Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212868.roa
File: AS212868.roa (raw, json)
Hash identifier: nUGRb8z5zg97hjjhdGNmtlhVJaeu29N7CjAYoCuGjNs=
Subject key identifier: 76:D8:86:A7:D9:33:2A:B0:C7:EE:17:F0:A1:5D:06:BB:43:DA:E0:F8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 73483D73156F19941DD2B02B400E4D7262EEB9E9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212868.roa
Signing time: Mon 13 Oct 2025 16:38:56 +0000
ROA not before: Mon 13 Oct 2025 16:33:56 +0000
ROA not after: Mon 12 Oct 2026 16:38:56 +0000
asID: 212868
IP address blocks: 82.22.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:48:3d:73:15:6f:19:94:1d:d2:b0:2b:40:0e:4d:72:62:ee:b9:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 13 16:33:56 2025 GMT
Not After : Oct 12 16:38:56 2026 GMT
Subject: CN=76D886A7D9332AB0C7EE17F0A15D06BB43DAE0F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1c:28:a2:0e:94:36:3d:ad:5e:8b:61:85:c0:
a8:f3:2e:80:6d:7d:43:09:2a:5e:f4:43:6f:c8:0b:
0c:29:ed:80:08:15:d4:6b:28:ad:11:3b:8a:ce:dc:
5f:09:09:d5:a7:7d:b8:65:0b:1c:c4:67:77:4d:1f:
9f:8b:ca:86:03:30:5a:02:ea:5e:0f:fa:9a:16:ad:
bc:87:f3:6c:35:52:ec:bb:c7:81:b1:bf:93:5f:dc:
b5:a8:e1:77:f8:0a:38:24:14:57:c8:7b:ea:c6:74:
53:8e:1a:97:cc:c2:e1:b0:ab:ea:60:00:ac:d6:fc:
92:bf:5d:32:00:90:e8:aa:46:18:4c:07:56:db:33:
76:23:0f:a9:4b:ba:7a:43:14:83:c4:f5:b8:27:1b:
41:6f:80:8e:b5:e3:05:9d:1e:84:38:9b:d1:02:20:
a9:3d:2c:a2:8c:c7:0a:40:83:15:87:f8:20:47:37:
04:91:ca:b8:34:3e:ae:d6:e5:cd:ea:28:33:00:d5:
fa:6a:ce:8a:91:70:56:39:6b:cc:71:3e:8a:78:28:
3f:73:b1:65:dc:f7:28:6f:be:1f:88:d5:64:b9:34:
95:51:e1:4e:47:1b:36:19:23:05:c6:f9:aa:59:8e:
0e:06:5b:38:02:3a:cf:ac:50:46:00:86:81:c4:20:
85:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D8:86:A7:D9:33:2A:B0:C7:EE:17:F0:A1:5D:06:BB:43:DA:E0:F8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212868.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.20.0/24
Signature Algorithm: sha256WithRSAEncryption
33:99:27:4d:d9:ab:32:a8:60:76:c6:a2:e9:32:11:5a:df:77:
4e:3a:33:2f:69:8e:93:5d:5a:75:45:cf:ce:01:e8:b5:5c:ec:
de:84:9f:a9:22:a1:e0:8a:a6:41:1f:d8:6e:6d:01:bb:bb:39:
a9:1d:8a:3c:f2:83:05:4f:f0:24:3a:b4:08:05:be:f1:e6:44:
c8:33:15:26:6e:cf:a1:7c:72:ce:c7:8d:e2:6d:6d:0e:83:f8:
61:ff:22:04:03:a4:73:26:f6:55:64:84:57:b1:62:17:0f:e8:
b0:a1:e1:41:ef:2e:a4:84:46:67:93:6f:a4:fe:00:e1:e1:a2:
49:2d:1b:86:ee:19:d5:32:4a:1a:ea:6d:9d:41:48:68:4c:65:
e4:a7:4c:8a:3c:05:d8:17:c2:b6:ba:a9:ab:42:2c:14:b4:f5:
05:59:42:db:82:e5:66:8b:7e:c2:5f:c2:3a:5e:4f:af:0e:ee:
a9:7c:9d:b5:af:8e:25:10:dd:20:f0:b5:c2:e8:c2:78:65:cc:
eb:23:71:6a:4a:bc:0f:0c:9a:eb:4b:24:ed:92:7e:80:67:c9:
78:33:ad:7b:7d:10:b1:f6:05:45:64:3c:c0:bd:6e:9b:56:07:
eb:ca:22:cc:05:23:10:d7:f8:f4:7e:1e:91:15:c4:36:aa:23:
1c:9f:d8:46
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUc0g9cxVvGZQd0rArQA5NcmLuuekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMTMxNjMzNTZaFw0yNjEwMTIxNjM4NTZaMDMxMTAvBgNV
BAMTKDc2RDg4NkE3RDkzMzJBQjBDN0VFMTdGMEExNUQwNkJCNDNEQUUwRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPHCiiDpQ2Pa1ei2GFwKjzLoBt
fUMJKl70Q2/ICwwp7YAIFdRrKK0RO4rO3F8JCdWnfbhlCxzEZ3dNH5+LyoYDMFoC
6l4P+poWrbyH82w1Uuy7x4Gxv5Nf3LWo4Xf4CjgkFFfIe+rGdFOOGpfMwuGwq+pg
AKzW/JK/XTIAkOiqRhhMB1bbM3YjD6lLunpDFIPE9bgnG0FvgI614wWdHoQ4m9EC
IKk9LKKMxwpAgxWH+CBHNwSRyrg0Pq7W5c3qKDMA1fpqzoqRcFY5a8xxPop4KD9z
sWXc9yhvvh+I1WS5NJVR4U5HGzYZIwXG+apZjg4GWzgCOs+sUEYAhoHEIIUBAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUdtiGp9kzKrDH7hfwoV0Gu0Pa4PgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyODY4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhYU
MA0GCSqGSIb3DQEBCwUAA4IBAQAzmSdN2asyqGB2xqLpMhFa33dOOjMvaY6TXVp1
Rc/OAei1XOzehJ+pIqHgiqZBH9hubQG7uzmpHYo88oMFT/AkOrQIBb7x5kTIMxUm
bs+hfHLOx43ibW0Og/hh/yIEA6RzJvZVZIRXsWIXD+iwoeFB7y6khEZnk2+k/gDh
4aJJLRuG7hnVMkoa6m2dQUhoTGXkp0yKPAXYF8K2uqmrQiwUtPUFWULbguVmi37C
X8I6Xk+vDu6pfJ21r44lEN0g8LXC6MJ4ZczrI3FqSrwPDJrrSyTtkn6AZ8l4M617
fRCx9gVFZDzAvW6bVgfryiLMBSMQ1/j0fh6RFcQ2qiMcn9hG
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:35 2025 by rpki-client