Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213734.roa
File: AS213734.roa (raw, json)
Hash identifier: yjYQjJGkP8zjLDjOn2l6jkhIKqWvyzvLPByu3P16ZiI=
Subject key identifier: B3:F5:EA:C4:AA:68:E5:33:BF:DA:E2:02:26:5B:3F:B9:D6:2D:43:1B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 652407D3DFE515D97AA3DC12FB5DE3E8B2FFFB8D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213734.roa
Signing time: Wed 06 May 2026 13:16:16 +0000
ROA not before: Wed 06 May 2026 13:11:16 +0000
ROA not after: Wed 05 May 2027 13:16:16 +0000
asID: 213734
IP address blocks: 82.24.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:24:07:d3:df:e5:15:d9:7a:a3:dc:12:fb:5d:e3:e8:b2:ff:fb:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 6 13:11:16 2026 GMT
Not After : May 5 13:16:16 2027 GMT
Subject: CN=B3F5EAC4AA68E533BFDAE202265B3FB9D62D431B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ff:8c:63:f4:e0:c3:98:ba:3f:52:d5:3b:e8:
e3:a4:9e:80:5b:0e:8b:56:ed:36:a8:e1:56:53:da:
07:7b:8b:a4:46:46:9e:58:ef:5c:c3:03:92:59:6c:
c5:12:cb:1e:37:f2:fc:90:79:98:08:a5:f8:b9:4c:
5b:ee:06:bd:15:18:a1:c9:92:dd:e5:35:fd:21:99:
bf:db:6e:18:e8:40:f3:27:a3:24:4d:a3:25:a7:f8:
31:38:60:ed:dd:bf:20:01:b5:75:12:b4:2e:5a:dc:
ae:02:85:39:a0:02:97:d6:71:e3:64:c3:dc:71:4b:
6c:29:67:d4:33:04:64:c6:01:ea:8e:e6:fd:d0:73:
6c:6f:ce:e0:4c:7b:52:24:49:00:20:fd:99:fb:93:
a9:33:9f:b4:81:53:a4:7c:8f:27:4d:ac:8a:46:81:
01:79:79:6a:08:25:c1:92:0a:b3:2a:8d:1a:84:9c:
2e:45:5c:c8:73:ac:ce:aa:fb:33:24:53:e4:0a:ee:
fb:f0:33:04:84:52:5f:eb:71:2c:7f:34:9c:ca:84:
c8:f7:47:6a:0d:1e:af:d2:e4:ae:68:61:02:40:be:
81:3a:65:58:c8:87:af:19:8e:ee:9b:c8:e3:92:6e:
50:8e:4b:f9:26:c1:a9:1a:66:db:d5:0b:9c:ab:e1:
a1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F5:EA:C4:AA:68:E5:33:BF:DA:E2:02:26:5B:3F:B9:D6:2D:43:1B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.24.4.0/24
Signature Algorithm: sha256WithRSAEncryption
76:2f:23:52:73:20:c0:4c:bb:3e:94:08:ef:49:01:75:41:7a:
bb:44:83:14:29:ea:21:80:13:65:fe:36:02:3e:4a:0e:ba:d0:
64:ec:f2:8d:48:1d:c6:93:1e:43:b1:d5:1a:cc:e4:ac:d0:c0:
21:5a:01:6d:70:76:ea:a7:3a:44:1e:80:36:14:36:57:48:96:
ec:68:fc:35:d8:a0:18:d5:48:5d:dd:f3:40:3d:b4:e2:ca:e3:
79:6d:c3:20:23:7e:58:86:3f:28:f4:34:e2:77:9e:e4:1f:97:
4b:86:85:49:53:de:2b:5b:51:bc:e6:3d:d7:cf:6f:e8:e5:8f:
77:43:26:e4:54:bc:18:66:93:5f:04:9e:fe:8a:9d:98:c4:d2:
44:1d:35:c8:28:8a:fb:25:37:0b:6d:f6:4e:dd:2f:9e:55:f9:
2a:91:7c:fa:20:2d:1d:6d:6b:58:10:f9:f3:de:24:5a:d0:97:
2d:ea:50:b7:1b:42:5e:70:9d:f3:ab:33:81:b5:3b:2e:8f:bd:
1f:7c:ec:cc:31:43:bd:d1:cc:9c:a8:53:95:9c:4d:e6:80:03:
cf:29:78:45:17:d7:fa:27:52:42:35:20:47:db:1f:4c:7b:c7:
19:3b:d5:04:bf:20:ec:1d:ec:dc:56:f1:6b:20:19:3e:51:91:
5f:48:58:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZSQH09/lFdl6o9wS+13j6LL/+40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDYxMzExMTZaFw0yNzA1MDUxMzE2MTZaMDMxMTAvBgNV
BAMTKEIzRjVFQUM0QUE2OEU1MzNCRkRBRTIwMjI2NUIzRkI5RDYyRDQzMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS/4xj9ODDmLo/UtU76OOknoBb
DotW7Tao4VZT2gd7i6RGRp5Y71zDA5JZbMUSyx438vyQeZgIpfi5TFvuBr0VGKHJ
kt3lNf0hmb/bbhjoQPMnoyRNoyWn+DE4YO3dvyABtXUStC5a3K4ChTmgApfWceNk
w9xxS2wpZ9QzBGTGAeqO5v3Qc2xvzuBMe1IkSQAg/Zn7k6kzn7SBU6R8jydNrIpG
gQF5eWoIJcGSCrMqjRqEnC5FXMhzrM6q+zMkU+QK7vvwMwSEUl/rcSx/NJzKhMj3
R2oNHq/S5K5oYQJAvoE6ZVjIh68Zju6byOOSblCOS/kmwakaZtvVC5yr4aFfAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUs/XqxKpo5TO/2uICJls/udYtQxswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEzNzM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhgE
MA0GCSqGSIb3DQEBCwUAA4IBAQB2LyNScyDATLs+lAjvSQF1QXq7RIMUKeohgBNl
/jYCPkoOutBk7PKNSB3Gkx5DsdUazOSs0MAhWgFtcHbqpzpEHoA2FDZXSJbsaPw1
2KAY1Uhd3fNAPbTiyuN5bcMgI35Yhj8o9DTid57kH5dLhoVJU94rW1G85j3Xz2/o
5Y93QybkVLwYZpNfBJ7+ip2YxNJEHTXIKIr7JTcLbfZO3S+eVfkqkXz6IC0dbWtY
EPnz3iRa0Jct6lC3G0JecJ3zqzOBtTsuj70ffOzMMUO90cycqFOVnE3mgAPPKXhF
F9f6J1JCNSBH2x9Me8cZO9UEvyDsHezcVvFrIBk+UZFfSFjY
-----END CERTIFICATE-----
Generated at Wed May 13 01:05:06 2026 by rpki-client