Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213426.roa
File: AS213426.roa (raw, json)
Hash identifier: MKLhhU4EzZr8nykq2ETcBU7Af73DRhZAavcA9JpmiRs=
Subject key identifier: BD:1F:6A:D1:8D:15:EA:D1:2C:06:2E:CF:FB:4B:51:3C:4E:8E:15:C4
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 25E1D7FEC0849B1A44B7FCE8B4831B7901D6A64B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213426.roa
Signing time: Tue 21 Apr 2026 13:57:33 +0000
ROA not before: Tue 21 Apr 2026 13:52:33 +0000
ROA not after: Tue 20 Apr 2027 13:57:33 +0000
asID: 213426
IP address blocks: 82.47.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:e1:d7:fe:c0:84:9b:1a:44:b7:fc:e8:b4:83:1b:79:01:d6:a6:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 21 13:52:33 2026 GMT
Not After : Apr 20 13:57:33 2027 GMT
Subject: CN=BD1F6AD18D15EAD12C062ECFFB4B513C4E8E15C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8f:c5:d8:3a:98:56:0f:ca:11:21:d7:17:4f:
46:2e:bd:e4:2e:ff:a5:40:18:f0:d4:ef:d2:45:7c:
a2:ce:12:ee:21:69:71:22:89:9a:ff:41:14:7d:32:
6b:ae:0e:60:a8:53:4f:1e:6d:80:ae:2a:45:4b:9f:
42:ab:30:05:63:ab:f0:af:3a:71:f8:dc:32:cb:6b:
d7:23:20:d2:4e:a3:c1:f3:5a:bb:72:9a:9c:20:70:
e4:a9:a6:01:cd:8f:e9:b0:1a:5c:a0:8e:59:ec:7e:
7d:84:51:92:a9:81:08:2d:42:c1:56:ec:c4:6a:28:
9b:bb:83:ac:a8:56:19:9e:01:84:0d:56:40:33:c4:
41:d1:87:78:e7:b4:1d:1f:70:5a:fd:04:55:56:a5:
41:9f:ed:7a:e6:31:92:0c:26:6f:6c:52:11:da:98:
70:bf:25:42:0a:b6:e3:06:ca:3c:09:66:b0:5c:59:
5d:de:72:0a:64:f9:c7:de:8b:d0:07:7b:97:e1:a3:
a6:44:ee:c0:c5:8f:6f:b3:ce:78:79:97:4d:02:da:
1b:74:23:a5:8b:57:d3:77:1a:61:77:db:df:0a:84:
e2:cf:d5:77:37:29:42:56:36:8c:8a:5e:f6:1c:16:
cd:a9:d1:4a:95:25:73:c4:6d:d3:8a:d2:0d:d7:4f:
f8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:1F:6A:D1:8D:15:EA:D1:2C:06:2E:CF:FB:4B:51:3C:4E:8E:15:C4
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213426.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.47.46.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:0f:ea:d3:6b:84:ec:47:25:5b:9a:a2:b6:3b:6f:f6:43:16:
15:80:8b:12:74:27:f7:d3:e9:e6:f3:b0:1e:23:c2:23:c6:4d:
3c:2d:e5:85:03:7f:8f:d0:a5:cd:2a:94:f9:6a:58:44:50:93:
7a:7f:54:7b:02:18:78:0c:8b:48:f0:de:6d:46:e6:77:1f:6d:
3c:03:79:a7:75:bb:db:4e:3a:ea:60:d6:34:2b:e9:72:22:2a:
8d:a2:b4:e8:a6:14:e0:04:24:91:e5:cd:af:5d:65:ec:5a:52:
b8:dd:af:47:a8:23:05:0a:fc:76:98:5f:64:ea:55:64:83:e0:
7a:a6:a1:5a:f6:4e:a9:5a:09:58:87:8a:80:13:e9:25:07:2c:
76:1f:a5:09:31:62:5b:75:f0:97:e7:ba:f9:15:c9:82:2d:6d:
a0:33:6f:41:9b:c9:98:af:ed:1b:18:27:69:db:48:d5:95:14:
7a:2d:a0:d1:cc:6a:30:df:ba:17:25:a7:f5:53:8a:6f:b6:ab:
99:b1:38:44:0d:fb:e5:6c:54:66:1a:ab:8b:0b:04:8a:f9:25:
35:df:0b:2e:ae:07:8f:47:f2:70:cd:f6:f6:50:54:c9:90:82:
85:21:a7:ed:fc:ca:91:7a:d8:60:ef:c9:91:a5:e6:71:f2:1a:
dd:47:79:54
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUJeHX/sCEmxpEt/zotIMbeQHWpkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjExMzUyMzNaFw0yNzA0MjAxMzU3MzNaMDMxMTAvBgNV
BAMTKEJEMUY2QUQxOEQxNUVBRDEyQzA2MkVDRkZCNEI1MTNDNEU4RTE1QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgj8XYOphWD8oRIdcXT0YuveQu
/6VAGPDU79JFfKLOEu4haXEiiZr/QRR9MmuuDmCoU08ebYCuKkVLn0KrMAVjq/Cv
OnH43DLLa9cjINJOo8HzWrtympwgcOSppgHNj+mwGlygjlnsfn2EUZKpgQgtQsFW
7MRqKJu7g6yoVhmeAYQNVkAzxEHRh3jntB0fcFr9BFVWpUGf7XrmMZIMJm9sUhHa
mHC/JUIKtuMGyjwJZrBcWV3ecgpk+cfei9AHe5fho6ZE7sDFj2+zznh5l00C2ht0
I6WLV9N3GmF3298KhOLP1Xc3KUJWNoyKXvYcFs2p0UqVJXPEbdOK0g3XT/iFAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUvR9q0Y0V6tEsBi7P+0tRPE6OFcQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEzNDI2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUi8u
MA0GCSqGSIb3DQEBCwUAA4IBAQA6D+rTa4TsRyVbmqK2O2/2QxYVgIsSdCf30+nm
87AeI8Ijxk08LeWFA3+P0KXNKpT5alhEUJN6f1R7Ahh4DItI8N5tRuZ3H208A3mn
dbvbTjrqYNY0K+lyIiqNorTophTgBCSR5c2vXWXsWlK43a9HqCMFCvx2mF9k6lVk
g+B6pqFa9k6pWglYh4qAE+klByx2H6UJMWJbdfCX57r5FcmCLW2gM29Bm8mYr+0b
GCdp20jVlRR6LaDRzGow37oXJaf1U4pvtquZsThEDfvlbFRmGquLCwSK+SU13wsu
rgePR/Jwzfb2UFTJkIKFIaft/MqRethg78mRpeZx8hrdR3lU
-----END CERTIFICATE-----
Generated at Wed May 13 06:58:53 2026 by rpki-client