Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
File: AS214432.roa (raw, json)
Hash identifier: OMBrBltsyvnEoEOX5S4+fQhbuyKCbecbtP8r5q3SCTs=
Subject key identifier: EE:CA:B5:02:4B:B7:7D:16:81:CE:00:87:BD:09:B0:0D:56:FE:17:10
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 15920A28DE67CCE4A650890DB44859F7A0F4D80F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
Signing time: Mon 23 Mar 2026 06:09:17 +0000
ROA not before: Mon 23 Mar 2026 06:04:17 +0000
ROA not after: Mon 22 Mar 2027 06:09:17 +0000
asID: 214432
IP address blocks: 82.21.75.0/24 maxlen: 24
82.25.142.0/24 maxlen: 24
82.27.3.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.39.164.0/24 maxlen: 24
82.39.187.0/24 maxlen: 24
82.40.36.0/24 maxlen: 24
82.41.57.0/24 maxlen: 24
82.41.74.0/24 maxlen: 24
82.41.97.0/24 maxlen: 24
178.83.16.0/24 maxlen: 24
178.83.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:92:0a:28:de:67:cc:e4:a6:50:89:0d:b4:48:59:f7:a0:f4:d8:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 23 06:04:17 2026 GMT
Not After : Mar 22 06:09:17 2027 GMT
Subject: CN=EECAB5024BB77D1681CE0087BD09B00D56FE1710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:87:87:9a:a4:6b:01:dc:29:19:fa:d5:c9:3f:
5e:45:2b:47:47:b8:1b:dd:ed:e4:08:be:05:b5:1d:
ca:ca:08:99:d6:e0:3c:f5:74:c0:9d:fd:32:e0:ef:
20:a2:d5:bb:5d:d8:ed:8b:59:ba:53:df:65:0e:1b:
44:01:bd:57:8a:38:c8:bf:ba:26:9f:68:03:a0:f0:
ed:fa:32:42:5e:15:78:3e:3d:07:1e:44:1c:a4:e7:
83:12:2b:dd:3b:e3:9c:9c:a4:9a:40:fb:f9:b2:cd:
bd:e3:ee:36:5f:a3:d8:a3:bc:45:4b:62:90:00:2a:
c9:79:f2:5f:00:73:c7:bb:13:c2:8d:82:c6:b8:32:
88:f7:9a:e6:ba:de:45:6d:43:6a:84:9a:46:0e:32:
a3:5b:7b:70:8e:bb:f1:fa:d2:45:d2:c1:e8:88:7f:
25:7f:2c:86:09:67:8f:1b:56:72:44:df:40:cd:a6:
ad:2f:86:26:35:6d:7c:8f:8f:4e:d9:87:9a:cc:bb:
c2:0e:dd:3e:b4:ef:79:cf:48:4b:90:30:f9:f2:32:
bc:9f:09:42:19:cc:7c:86:ae:91:ee:3c:64:57:8a:
a7:94:63:59:1d:1c:ac:91:46:80:bf:53:84:68:9f:
c8:0a:ce:eb:31:a4:93:6c:38:62:9c:59:78:11:68:
2c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:CA:B5:02:4B:B7:7D:16:81:CE:00:87:BD:09:B0:0D:56:FE:17:10
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.25.142.0/24
82.27.3.0/24
82.27.131.0/24
82.39.164.0/24
82.39.187.0/24
82.40.36.0/24
82.41.57.0/24
82.41.74.0/24
82.41.97.0/24
178.83.16.0/24
178.83.34.0/24
Signature Algorithm: sha256WithRSAEncryption
71:04:ff:f3:42:d0:6f:17:c6:a6:39:0b:20:6f:16:ed:0f:4b:
17:10:7f:ec:1b:c5:4d:69:db:13:ae:96:97:1b:ca:80:62:56:
b9:dd:fd:dc:1b:dc:87:ac:ec:ec:15:f4:07:24:ef:3c:85:8a:
51:58:fb:f8:ff:eb:5d:dc:e7:46:f7:37:14:96:15:ad:a1:36:
df:c3:6f:ec:bb:2a:f7:44:3d:59:e7:26:ce:ff:21:c2:b0:4d:
8e:c4:af:97:04:0b:34:ae:df:ae:ed:8d:75:ed:66:84:69:6b:
58:35:25:37:01:1e:a8:0e:53:c6:0c:5d:b9:60:b6:0c:96:0e:
1d:43:6b:1b:6d:a7:17:fc:7e:7a:13:00:3a:ae:f7:b5:76:61:
9f:45:cf:11:55:1d:c5:86:6d:16:06:47:5f:09:78:2e:78:7f:
34:8c:74:da:4b:19:24:5d:12:ad:7b:80:5f:ab:b9:59:f8:b3:
94:97:5e:e9:9d:11:fd:14:df:85:0e:e2:d9:7d:d6:7e:19:d1:
4d:ed:38:41:09:d9:33:25:f4:77:6e:4f:e6:48:43:31:a3:32:
35:5d:cc:35:b3:3a:f0:3c:fa:dd:79:f7:5f:3b:35:2b:b5:29:
c0:31:0e:16:76:cb:b5:a4:99:cf:de:af:f3:6b:f2:9e:89:9c:
c3:f4:d9:14
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUFZIKKN5nzOSmUIkNtEhZ96D02A8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjMwNjA0MTdaFw0yNzAzMjIwNjA5MTdaMDMxMTAvBgNV
BAMTKEVFQ0FCNTAyNEJCNzdEMTY4MUNFMDA4N0JEMDlCMDBENTZGRTE3MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqh4eapGsB3CkZ+tXJP15FK0dH
uBvd7eQIvgW1HcrKCJnW4Dz1dMCd/TLg7yCi1btd2O2LWbpT32UOG0QBvVeKOMi/
uiafaAOg8O36MkJeFXg+PQceRByk54MSK90745ycpJpA+/myzb3j7jZfo9ijvEVL
YpAAKsl58l8Ac8e7E8KNgsa4Moj3mua63kVtQ2qEmkYOMqNbe3COu/H60kXSweiI
fyV/LIYJZ48bVnJE30DNpq0vhiY1bXyPj07Zh5rMu8IO3T6073nPSEuQMPnyMryf
CUIZzHyGrpHuPGRXiqeUY1kdHKyRRoC/U4Ron8gKzusxpJNsOGKcWXgRaCx9AgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQU7sq1Aku3fRaBzgCHvQmwDVb+FxAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUhVL
AwQAUhmOAwQAUhsDAwQAUhuDAwQAUiekAwQAUie7AwQAUigkAwQAUik5AwQAUilK
AwQAUilhAwQAslMQAwQAslMiMA0GCSqGSIb3DQEBCwUAA4IBAQBxBP/zQtBvF8am
OQsgbxbtD0sXEH/sG8VNadsTrpaXG8qAYla53f3cG9yHrOzsFfQHJO88hYpRWPv4
/+td3OdG9zcUlhWtoTbfw2/suyr3RD1Z5ybO/yHCsE2OxK+XBAs0rt+u7Y117WaE
aWtYNSU3AR6oDlPGDF25YLYMlg4dQ2sbbacX/H56EwA6rve1dmGfRc8RVR3Fhm0W
BkdfCXgueH80jHTaSxkkXRKte4Bfq7lZ+LOUl17pnRH9FN+FDuLZfdZ+GdFN7ThB
CdkzJfR3bk/mSEMxozI1Xcw1szrwPPrdefdfOzUrtSnAMQ4Wdsu1pJnP3q/za/Ke
iZzD9NkU
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:35:01 2026 by rpki-client