Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: 6etcNdqj4Fr33ZFErvaTE9YQd94oK6XRtiTxpidXjKI=
Subject key identifier: 72:A3:1F:CB:65:6C:52:37:C0:34:23:4F:47:20:BE:09:23:72:54:BD
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0543B78D140C584CEE31AD7C20F459E6FDD18A5B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
Signing time: Fri 08 May 2026 12:08:41 +0000
ROA not before: Fri 08 May 2026 12:03:41 +0000
ROA not after: Fri 07 May 2027 12:08:41 +0000
asID: 214432
IP address blocks: 82.21.125.0/24 maxlen: 24
82.23.13.0/24 maxlen: 24
82.25.142.0/24 maxlen: 24
82.27.3.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.39.187.0/24 maxlen: 24
82.41.57.0/24 maxlen: 24
82.41.74.0/24 maxlen: 24
82.41.97.0/24 maxlen: 24
82.47.176.0/23 maxlen: 24
84.75.129.0/24 maxlen: 24
178.83.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:43:b7:8d:14:0c:58:4c:ee:31:ad:7c:20:f4:59:e6:fd:d1:8a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 8 12:03:41 2026 GMT
Not After : May 7 12:08:41 2027 GMT
Subject: CN=72A31FCB656C5237C034234F4720BE09237254BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5f:cf:64:62:33:51:a3:a6:16:c9:c6:30:36:
7a:ed:2a:3f:57:c4:ab:f1:b9:ee:53:8c:87:78:af:
83:00:fa:fb:6c:a9:b6:48:53:8b:4e:59:93:77:d4:
54:81:7a:42:1a:2b:27:9a:20:a4:ad:ac:05:d7:fd:
5e:ef:cc:45:11:69:5b:b0:a3:c8:70:a5:6e:5c:ab:
04:2b:62:c2:38:1f:74:7d:ec:1d:cf:d2:c9:9f:a7:
9d:a4:24:6e:3c:86:72:de:3c:82:5b:42:f1:79:47:
6f:cd:37:70:f1:19:94:0d:14:94:ef:06:40:0d:b3:
76:bd:0a:d1:a3:01:09:1d:47:3e:f6:d7:cd:df:67:
49:bb:c7:ae:92:76:0b:49:53:3a:31:fe:07:42:4c:
f1:dc:c4:a9:a9:79:02:18:ac:3b:4c:6a:c9:04:24:
63:b9:cf:dd:e6:2f:36:88:84:7e:98:2b:00:1e:68:
4b:a4:05:aa:59:d5:84:ae:02:b3:1c:ea:dc:72:fb:
ad:b3:2b:a5:2a:bb:09:59:84:2f:88:ca:ba:02:3e:
ba:65:3b:0e:57:11:95:a1:2c:69:32:95:9e:1a:e7:
a3:c0:4e:f0:1b:b2:d5:0d:2f:f0:26:65:6e:81:ee:
61:32:99:0f:c1:eb:95:d2:cf:64:43:c7:38:df:ff:
9a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A3:1F:CB:65:6C:52:37:C0:34:23:4F:47:20:BE:09:23:72:54:BD
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.125.0/24
82.23.13.0/24
82.25.142.0/24
82.27.3.0/24
82.27.131.0/24
82.39.187.0/24
82.41.57.0/24
82.41.74.0/24
82.41.97.0/24
82.47.176.0/23
84.75.129.0/24
178.83.16.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:6c:f4:26:fd:df:23:9f:fd:65:c9:74:28:85:00:f0:1b:28:
86:f0:a8:7c:34:c6:16:5f:f6:25:cd:75:02:1f:f6:28:a7:6c:
d1:a2:74:bf:52:37:42:68:46:26:16:52:8c:15:9c:d7:24:85:
87:0a:2b:ff:4f:cf:e4:10:1b:99:b0:94:f5:1c:5d:78:69:d5:
d6:d7:43:f4:72:16:46:42:af:15:f2:40:41:24:d9:cc:75:97:
75:e5:67:32:60:35:0f:fb:65:3f:cd:a1:48:84:a5:ed:c1:3b:
54:ba:c7:00:b0:73:95:99:f4:e1:ad:cc:e4:9c:11:5d:3f:53:
08:0c:18:f7:ba:96:17:d3:32:f0:5e:c7:83:f7:7a:ea:f1:49:
f3:20:89:d8:39:d7:6b:c9:2f:8c:6b:ed:a8:f9:7b:05:40:6d:
fc:da:b5:4e:d9:5c:7b:e3:1e:8a:46:f0:b4:31:3c:2f:04:6c:
c4:d5:0c:76:f7:33:57:e0:d9:c5:81:6a:0d:97:95:b0:2b:26:
60:f1:14:eb:32:e4:f4:16:4e:47:97:63:42:5e:a5:33:99:3a:
83:fc:41:0d:cb:8a:34:f5:d7:8e:30:09:c1:1a:b4:19:08:ed:
98:e1:c9:ef:e5:ba:5d:3d:7d:46:28:fb:4a:e0:40:27:b6:f5:
e4:bc:c6:8d
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUBUO3jRQMWEzuMa18IPRZ5v3RilswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDgxMjAzNDFaFw0yNzA1MDcxMjA4NDFaMDMxMTAvBgNV
BAMTKDcyQTMxRkNCNjU2QzUyMzdDMDM0MjM0RjQ3MjBCRTA5MjM3MjU0QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSX89kYjNRo6YWycYwNnrtKj9X
xKvxue5TjId4r4MA+vtsqbZIU4tOWZN31FSBekIaKyeaIKStrAXX/V7vzEURaVuw
o8hwpW5cqwQrYsI4H3R97B3P0smfp52kJG48hnLePIJbQvF5R2/NN3DxGZQNFJTv
BkANs3a9CtGjAQkdRz72183fZ0m7x66SdgtJUzox/gdCTPHcxKmpeQIYrDtMaskE
JGO5z93mLzaIhH6YKwAeaEukBapZ1YSuArMc6txy+62zK6UquwlZhC+IyroCPrpl
Ow5XEZWhLGkylZ4a56PATvAbstUNL/AmZW6B7mEymQ/B65XSz2RDxzjf/5rTAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUcqMfy2VsUjfANCNPRyC+CSNyVL0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUhV9
AwQAUhcNAwQAUhmOAwQAUhsDAwQAUhuDAwQAUie7AwQAUik5AwQAUilKAwQAUilh
AwQBUi+wAwQAVEuBAwQAslMQMA0GCSqGSIb3DQEBCwUAA4IBAQAMbPQm/d8jn/1l
yXQohQDwGyiG8Kh8NMYWX/YlzXUCH/Yop2zRonS/UjdCaEYmFlKMFZzXJIWHCiv/
T8/kEBuZsJT1HF14adXW10P0chZGQq8V8kBBJNnMdZd15WcyYDUP+2U/zaFIhKXt
wTtUuscAsHOVmfThrczknBFdP1MIDBj3upYX0zLwXseD93rq8UnzIInYOddryS+M
a+2o+XsFQG382rVO2Vx74x6KRvC0MTwvBGzE1Qx29zNX4NnFgWoNl5WwKyZg8RTr
MuT0Fk5Hl2NCXqUzmTqD/EENy4o09deOMAnBGrQZCO2Y4cnv5bpdPX1GKPtK4EAn
tvXkvMaN
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:59 2026 by rpki-client