra5PfmbZMbOlfpeXVWz3o5xB1aT8qiQs6quxF8GpPKQ3D02wilj
k1c8DAy+Ncen4h71ymM0IkfXjumbas4OEvlhy8u3sgZUoS7f/3nWuhtQJcd3AgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUARAvOTvjr1r+YkIpv2Ek2p9ei2kwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyMTUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUhUI
AwQAUhVBAwQAUhbNAwQAUh0mAwQAUh1KAwQAUh1YMA0GCSqGSIb3DQEBCwUAA4IB
AQBRGAfoT22bH50HykRGaapQsQ8BAhfWIXxrxsTy0lvG8fKzCfDCKRJf321T+4pS
/zw0lXtq7oxbpcWn3Dj9XJtpWduvsCe2sK7lckc41IB2ojiJiVG6pPgwMLlGI+G/
rU7+i21NU+z8+LHIkiBnRr9r5ea/Fw4swBQoRN/xu/Vci+P3fEvxURpYH3tauig3
0PAyfuAE0oJo2GK9omfWrm8lsJo5GTwwGwLL7/7v56onFczo6xLuOja51LGkdcsw
OBPKQLkaacSu4CBNMp/yq+hsY50bGi0Z6eZ/FEDmBgezVJ3ECO4ven9P6eeeJdX8
BlCm2eHBGVM9SWEdPbv7MJ6Y
-----END CERTIFICATE-----
Generated at Tue May 6 16:35:21 2025 by rpki-client