Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212427.roa
File: AS212427.roa (raw, json)
Hash identifier: KQ1BuBuEd9HV/qrWyj7DEhCd2UVygAVolJaBeDzlNsA=
Subject key identifier: 87:9C:52:F0:6D:21:0A:5E:FE:A3:0B:7E:C2:A1:7E:F6:8E:95:B1:E4
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4D6DD197BBA7A46F5E5310A480C5924D31821480
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212427.roa
Signing time: Wed 18 Jun 2025 15:37:19 +0000
ROA not before: Wed 18 Jun 2025 15:32:19 +0000
ROA not after: Wed 17 Jun 2026 15:37:19 +0000
asID: 212427
IP address blocks: 82.25.37.0/24 maxlen: 24
82.26.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:6d:d1:97:bb:a7:a4:6f:5e:53:10:a4:80:c5:92:4d:31:82:14:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 18 15:32:19 2025 GMT
Not After : Jun 17 15:37:19 2026 GMT
Subject: CN=879C52F06D210A5EFEA30B7EC2A17EF68E95B1E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d4:65:35:7b:bd:06:85:70:65:2e:4f:0c:49:
63:c9:c5:89:a2:8a:1b:9d:1a:01:49:ef:2b:1e:37:
71:de:86:fa:0d:cc:70:d8:43:06:d5:50:4c:bd:6c:
f8:50:1d:f7:ed:83:e2:73:e1:58:a8:19:27:6f:a6:
93:f0:c1:bf:09:f8:40:93:28:77:61:b8:86:4e:66:
ff:bf:33:10:b0:cd:4f:52:59:fb:e6:9c:64:a2:21:
15:87:7d:46:6e:11:45:19:b4:70:a9:18:09:75:0b:
22:bf:b8:d2:d2:44:4e:fb:dd:4d:d0:c8:2c:08:4c:
40:a1:b5:dd:ed:96:30:0e:55:26:73:d9:89:f3:89:
85:c7:1f:15:1c:f4:09:fe:4d:cf:2a:5c:6a:19:5c:
bc:e5:40:23:aa:09:ff:d8:0b:a9:fb:63:c3:7a:18:
04:88:21:f0:3d:8e:33:29:54:3a:26:23:b8:60:76:
7d:4e:9a:9e:7e:c9:68:26:5c:91:8a:dc:6b:5d:b8:
67:b5:63:b2:03:77:65:70:ea:e8:92:2c:d5:05:8f:
a2:77:97:ac:ab:49:e9:3b:41:9d:a3:27:c9:5e:ca:
39:e7:43:c7:f7:e2:84:18:8e:ee:8c:2f:f2:72:69:
6a:ab:51:d5:64:75:3b:81:dd:6d:0e:ba:b3:ec:43:
9e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:9C:52:F0:6D:21:0A:5E:FE:A3:0B:7E:C2:A1:7E:F6:8E:95:B1:E4
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.37.0/24
82.26.81.0/24
Signature Algorithm: sha256WithRSAEncryption
98:90:2d:ce:62:cb:93:a0:d7:f5:c8:90:b9:28:76:61:00:ef:
d6:8c:00:6c:88:b8:fa:61:de:b1:23:37:6d:44:da:d6:97:5e:
99:25:d1:90:90:ff:37:bf:06:9e:1d:13:20:bc:74:41:e6:97:
d8:bb:c9:0b:a6:3a:a3:80:17:be:47:08:0b:2c:d3:29:43:7f:
47:c2:79:7c:09:b8:1a:74:96:b0:39:39:b8:f2:cb:18:34:e0:
eb:e5:d6:52:46:b1:58:3f:bc:0c:d6:84:8e:8a:65:3d:d6:02:
2c:c7:ef:2a:86:08:f6:30:39:40:54:16:f3:0d:33:8e:18:94:
d0:ee:97:cb:a3:29:0a:7d:8f:19:b2:3c:f6:5e:00:7c:1f:b0:
41:47:c5:b5:cb:df:3e:e6:80:a5:59:ce:4b:4d:eb:1e:0f:b1:
85:dc:7a:b2:68:f2:6c:a9:6c:e1:f3:ce:cd:db:50:b7:4e:32:
1f:85:79:96:99:86:9a:b1:84:36:e6:f4:cb:c9:e3:1e:70:80:
91:8b:d2:d4:0d:20:f3:5b:e3:78:9b:bd:15:47:7e:2a:e5:8e:
41:77:31:2a:ff:e8:57:2c:ce:b4:ff:34:8d:c8:22:6d:98:71:
d1:ab:83:4f:7d:ca:9d:dc:b3:4d:26:c6:9c:af:d6:30:e7:ed:
9f:f8:50:26
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUTW3Rl7unpG9eUxCkgMWSTTGCFIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTgxNTMyMTlaFw0yNjA2MTcxNTM3MTlaMDMxMTAvBgNV
BAMTKDg3OUM1MkYwNkQyMTBBNUVGRUEzMEI3RUMyQTE3RUY2OEU5NUIxRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv1GU1e70GhXBlLk8MSWPJxYmi
ihudGgFJ7yseN3HehvoNzHDYQwbVUEy9bPhQHfftg+Jz4VioGSdvppPwwb8J+ECT
KHdhuIZOZv+/MxCwzU9SWfvmnGSiIRWHfUZuEUUZtHCpGAl1CyK/uNLSRE773U3Q
yCwITEChtd3tljAOVSZz2YnziYXHHxUc9An+Tc8qXGoZXLzlQCOqCf/YC6n7Y8N6
GASIIfA9jjMpVDomI7hgdn1Omp5+yWgmXJGK3GtduGe1Y7IDd2Vw6uiSLNUFj6J3
l6yrSek7QZ2jJ8leyjnnQ8f34oQYju6ML/JyaWqrUdVkdTuB3W0OurPsQ55rAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUh5xS8G0hCl7+owt+wqF+9o6VseQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyNDI3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUhkl
AwQAUhpRMA0GCSqGSIb3DQEBCwUAA4IBAQCYkC3OYsuToNf1yJC5KHZhAO/WjABs
iLj6Yd6xIzdtRNrWl16ZJdGQkP83vwaeHRMgvHRB5pfYu8kLpjqjgBe+RwgLLNMp
Q39Hwnl8CbgadJawOTm48ssYNODr5dZSRrFYP7wM1oSOimU91gIsx+8qhgj2MDlA
VBbzDTOOGJTQ7pfLoykKfY8Zsjz2XgB8H7BBR8W1y98+5oClWc5LTeseD7GF3Hqy
aPJsqWzh887N21C3TjIfhXmWmYaasYQ25vTLyeMecICRi9LUDSDzW+N4m70VR34q
5Y5BdzEq/+hXLM60/zSNyCJtmHHRq4NPfcqd3LNNJsacr9Yw5+2f+FAm
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:48:51 2025 by rpki-client